Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    22/05/2024, 23:01

General

  • Target

    68efa3979c5d9dc06ce00edf81439a49_JaffaCakes118.html

  • Size

    94KB

  • MD5

    68efa3979c5d9dc06ce00edf81439a49

  • SHA1

    e7d60effc9065917aa0748a0ca7ef907391657cb

  • SHA256

    98376cb8373a666192ac420b1a91dc3c500180660d77dacf16b03703ce84340a

  • SHA512

    d113b90adc6454828b5baa269d92e1334b7d5c7d95a4441f99898bcb0fe77b2218a40bc2d16c776af2760a11b37ec7b5c24c893d4c18be8a57394a025252ab14

  • SSDEEP

    1536:WMLiNV/SFL1cfLKNnC44ENDl2vvp7LLJyEGjcZaBdkrY8mgHC+qpEyW:WAi18DBdkrY8mgHC+qpEyW

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\68efa3979c5d9dc06ce00edf81439a49_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1720
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1720 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2936

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9a1750a21d45468acc53ecb9b19c6dd0

          SHA1

          faf6cfd7300d07846e07b3bfc8052a18e12e8a08

          SHA256

          1cd35310522a2f485e9a320939260674d25f7b3c0e94aa25fdd880652f458e72

          SHA512

          0eaf1f0c6763353dd803bbc10aad3eaa0078e28c184c442945844398dac90c0a6928279b672ae2a7abdf10c56b29f5a0e8911463a258164650640bef7f2763b2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5d9b624ba4ab7d3e84d570825aec8533

          SHA1

          6a310aec216a02f0906d5e6b3c39198a2b261ce3

          SHA256

          296c5efd3801bf215dd4bd228641825bbb464a1f13c0dacda43ad6fabee86c65

          SHA512

          442a0c96d6ab7fb66a7930b0a666457857bbac5d19c6907ea7eae5753b3ebca940e121f34a698868276bb04e1acf687d6b2a72ff3ced5251b679095156567f20

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3bcaa2ccaa01b90e735f5a8aa365116e

          SHA1

          f4b928f0447a99bcf782bcb2a39957e79085827c

          SHA256

          5364c6de3ec0b69f5d58bd0536a95c7f7b83286f41cdbe4cb05301874a8d682e

          SHA512

          6f504e16f8776bb363b4e7ede6c2e4abaa9cd96eaeaf61a2b30a3f831c42693d564a192dc9e4a77cef8ba4dfe20051ce437930c8588b819abdd72762eaf488f8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c9bf70a54c34341d01325efdf002aba4

          SHA1

          299a81902c8db368ae611f1986dd8f856442b6f5

          SHA256

          1b00d6c6f788503f2dcf134e0a128769296c1d291da22d4f7b195ed5ccd36055

          SHA512

          2e0d04383d87c3553860b6fbf7c200f81e1625279ad1414ea4b2d2bf07f10f6dac2e96a55e60b2d3da405ddd51b8003b12d9711dec5b9d9c442ae6ac6763df53

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8d13ea209ef65e417d719d1c20065679

          SHA1

          9534a37ec712e05d6aff297d76661e8cf0bc1cf6

          SHA256

          c4e0b54692773dda3abcbef8592d0584302738b45dd5b4a1b16b10d9d67cdebe

          SHA512

          345f4a15601d4fa27988c3eab5821954889cb3eb5129ce164a4334836c34d3b6fc7f7404c815cabca31582962373054b102ddcc5e96e9a0814f6d3fbf9cb9b0c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0b1ad7bc4a4b9c0fc58959cf8605aad0

          SHA1

          1b45342c2fd9edc4f0e91c2158954bab5eb3af41

          SHA256

          b2b46bb75c7b5e70e7923e396661a0f32e9cfc82befc998c312e3b18e5aa5527

          SHA512

          fcdb4f90315cefb3f2762b0d4a381e0b548aec6fc5b3f36778194de66751d9bc0db5666461d0aa25b3b90913e0566b30aec0e596a6e909e944165ac5778e1ba4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2999c2c26a40597e728522c7b8bde739

          SHA1

          0b3fc1e4dc5d3799e4e7499e0f5cd2eccbf1525f

          SHA256

          0dbd3e3b45f65f67ef1f4425e9e664c0887792e8760054bae7d298ac371aacea

          SHA512

          a01e9b183f94fbfd5473e35b97c943bc25d471b6c788c18fdaabca0b06602accc55aaa13e548f65c02ae36564bdfcd4946871451d8590d1231f0ec3a44be6b24

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7bff365b60bfd1980f8a546eb4515a0a

          SHA1

          4306bb05e75561fd685a4efa88f273b5e8a18206

          SHA256

          fe2ac23925dd39369cc546ac28c70c7e0c2fd1fc4efac9df6e9732eba3d64ca1

          SHA512

          4c1453a19f8b5b63895d80c5800ac26d46d5c43721a74ebcb28819ac24033f5fda03b54b8dca11e5d11f89e12c203a7885c554162858cbacbc8b205372483b92

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4e38bfaa2c7c380f46e656364ca06d26

          SHA1

          c6d8b56ff9cfeb51ac722e01659fd8ab3c098727

          SHA256

          7c3d3e1c8a8734d714b02e73e00410303f2e30ec77c5cf061957897a40042c18

          SHA512

          fcb7a68c719d133ef645029a33ad27f74332129f008de5726e6599aff6a9c6662abb2278003c5bf70c5183db69fbe116b187f439ca90ffc574d589b5314e5eb1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9500c61048c233fdde83efa7d50ad1c9

          SHA1

          3e153a2a8142b85b09f340f994201a4b1aa0f35c

          SHA256

          d60d2d8b7ee1d9f70d9ddb3810ab3f0e28daa54436604ab3a23027fc82f41dc0

          SHA512

          d53dba1e0dacb99830926151b4645a2d72e1065b604d21f0df7db07ad377f8c960c9428c0c0cb250d91aeea677b6e88b81ec8ec4f93face41e0e60e8597b5938

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          33c7fb70d1431cdfb3406e71bc89370b

          SHA1

          a4572548a9e04bb4f5e3a5fc23b5827d45fe0800

          SHA256

          eb65a90d1102a24dd399e0ed4e59077d52430125b7cdac68055ab01ea046170d

          SHA512

          2eed10add0a8e1405801e17e0e89779f3fb7d1f3b31bd2e6b4f22dd9807341e97363d3d4ec4685469f9bc228241f92b6452a6df7681a3079b4a20f726ff67573

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6d08ebc098c7369484c511cfc3a52fc9

          SHA1

          5cc6a809e19eead7e952c9aa2915fa877eda3e79

          SHA256

          079f8aa82b244196bf655937cccf36687a9efbd0b86d1d2249e5f7263ad9df93

          SHA512

          71097178d1d1895889715482178170f7274e3ce2d9a943be06b006883e22309b2051e447550fee302fb64886aaf298ba2c805b48b3cac6e50c289858f649d4c1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          44ffedec61f5815050c1e43a46ce1673

          SHA1

          24cc8c540277222d55cc40c29cf0185d2ff5e462

          SHA256

          207ff3ff48a14cded8c4dd0f1c6690699d8e3b8e4d912576ecad4b3e2bde1221

          SHA512

          4fa4d3872ac8f0cdbbfc39ce65c45b85e039a46da7384af62fbc7e8621aa6313689899d1f4d2d019bddeb12c0f6794056484c8372f485111de0fdace28736f97

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          eba28121cedc74003a2edba2bc32b1f2

          SHA1

          ab311cbda89d9be1fc2c820bf38b140a6c82d84b

          SHA256

          20ae8f00baa435ad88f6b64fbfc15f200b10eee7a1fc9c31ff3b53ef206c2075

          SHA512

          a849deb302511c6317ae96e3435792d2ee3de7fbfa18f3dfe54d4faebb7768e7118e76d2e01d641024cc5c80a9963bf93f7476ee4c59c9fc98abf5446fd6f7af

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8f0b9f4497b82f56cfe601a44d5ac9ec

          SHA1

          5d2157ecb0c99a96e24f5c6ba3d23a5c2cbb2d69

          SHA256

          5d6441c6077f612aa4748b37a7826afa57651986adf1c3cfc6c404a352d6952b

          SHA512

          da70381b040cdb309a729d500ffc9b4ecfe0e00d4ca13b09493468296329a376ac7a6fc5dfca2470a0ea251a15f4da832d69cbf2a7d457f43c5827e62c3703b1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          bc20306ffb272554de85636b96940bf6

          SHA1

          d5a9a8ca4183a66972e4e75917d04bed1b06ed50

          SHA256

          46bbe02035a0ee6219cc7b8c454a7c97024569070c3e190946b8021e0cf41044

          SHA512

          bdc0260c5721080b37831e63da3214852b1799df7d47f2f2a995a698da0bbe701346232db978d51b411e475e2542086e9aca167d38fdea05ccb0ad8c8937f417

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9f6e2e97b1df223c3b3f3370e1305fe2

          SHA1

          b29641c13bd5c02a215f410609a41ce0560ee248

          SHA256

          9495b1acff41882c2343a8f918a76a0430881631cf4b8db3a1d496911fcfe571

          SHA512

          7ec6bab787870411bd050bdb8f0ed2d7ae85cd0886bcda265011ca30cf7d9e3b34fba081b9b2e403994894bde56a3215793b3739809abe932d91da4759190706

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a56bbfad5061398609430f4f7bca32c9

          SHA1

          fd8fe882a134aff9712249e4b9913320a497f89a

          SHA256

          a73856d13fe4b6713c8093e448ac67e029fac3e3558621a44e089ec3c75d1b66

          SHA512

          245d2c680a7902402fc825e8460e771f6b3d86612d51e4edc5e8bc24465ab3f1c5b187c7a9ba39ee8c77d4dac768c21d5425ec3469916abd247ec40056f7a82e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          236fa94331b86c657485c87e179d7f3a

          SHA1

          0e86c2ae256a9a1a3de3ad988ab6d62b52ad8443

          SHA256

          3875cd45b833dba77adb61af532170231192cd85fc537536c31ff60ce69f387d

          SHA512

          b158603830bbd183e615778f575a2813bf2333ff53b0d541bb04909c45fc2e0367237ca3fc21dc25840ab319a79594bfeffb218d91aad0d056d9ed1b7e4a2644

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SVBQZB4R\styles[1].htm

          Filesize

          162B

          MD5

          4f8e702cc244ec5d4de32740c0ecbd97

          SHA1

          3adb1f02d5b6054de0046e367c1d687b6cdf7aff

          SHA256

          9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

          SHA512

          21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f

        • C:\Users\Admin\AppData\Local\Temp\Cab8BFC.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar8C4E.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a