Analysis

  • max time kernel
    118s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 01:08

General

  • Target

    657704a62beb038bbda0c69899eae4ca_JaffaCakes118.html

  • Size

    6KB

  • MD5

    657704a62beb038bbda0c69899eae4ca

  • SHA1

    d0b5c2b3f6960dc441c872f1778b584c632f0721

  • SHA256

    e423e11d729008588107d069f9c8068cd34ddf0c58fb5b4fc767b42c481012d1

  • SHA512

    ef32c0ea698d9524d0ddac1f36622c9c5c4cb9a4cba4981f35579838c3d73059cda1df900f9fe63d2281d94a8de4c0ebfd9d0a3824af9ad4a9d8142356af1be8

  • SSDEEP

    192:A4haRlaAB8Yq1SLLCb4YHX4Ea64x0yphD9prnNf:A4hQl1Xq1MMO64WyphxprNf

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 42 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\657704a62beb038bbda0c69899eae4ca_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2216
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2216 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3020

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    37ab51b88f763762777aa909a7d3b805

    SHA1

    8df2a3c9c64e2c8db1298e572409be50e2104b05

    SHA256

    ae7a3adbff9d4c45a56d950a038ad72f1ee570d6d9db79618e5e9778f7cee599

    SHA512

    07290dfaf7aa3630b6d0c4bab524a2cf9cf5e0b84f0a94198d9f348f59aab5b98d5c7605fd712fe81e04353eb6c7d2b09ef53fdd3cd222df5ea52982118aa84e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    622b493b7938722fbb079045df61bb3d

    SHA1

    5ad32fa279ecec08390a57c7ee64a483aa545d16

    SHA256

    3fd9396edd30d640de943eae777b478fc89bd5ce517b40d01f0897395f889dc0

    SHA512

    52139e4bee8bd9d1b7a00961be0b115e5abe0240dd8a1fb8c64d44db6979f3e650f88ed6f34fc40c7596b3587e03d16eb808b1addde3ed2db31c7ae5cc4c5ddb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3eb1ada57d79da8813087aed8a7dae62

    SHA1

    4e53a107067297e8f29f48616a21fc82b5c4eab8

    SHA256

    fc48f251c0820299067adbc78564cef4a3e27cdfbd3bd2924f772f201095eabb

    SHA512

    2c4d0d4eb0df9eeba48fe6243da2cef78b83ad33adca893fa250a483a6b1f9dce23c1b8b9e75f0449fe5c3123218850abaedaaaa50954fb2757619a9fea9438b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    db498db180c34d56616d52236682df08

    SHA1

    61c5034eaff3dbfa2162f681fba0a3380aa647a7

    SHA256

    02e7bb3d8340fc89963cf48de9d9da12061ca7a8cf8e340ffa341b76baf10a17

    SHA512

    f679b698c2b47ea4ee7561be95dd47c3d346ef17c1cccbc6103b5124baa4d09ec72eb03b8e179ad61c9f150d80c40836c29c11ab7beb4c6f01667c2dd557a813

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b365d87953df01c40bacb6b2753898db

    SHA1

    15d7baf7c3717091e8e06d3953e226db429aad6d

    SHA256

    d30ccc9ca9a760f7b57b4273a4a7009c2b41c76c9ed7937317bde0e6aa595d6e

    SHA512

    eaa797914e39e9b3f275d9b72be7d99dc4e4b1564df12b97c5ebf0f62d293428f8f5f938bbb4d0d3fe902574904ee674ceabcbdebfb7df660c14ca200de93d43

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f886d90b23a4c8ad6434f5d241bbf218

    SHA1

    0ef5e535a97edf20fc667a69eb326f6485ecb130

    SHA256

    8fd783a44536c4ef629f8ba812688d9c79d2c9c5749e3f5cb476ffe204e04d98

    SHA512

    8e2ddfc4f68da6b2521d0bf9a10e8ebbd94e35a17df114c31afd0ee90d2fe9dd37e0ac67dbbd073cfe4504807f0aaf6224fc9e31dfeda579ff43441f68af32a4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1542e59e195f879cb6ebfacee9703856

    SHA1

    7faf7f24440b478e5cd45545d9667cc3fb13ba6f

    SHA256

    2d8b88ffcbb713779d5baeb216f0595e09b6384403becb872ce80aa94b90a7e7

    SHA512

    2a4fc227e600af039d99c32a37e4818c00d9871d318b01955e689e18d55d21a554ea4ff927b4c48a04abbf586ce8941f4b3f3e3905dcec190dc2675f30e48ce8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    869cd1fa51d6c10e65040846c23a6703

    SHA1

    45c602e363afda8ef0364735fb8b97493866a568

    SHA256

    c40759f8a0faa7c854333fb9a7fe39fe827e341eb884b6b3ea60be367c31984c

    SHA512

    7c2667e5102c549d2a4d2544d5b5ef74301284724a942c03c818dec1cf4ba7466bcf1a4933265c98e403190fea90c4041cb9f2d3fd3131e56734cba3bf1e5d33

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6d59e2c8d91a04354ed0b3632b30601c

    SHA1

    7f48a1a6b3fe09a0e0f1c54ce8152cc9ff6a3660

    SHA256

    fb0d476197090c7cc7f14c7fb3d8ab171a2ea6926427fc2bcb2c53ca366bcb82

    SHA512

    646fd1f57e58eb9383ef3367e46feef5f55d0381c19a827d98525fc76f515d76c69bf207024250ebcf7718280156272259ace02662182010ab8bdc73551a432e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    36ff9490ff5d21f242d19dbab3f28b12

    SHA1

    e5612021fc94dd030ae5b12ae18fd0cf20a7fbc2

    SHA256

    0fcaefeaf812d56179ed2f1013088ba77040f451f2f344871d2a0175cc69b378

    SHA512

    3237fdd4c66d7baa020ce133e9daab04cedf36c846ea0a798fc90318623ea550ab68222689bf90675dbd5622dc476b8f655d6acddf80b57af6277fa1fcfae753

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    934f5965fde7b520878ec3d454068069

    SHA1

    f20189a2c114873ee8fd605ff68d8648591419b7

    SHA256

    f4b4ec55c0d8ff02f0eaa14fa56f889bdad9a63062acaa80243f6e1aaff163a9

    SHA512

    0103fdb2ffb9545ddcf2dabb707bb044e99a3124518ea737bd968cc2591ef85ec3a5e8d3d041b9bfe64f5162f0f2a3b9740c1e25ecee72872a671da6121acccf

  • C:\Users\Admin\AppData\Local\Temp\Tar303A.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a