Analysis

  • max time kernel
    144s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 03:13

General

  • Target

    65d05a8e3ac315bab652fa712af93fb1_JaffaCakes118.html

  • Size

    41KB

  • MD5

    65d05a8e3ac315bab652fa712af93fb1

  • SHA1

    4010f316623a21d71d0ce1e9ad421bd323e2f973

  • SHA256

    06ee97a8ba956ebf9f20e3c68682ea99ad268b148bd610a659049364c95e903d

  • SHA512

    2e565b70f463f5b576bc7b3e2c53d9933730e4ed879da9585fa38192e950b2adc9cb7a1f8c95dadabed1f6db3b7298026da6dce5c35fc11f2df092d06bf60e17

  • SSDEEP

    768:SO1x/UGuWpu6qxctQCeCvC+CGC9Ex0MUPjGkcDNTx8Tx/jCUNtRXjVEV:SO1x/1uWpu6qxcij+FrWMULLcJT2TnNO

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\65d05a8e3ac315bab652fa712af93fb1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1116
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1116 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1676

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    80a0c04403ebfe164af05859f86dfbde

    SHA1

    6c3f113c0c9f4574542a8ba2ed4da36f208145b6

    SHA256

    f560679e55e69ee6bcbaf7b4f1f0e967a67033f3705b57c27352e877c7ceb5aa

    SHA512

    e4562fe8658d67e29d4f12333b500f845d3317c21d46247356c01978179c7a4c63a62221fa226ff31deca6c075d1d0a3aa05a184eafb96a4d6a9a35666060256

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    43f42ca0955555c8b284a1602f7cb06f

    SHA1

    eed8f6bc2e32d5c00ad0e2e4c76d1bc490c7cd21

    SHA256

    dd8f804b6d467be87f62887b7b0888c6e24ad5beea686dbea6527f17c06acd5e

    SHA512

    1a440a4cb7f9a188667d6f39e19d73758a1a6a0306c9692628e3c0dbdeb0b1bd8e0b74f2ed00de72561c8cb0b226a33f6b183a6fb9e5f7ee1710e11197ea83f8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3a00fe646777eb2a0cee73bce1405fc6

    SHA1

    2eb6e07d9d70739abfcba42ca7a212eacf3c0ab0

    SHA256

    2871b2653d6a592bd59bb269cf9dbef9c0767ccbb47725c7b541e1d420a02bc2

    SHA512

    6e2f40f6a6886dabf50f4cd5fb19bf7bbf37891af6a2c14ea626e69046c7380777db4dec1ac0ab5f897cee9a1639a42241afd22fb62bd3b6d9c4fe922467a589

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    22d25746e32f79123a70ffb6476206e2

    SHA1

    f988ddd3831f45b850d0dad34d1ae5b0d4ac1ad1

    SHA256

    ab0b4f424a47c3b91ec831cd6024f208f99cb4671cb5c5b1e4520c84c18606d1

    SHA512

    3a518ac7661367ac1739cab5b52a2a5762c15964f1f745ff20f208945153e6a3befe2400d5a4edf8813a86e6c5d8fe03beae1bd58cc84d9b977bf2f7fa81a6d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ae06265b091a006e1d4cb7773111688e

    SHA1

    979d1fcfb13402a83a5c89a25363ee3909046093

    SHA256

    4cb723c8c4952fbb9f0bcc66986f42f16e03f096233ccd9c1bbaca2e03ef2955

    SHA512

    fc4bcbc706702024df5662ee3dc03e138e16f4e1f1d789e13d7d99aa013c43bc2097c5efb2aa2cd6a1830d86a15e2102a086bbccbc999ec01f8bcdf571feffd0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a502fb9a6854280c7629e2ef1ab11c67

    SHA1

    f2d074dbb168fcddde607a791c22d82360761d68

    SHA256

    076a20938fd8764836fe5a4e5b9ba3587f6c08724ad5a56e588d835339022ada

    SHA512

    fe6c0a9f9efbe29d00538fefecbf0825a1fac4693c7718f511b53355064a10b494d37b13442ef619722334766ae332b1c45c4fc11f3dd647aa6676309d4d7fdf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c09b532d7dc82233eb8c2bd8a8786567

    SHA1

    95941063547610cb19800bf32ecf279bcd0a280b

    SHA256

    4e7c8ad81531a758527e030aa63ce3e573fa65d371f4d62cc6385508a3cf2ac2

    SHA512

    53f2ba3936dcdb6481f1d41933e9a8f2e4026e2c99f61e59dd862e466dafcdef33bf4c4901a136da3f564f87a053fde74b57f23c17fc93056ab674cc0f8f9b35

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    71f98790fb430b9aff5f764f2c33e255

    SHA1

    7dbb8e9a52f62c0a154f9ff6d5ca9142f1c1d43c

    SHA256

    49cb10d3ae85aa9d4ae244cbc4fac27ffa16801d3a153043c1aebf4914a9571e

    SHA512

    7321361b6695db075a34f8fe8fd6da7d515567ea80825def92fc44306881ad4ef5c9540bb8f294b280625f23bff2e6900e332e8ea91019c2d075fdef363583b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0034745c7a2c73e58f91ee06e9df42b3

    SHA1

    bc4e17e3dcd2f1908ee336c796ef2dfc9e28c186

    SHA256

    31edfaf717a75713cc67dc7fd9fc23a3a89e11e87a5bd538c8d2feee7d085723

    SHA512

    6aad43f3fadc355acc80b4c6fa7e41744f95ba0ced01c856d6522549d4e19e8c7f3f8bac2a655662994f3d5aa316e6b2137f7781de542a20c129c90a5a334ac9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d3e23413563433e10e058f9bc12c7444

    SHA1

    b166de120eb1be3265a31cbde1dd4d56670a2dd1

    SHA256

    0c938ba068b2b04ee48926090f6ed59a7fb2e12d4da277d3442b52f6488715b1

    SHA512

    4571cb4ab8acf8a134ec485d583ebc9bc91a143a143f5a96c69a0083f6bb104445d0b1b5e306120f14eb5036de5c614dc6d10d6d3bf88040044ea8f0fde2e1ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5dde29cfcd43ba6d4ca8d6c56322818f

    SHA1

    bb58e6e99a9c056d1cd7cb6bdfc77f15d05cc1e2

    SHA256

    ffc6b3422fabea120667ffb20caaeb89a9ceb87ec70a3db8acdd6d486935fb84

    SHA512

    233f6f05641e0d8a1c62349be7d40ae8082e6e55c9fc921e8853611601703d8329ef5b72b5f07f3a4a39ba92326581fcf246ce70669bb53e7ba9633ee39c3019

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0bd3aacb7105845167bc20ecfae61b12

    SHA1

    bb7698cdd88bd4fa6d0da36369b16c54a30d5b2e

    SHA256

    6acfa5828d8095a3a4ffec9024ea0f63a2cc4d7e481345724c1808478d64c4e6

    SHA512

    e19770a1d49ee461d52511fac4bbc697d3ef0d569932cb7426f78f3781bdfe39b4b9368cc9d6858fd8d10a8dcba51efa4dc43e70589467a2ceb999e878b1bb4b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9b15e30bc5190224a856802d4827cc07

    SHA1

    dbbd4d744491f221292da3b9a2d23301ef0e2720

    SHA256

    c87fb8987dff8d1944a2b5912596f7132388616dab4c9223b69d980f12b567e4

    SHA512

    51a7bb072a666704a11d31eeec3c6e44ec5a66a5f344054fdeb41dde29ce3f7c4c55045236ea931224db6ced4e29be25c9249c6d1c1be16d8a13681cd8cdabc8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d6440e0b0636376a72afd68a0c3b9deb

    SHA1

    b7f4f768c2747f78f75d7cc47544113e9f5c6f3e

    SHA256

    23463eed5c604c857e57713aabe9225c750b35ef8792f333b53de93bc2a207d8

    SHA512

    2c90b4bef568ef6dd7a856a74dd19417c173860b165f8f1a2042bba6be5f72f252e8170f9237c20919cc163910e9954111772a0a713398964241280cea4a725c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6c53f2e5e5e714d0bad1ee6c73af8164

    SHA1

    710efbdb26db7b5bbbdd6f93928e81b0cbf28945

    SHA256

    94a565bf0f4979f2fb75f712a040ae434a6a123020657edd1993eff849cc7d43

    SHA512

    6a183f9e5a5768a275d26c2ae49ab39b72c96ac5de88ddf2a50fc9b7dc1bbc0c43c59b890a59301f7f9b2181efc293dd782534865c148bc4335bb93f1f5f9f0e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d6802428017f7964c452177e285948f1

    SHA1

    9aac0d4517a784880416fa34abd851f249381449

    SHA256

    84d1839c58d3e7a7d6719b34ff1266f162dbcf49b39f1ec5cdab3e8f5d359407

    SHA512

    48030531243ba595933928b886c447eeb165684ebd877df77829a390dd23ad60b11cf99df562c17ca23cb489750f4f977e5ea82f5a1652ccd1f0cdc39a68ad96

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ecf99de94b05fa657d29c6a8e5a06d3c

    SHA1

    eb4469067a6a8a51e200190fc9482635fdd67572

    SHA256

    991d8ac813fbc66ee0637670c15372519e241b61a36cba28181166291c984cb4

    SHA512

    c71def2bb157a144248cf8bb02828731d4d6d7ebf7bf9f235389a09617aafc268e280b82bb9c8eac4c35bfe160b892210706ef290ac0f363023cd50715461517

  • C:\Users\Admin\AppData\Local\Temp\Cab2CBB.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar2CBE.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a