Analysis

  • max time kernel
    117s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 09:39

General

  • Target

    66d230bfef39a4b57813464533cf9b8d_JaffaCakes118.html

  • Size

    4KB

  • MD5

    66d230bfef39a4b57813464533cf9b8d

  • SHA1

    3e12f97e5bc47c9d5de4542f8ad37dafcc2b74db

  • SHA256

    a11f19cc3eeff4fcc947eed83daf407418ace7bc2045cdb3beb62b7e9ee5302e

  • SHA512

    19ac20657e3e6a7b281eb7d0f4dde4f5dd91833268f3a33f345304c0793c3176ae24c90e4f94516f94386760b9e8ce1854b1f876e0014ae7589f2c1b91c76b91

  • SSDEEP

    96:Pk7yJozTGknaEFHVKDZTBJl7sNjtXATIQFMA5e3fhrvDJUgwa71D5iJ8okx41zjR:Pk7yY1aEFHVKtF37sNjtXATIQFM93pDI

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\66d230bfef39a4b57813464533cf9b8d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2988
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2988 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2932

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    23ee69ff9980e1d9aa5875d8d6850e3d

    SHA1

    78f547951537ff8ada012ce32c1574c8221e25c7

    SHA256

    14576babcdb32a6e0d8714c2a21206aa01f222abcae30f1e52958739a23c09f5

    SHA512

    90ede27d18dc08991be640f94b1731a26d8fbc0234b4ff2f9f296ce742f5ac3fc8668f42ae7c426d8310c8502026c2037cb853f5d2ff6ffee960106fe44e3e01

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b97ce065fd87553784c6c064b504c39a

    SHA1

    7424de119bbeafc3cdc46c2f67b926ba07972467

    SHA256

    0216064a36de7fc752646ad6ce59c9cb30e5f98a48ef2b7d0a55d42811e4f5fd

    SHA512

    986654a57a40fccca0d26ee38ec13945bc8c4e7ecc8cc26b2f6d3aad7f982f150fc4fe44c556af9ab7fd2475bce32592c4992b324e07a18522c296a0af263bf2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    20373d037813fcd8978796e8aa106c26

    SHA1

    024417ed14419dbee71c6ef0f0f5778d750b4f2a

    SHA256

    b3ae6f6789335f74cd0502739f61b1706b09e968bcd26546d3d09bcd5f5ea67f

    SHA512

    b189f44c43ae5ff33384e416ac4b994fd513060c88a68396f57a7856959d5b9c17081bd06317358854564713f50e4f0b79a65027c28fa3abe03d24255ce2a0c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1b8a933124a97034d2ef2a04a3f9a3af

    SHA1

    be309d95fc77be0a9b540c3fab8715c635d04121

    SHA256

    a7e96c381c7366d4bce0381c3837d9f2a42a79c9e0a28bdc55a221d879bbf1f3

    SHA512

    a31f0f928f9e76945267c88a71104dea7e2cbff0feb2f8bdbd4b07afb15d77f60a500488969c139d4a014eadcc3503587d2c927badc70cbadc791ffce91ac568

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    22e9f909d01e995f124208a0ac3b8bf1

    SHA1

    23fe27013bf5d97390586008a842e82d6ebaa9bf

    SHA256

    7e9699bb4d439c7020bfb64eb55637503a3aaf1162018c484276b0fa2b93f309

    SHA512

    0c2cbdfc54cc5eb9d139be76be4beba7c5f00aa0a882507db06bb432c434d8d82ad45b1cf897ae60fb504e0dbc3d1d66756baaf12f941f09805c4fcb3ffe88e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    184815895019298a04d94743163c5f9a

    SHA1

    6267f0882699cfe5ec65d183941553e4990b6b5f

    SHA256

    51594232e8aca7196463602bf2073803463e4966e27a1153ca4074c0628a3fb7

    SHA512

    2418755599ed380db8b552c34bedae45c834039120d0ce2a1843bdbfd79c3e9777fe4ffdc40f44c3b74553687e70f2f9e2c418d258e3c0a9f6270e6f24beac74

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    72f52f462085acb3a50c69aefec9b4ea

    SHA1

    8a2e6c842f08a71a18f79b90ea9d3b6a9bf8c759

    SHA256

    a0907717cfa9c12106314130ab254c9808bfcc9c6fc4719fbb41aee0c72bfba7

    SHA512

    f4586965a34da2893f18f1abc0463c037626c054e08284fe994b2152775e1bc3f758a519ca8cf78b2040b1ced573ea02711db77f0346cadefbc264cec99d91f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    83e79c68bbc2dd378a41e90993bdb7bb

    SHA1

    3e6a411cbc0240ca0fbd360c8017159dfb1e8a33

    SHA256

    374701fe246becb14339b1be77df92073c46c8fff41478bc5706df9da5568edf

    SHA512

    1218fcaf39697f8ba275c25c96bd0b58a0b39e8ed23edc7cf5c47e9fe03da60d8601f936a30c144487bae282c991d726d0caa8432b7048f0ea14e2bca03a6251

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4a689fbabb2a76fee1b18134d904f579

    SHA1

    7063496d80b899b9e5d5ba8b20d09addff836364

    SHA256

    0ab870062f52674d741799e7375411a869012d4727c23674f56ccb51d44d4772

    SHA512

    01b70dea0bcb7864e47a32171f8e383bec7bf192ea8c78bba4e165af43056c69c4afb6ea19e1b4e73f7a74aeca72014c5de6a7dee53531f0d0aa00cab4d5cab4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    361f8e50e1ce4c67502cddc249400c73

    SHA1

    7eb65a0455525bcd8e418345332a6686c0e492b3

    SHA256

    50118e7a8282284eaf578d95ac660c799abac3094a54fa9db934cc82815a53b8

    SHA512

    7da0b32857eb2cf0ae335adc1534c5b7fe0ad4f71ca3697876e4df3d4a221010b13ed2b34c9b259d001a77a0f464b9cf7b0bef9d730e016711961ae775ed8282

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b2bce2a71fd33a2d1da2dfe4672aa914

    SHA1

    0cc37eac8593b79fd92473574a30b93953a8c17a

    SHA256

    33b26292d35197b2ebe15ba449eaf583b1fcf607d1dff0a826728506bc8b7bf9

    SHA512

    4ac9605e2620a5e9ce24c527eb76f7a79061d03546fc7c6bcce0182a0a4fc547276973acab63815359dc7d1b3882a5460376e5090143e0a3d7ef561bd3e39808

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4593d5232f17c0ef6e214b23fe648f8f

    SHA1

    dc14b88c6ca211b2eec4ed62da428b6e0d4b7c1b

    SHA256

    8880382e2e684f89f10c326d2c23b39464408252e3b99a961caf3f069aff7092

    SHA512

    4292d8a3d0e15f3af2949c10590463e25472179690658ed02d89c5ddbaf3390da5396a8b23727c4c4be950d88d9c76235429e696b8a4764c6797f4ab1ad9d73e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    90f279db79f31e590eeaebdb86c24beb

    SHA1

    791c0109f3d60d20ec73ba8c7922f007e08ee665

    SHA256

    0fdf34f4eaef501d938d2160e0b121a6b325a46bf7dcf62903ad271969f48a9f

    SHA512

    89e48223a884657252775003691519e0c5461f707cf93ccf06c24dfa88c59387820c180e63f861ae956491bc971fc5722683ea5ba58fb513a0d681f426c1c77a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1e91ecdb427e13c0a1c52d35fac73119

    SHA1

    b2bf24e08c046ab7b9ef3babf859b67034966eeb

    SHA256

    90dac33b744ef1fd6c86cbca6f6cab7db4c99e0cb7d86c6186a6c3e42565b1e7

    SHA512

    277e37959382cf9c8a06ffd85e6a891fe9f5a5c9bba8bfa957696692d70c716666a4d0a8aed64bd8284434b182843bced41ffe34e5de060a4b00ed013ee7acd2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d4bf1fee8756babf3f6b94f1f4f8d332

    SHA1

    fa0b7cb4ee96d244c08ce951113a7d989b95736a

    SHA256

    44be55ce899db27cdda323f9211aef3f70d67466ca7f97578b39d1ede97650c7

    SHA512

    537d768ab05ca438b8392e72888917820230a988179fa79b367c1bda9849328a9080c5f224c7b76e6823aaf74ee41a1e8586ab1789be62f966e55b88e6aa6fd1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2d9a40eeb1f820b5d00ead72654c6e9f

    SHA1

    eb284b653303a50017af43a33c062a0d401fdb3c

    SHA256

    55e36af9d8c1f4cb514314d6e9bb759bcfe40a0015f7013641187737e47723c5

    SHA512

    f7f552486f506db02bc934eceb939cff40242c56e87bed194a3fd50aa80767aaa0132ebcffa12438d24485ce91466505a28a8c0c8c63a2037ec5abd31b91a863

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4fa25405c2b2fddc244c1ae8994eb6ea

    SHA1

    ddfc3637630fccfb598263c7c3a289605789af4b

    SHA256

    40100302a18cb1cfdef4e5e13d7b7dff9242dea83a11dca1ef7fa15fa51b2047

    SHA512

    a7b1681084d6477315a5c836fd0607b532e36bc85e5c53fbaa09780610a4eb8c399974bee8c0a37c205f9ab7a81e47c259c7d0b949f19eb9591454e1f933ee3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d3b157cd908073a2408f8c5cf2f3f3cc

    SHA1

    3fc7ad8cf2c029a288d932ee2a5a72f47a298034

    SHA256

    28624f51a3041e124f7b0ac6f3df4be1596c54c90fc5de3f84cc2a870978c8e2

    SHA512

    0741e9375ae14c12cb0b40ae99d2f229e8f05a41f3c4e8f3ea61690767cebef0afa9ccc2a68906557f7fdb50246f39aaddcbaf90798440a9c7daa8a0d76b8652

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    791028c9c8940fcd2e44066e62ec8e89

    SHA1

    e181f0eebbd68fda90b3fd2380797cb6a89b8720

    SHA256

    3344d21a8815e8d643d90c89faf104b5e77c1a115cef39c69c7dcd9460db34aa

    SHA512

    36ce92112394a6c3d4cbc39580c7fd526d4de850e690894dfdb8767ba00f548f369b74aace5f1dd5a94c7bb0f730837047a4d5cfd5bbdfb3331514acddf175ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4981c0450ef897af1afde9884054e70a

    SHA1

    3dcf600129aac199bc286b5f4ffba4a68bdc8f7a

    SHA256

    17ca5b6fab4a85c8b1dad01371bece44e43698b76ca2525c5359646f3cef25d8

    SHA512

    09bc3a62fe8715250549fd43168fd32f9c1f7e3b3b50e7e5aec011383536a7cd12b3e01c1b1efd5d8239849380e1294f75bcd9f6d08f644d7469d1a342a92442

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    33d0691cfefc1a70453c1e6d741aac17

    SHA1

    ad05222c9bebb3d92d2497fc87e2db6ee5a4ed1b

    SHA256

    73bf6a2c771c888f0e572ab0957a3070327d9fc15c7d7bc6b4c705b0bfd84e50

    SHA512

    cfb50827223d3304bc0ae5078c3c2b2ae19679117987ed77497e0da6e32f73e4b373ed76a8db975e6d127ceb0d18f8174b78d3afff43c106fe753cd9beaf0d22

  • C:\Users\Admin\AppData\Local\Temp\Cab341E.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar349E.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a