Analysis

  • max time kernel
    132s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 13:40

General

  • Target

    677347594361dc4a8d1fcae67df2f8c7_JaffaCakes118.html

  • Size

    27KB

  • MD5

    677347594361dc4a8d1fcae67df2f8c7

  • SHA1

    b6e87982ce83477882e666ac5a4278d90a94d056

  • SHA256

    bbbeb4a2679c2f44b38dc103cdab4de345d352e977f22b137faa420f648a01ac

  • SHA512

    f16df1692185370c7d47abc232c509e2c7fa5301d6b4a8a757652fa436464c52c4bc831be3386a58642d318f961fe65d03fa4e9a935b9f39c020edf859bf5059

  • SSDEEP

    192:uw70b5n/ynQjxn5Q/WnQie9NnhnQOkEntG4nQTbnFnQ9etFm60rHRQl7MBdqnYnI:2Q/d8fAH4SbUqQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\677347594361dc4a8d1fcae67df2f8c7_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2264
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2264 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2424

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4baef77828296f9f56fd3b26eaee8940

    SHA1

    03837b54d5f840754957c2da8c550c6c6c0505d8

    SHA256

    27ff874039834c60f498124c83a91f08d97d708d311745aedc085ac391cfef09

    SHA512

    79569a145f5da5ab47f20067699f64e110d587e6b42622a52b6c3eec77fde1921404433dcb40467c69c628b31d9ef6d36715b955864dfb858cf6195e1c572d2d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5c3a42f16dd846365f8f2087013eaf91

    SHA1

    734c0659b000b5851ce149e4385e3aaafc5f4476

    SHA256

    f961dc1a4d3f64a0fab88f8ca577ae8c04c94f37245b8bce7ef2f0b03f9e27b6

    SHA512

    065ee95de9f1293545b3436d0dec9b00f187822bdf5ab2d7cfc75b7c5f594e7d7bba0c55852eff69e88311807f34c6ff6d6880069fdbdd9a6ee392032e3fee20

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a60f85da935a515906ecd28972356100

    SHA1

    dd8a3f5c226c88f808ea4ee08c15fcebfd908d34

    SHA256

    b554142da70ba2871da43c736541cffb73edd2833d2eb7e7965c2777bf5c63eb

    SHA512

    11aaf2542d8145018fc2a277c39d6e567237954680a25660cd4b351895adc7e991828453ba718f47177e65927c841a063cc494a1ba5e733e2d64bd3f75669a79

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d4e173c9f13d1475ddc3145dc646ff4b

    SHA1

    95d2c64864e819b44cd43f313f862a81c1bba16d

    SHA256

    3b07641479edd2a37b1815b86c56e7343dcf6006615b37c2d266f724b7e1bb89

    SHA512

    26fe09d3cdf22639129cbd906b03debb991dbcf03d4a6a10199efb2a00c46ce3519e85f4324f63445d8ead5c10d6d0d04a9b4917ec40b403a35cc8439037560c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0dc909a2d499f8c014e2c26f845680a7

    SHA1

    240b5a9a9dce5368623e39dba58133fc4b9fdeb5

    SHA256

    69887f65b58139278e0b0fa8562aa74d79bf8d7e178376d01f0aea0bcfbf2f61

    SHA512

    29bf59842efadc2c1686360338aa170d5a242107c0dfc9aa172f93d8831af10fa72f8e4522dd94a8f28b1a105b603e82975b36a5d1923aec0ca05e26ed73a775

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5240bffb7daa66894475bf7064fae20a

    SHA1

    af01d029ebbdf2b9fc16307d19d9467556525071

    SHA256

    0600fce9db8b321b8341a37d23c23bbc0d84ae67de671de223a7f42e9a6ae766

    SHA512

    7f5415b8aa1c940bae1412ef446edda46e385cda163c73817b58fb2fe18b6f65688c3515029f10212a202d39c70724699af08cb610a4a42c854084025925e05e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    10d31407d40f93537773f2d948bc3452

    SHA1

    37c7cd9148262e220aab4d06e78708b87ff03c45

    SHA256

    3fde1e1deee52a88e638f6e5e82144c5c70b946ba14a7126798b48ab7668109a

    SHA512

    d61d99ffe1d3ec49f88108213fa7dce8e4e788a590eb090e3f11fd0eab9270324a190874ad8f507d258af3f460ea104b409cfcc267fa79db7eb8a14cdf4b9334

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0a11f6f1d29e0fefd6f3755f0c7892ae

    SHA1

    b5554022d29a6d20e06fd0043daab90f5ea92802

    SHA256

    6f84ecaafb6cf7c5f5f9bf62f1a70b346501a13c36f6232044192683481cc953

    SHA512

    cdf120700e0562b567a9c0de2cafaad8141e55b678242023f9fb2d5fcda19e02bfbe726366b2cbd8ef93432f5b6ee2b6828301f9ecab3ea6cf986d4e76c3d09c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c1a33a8b25ae9c8de3fd608fa4efe884

    SHA1

    d4538dcdd34c736b75a48d437baaceb2998b1163

    SHA256

    955ea5daeac0f130eb67d05abfefd5c25e4193aeccaae63fc2313470f7ff820e

    SHA512

    04dc5e6d8103d80652a1c1a69c155cda0756bd99bbd16d3dc28587e6ce96bd493edbf05d34c8217e2401988e7d6a7821c6cdeaead4ea3a1d725db6292ecda73a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5a032d7cb745dc9b5a08e3ae12b8c3bf

    SHA1

    1261d56583e162dad4fcbf54d74fd2ac436c85fb

    SHA256

    bc29411d977eaaba00c41326aa68d639783502f703513bca08daae543ef283ef

    SHA512

    aa22c2caf2bd2e8154d2a91ce5036c273718a648425501155dfab82edf9cfa8dcdfe0e0a44b0923161655596a5e1e0a2518a8c8b979863fc3b8355c50599bccb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    36a7d685707c3525a02202afb8e81416

    SHA1

    ff5c78731ffc7b55d2780ee50914f69ead810468

    SHA256

    7f6e36cf7e808234f09242e50ab9513492f8d96c9461837a094520f8b22fb6f6

    SHA512

    75fa77051c00791ed67c7dcd10f79a644488ba26e7f9fd7077f2fb71bb4664f3efe5c42a0710e10d2eea3054e575dac642fb29719429fc4467e8dd1e9bb90ee0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    45b65e0f786fba4145b12663f13eb4bd

    SHA1

    a32115251eaf3b3047562ea2e5b917ab916811f7

    SHA256

    7c722dcf6775e6be349a3b913555ff96351787d1a9fcb9848a208c0b5a42a46a

    SHA512

    b3d00d315c941d08a088fd3ae18ceb160201175274b74f9e98e8cd4a293d7ce0abd7f75b358c4c4ae6aac86fdcb712cba4444571dd367a3eaa01ab2e19cc2fb3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8379711a1b3375a0f4a5569b45281514

    SHA1

    f70cfaa6c911f214fe8d486539db75ed83165851

    SHA256

    a23e12e38d909e44770158d29e6cec3d8a632037b6de3a44ca936a046dc5823d

    SHA512

    86b02de2a41cce9b0b4d4231d6b823c19cea0007d53cc473fcaf0fe9ba980363abd84912708a8f83f8d16186fd31abd255b4ba627d86ca9956d572a891f0632e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    136ce3bdd3894044c97cf8fdbb27f626

    SHA1

    0448d9493abbbfdcb82fe77ae4b0e57b3fcebd33

    SHA256

    fa8f7f467faa63339f8c1a6d876d0cbca66c4278ce515a9cbb6a468957135a05

    SHA512

    6c442ebb814b11b32e5a9ec2ab691bb78aecf17fd9ea932835163bd692f1393cbf6236319aa24fdf457b9fe95450830bc2f74a968f1e0596f810c25aa75b46ea

  • C:\Users\Admin\AppData\Local\Temp\Cab1C89.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar1CF9.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a