Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 14:16

General

  • Target

    678c5d2e7936e9380367888f2f15389e_JaffaCakes118.html

  • Size

    31KB

  • MD5

    678c5d2e7936e9380367888f2f15389e

  • SHA1

    a81e616452db2181978d277d2a5f18564e81401a

  • SHA256

    c66d915de5197734f918f8a597fc1d751c10989dfa507c45cd65eb3b6bc8b925

  • SHA512

    0e779dde9a883dfe6aa13a00619d59833cdd6b3b71cf7a91bc75839a7dd650935a70f445a4baee55006f7592b4b41c77f00deaa814e91f4b6b37323588c80873

  • SSDEEP

    768:HWcl1TI9VLEgQKEIw2K1U4gOrWV7lrej/ygJ6RGUYIK7EZe+rUcX2+/Xvivn:HWcl1TI9VLEgQKEIw2K1U4gOrWV7lre/

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\678c5d2e7936e9380367888f2f15389e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3028
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3028 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2944

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    889ca1ac67cde2cfb2c734489a37de78

    SHA1

    dc967e6f938b9c017fe9f20b4cc97eaa3e9c1980

    SHA256

    8f8616adae1a46879a50da08a6bb4f40b7aa1d1ea38bfc84460594e4f4eda468

    SHA512

    0fe7ef9be0b92cb3d569953a9c00401b300fe5605e9f37f810470b1e0533ecd3dda4a0bda02cb6f9ef981874f9ce81090e80e94a3c0bf0ac9f755e490bddb0a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    008a38dbd5ccc78274898127a5551f4d

    SHA1

    da0d5322ec85039667cb28584ef002022d71ac1b

    SHA256

    98765e0a79d1c3b9f29c3f6f98d21adbe1689e32538546d8e9cdcb022cccc174

    SHA512

    b604be33aaf2991657cc43e4f1122adcf451e703a31a85fe0aa05f98b1ea4dd19f049e52e96c6aa84c48d57b7b8825c63aa338cfb543f2fe67dddb80b0bebb0f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7b7ebcbc3eaf594350a99fe370a9eaf6

    SHA1

    fc778f8fb8790b075f3cbb07bcfbc7e27bbfc32c

    SHA256

    3735c9bdfc65e386a1fc2abafa9eeb051939157985c904d047778237e824afd7

    SHA512

    0724631a81cff998b017f9382d00b270fbac7237dabd36daabfdf13a5e5a1441998c144aeda7c3c58916cc3ddecf7d2c4f618fa73dcec136e1b61a60e413396f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9ed57a3a2ebe4666c99458311c34537a

    SHA1

    eb8aad4f824ae7ca76f8441044aff0fc6530c9ff

    SHA256

    b91528e7cf2b2c2b144b73f840f06a8918d794c811d49e8b4aff96ce1eee16c3

    SHA512

    643e83147d7aa672814ad9fc26b6862a8deaf88a44149f4b93bfe10197e1261d8f12af5f46bb2687e3680aa8f0f6b72c88aab3218082106b3593c5bb2f1f1878

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    348556db14863309ff240976accbd4ba

    SHA1

    e809637c07399ac6634aad5676195fa7384a3840

    SHA256

    8a6d23b98567859ffa47030bde6648f988ea41a6816d13c4b2f17be6f9fc4014

    SHA512

    24abe789358e734a3030b8b5870250dc5b77a93ea19d073323a69b91154fb9d4c05139f4939a46ba9661d2fa3b6f19d03f6cfbbb8d72addaf3c74746f34a97d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    37fda4459432515f19aa31ebd88b21ff

    SHA1

    81d59ad2af817ab0dae94d2e05ec78c1f70f6155

    SHA256

    c952e9459597d562359c61908e38a5c309fd84e12aebaccf84749235c250a4e3

    SHA512

    838d4b098634d526e8fe1f05ae5edf4dc7b0bcdf59f14651ddba6d4909930e857bd52afbc0f1b38a93f0182fc83bba206ee2d082d5ed24a533e63c3bc35a38d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    30907cce6c6ea37569c86253b08cd3a4

    SHA1

    bd82ecbf1561363280e830f27b06da9fdccd0a9e

    SHA256

    1e58d43fa7e0d75e21b66dc232d752e695cbfa65338ba5f12eada22ac64a8952

    SHA512

    ff82885bf439bd47e0b8d44b05b4f4dacde9d3fd427cdd2a6a45b4a303006fe6cb63e4bbbf6562e3d46b39d2bb9534a0f8415ac5675661d7ed64a65292d7489a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0815269b7573a2987e4352563ab71434

    SHA1

    c64a1e6f662d2609b638290c187ba2710a9989e6

    SHA256

    93873d1fb514239889aac363a95b5b1740502d893ff01bcda619470128495df0

    SHA512

    52a38a809423d0021e620ff83e50e6a34d09e3b087b560ce9fa0802f800e0971eaf2f7217e18a0c5c5f4cb17a28650a896e876c296757b796b85f36e724bbde8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8c9a519ade5ac5433e5c0c705dc7aa0c

    SHA1

    14149cfe3fb86fa77777011b7985e1c46bd2b0c6

    SHA256

    2a6d700fbb55e0d3c92896fc4a815f515d01b3d727f96d3fe6fbab805fd767b8

    SHA512

    3f2d25d0f41b6ed7debb08bc105b386a7b89c17c5149b5ce342b18039eef510ed91e2c86d5a0744c9756129582e48424dafbe4e09339cb26f49c641fdabaa7ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5a747365c870299c34d49c8b288da321

    SHA1

    0730af9719d17c85ed4076db41240ae10b39d0b9

    SHA256

    4813b8f5a3746f63d2a0ba2a9a3d06418305843908a8d1e021b50f3eb96a089e

    SHA512

    8264f9f38471063f8295eae3f845e495b097339926fbb6caf562f7aca437fb3fe020ed5651fdae566c3358b31d72ff72c285f3894946c2338e20c11408db2df7

  • C:\Users\Admin\AppData\Local\Temp\Cab370B.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar3C40.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a