Overview

overview

6

Static

static

1

688c479369...8.html

windows7-x64

6

688c479369...8.html

windows10-2004-x64

6

Analysis

  • max time kernel
    144s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 20:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    688c4793696dc598b1096e6292580637_JaffaCakes118.html

  • Size

    91KB

  • MD5

    688c4793696dc598b1096e6292580637

  • SHA1

    1dfdb2f4c95d314a92208ca8285cd8dbf56e26a0

  • SHA256

    639ad554118116a920b6943b7b7330c7159a8ea6b30f82867c2da9501ef5670c

  • SHA512

    7751f720b98de1ed2f90637934e76ea16e0e57a6004fa99a75b921a3d75f6dccf6b86cd0175b3a327d378d6f4941fce9cd0d8f355445406d34ad7a34de97cf71

  • SSDEEP

    1536:S6VXfbSFN7N2QXye2MxGsAf/hie5hNBe5yN0ge5Pe5JNjhfIsjNN9K76GqO2K1yC:SGXzKNyoUwdfPFLOexH/Bg8qD9y

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\688c4793696dc598b1096e6292580637_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2888
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2888 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2384

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    efcab9c7e4f5a7fcaf7c823f35d58d73

    SHA1

    60b9e7856bc5f1d21c2e90b2f66ffed381a1a760

    SHA256

    1f81db632bc1075952b65fcfd190523e8e81fed1dd6611a7447a85ce43f005e6

    SHA512

    1185d78c553cb4e2d47c3151043e6fbc8b9e144b065cdf3c9b53a2b3000b97ad078080fd2741b31dba2462ec70f5c3178f5ce173ac914e78d842014295d7e3ab

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27fe7e4c322132a0706dbc9e720f2119

    SHA1

    f7ac027fc5e4912ab77218f73d9e9a77b9b4a2d9

    SHA256

    42e4c8153d150016a3fdcb77d85094cc644b0ff11eea9c1bee857a595fa29166

    SHA512

    0dce72a20753a714c551b53bee8e27ad28f915394db0293d99595168cfc6aa903963295037b6fbff695d3a48684ec5ca4105b899e55856a6d73b76fc2c779747

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bcd7e83c2a5602b2793cc60b31e882e8

    SHA1

    ab0caec0e8228c6d3fefaa2beba5b6c2ff1366e9

    SHA256

    8f8f023d88382098b5f9f76f9e670de2342195facfc117435279e4b692271dcb

    SHA512

    1948f44a117d10499aa5fa489a6e97169f2a15afa1b9832db024543dbe0f2a7cffcc12440f3d6a8cd582981ed9f9696967a9805e26c39fdbbb03bcac9aeafeb1

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    641c650783252321047533022925be76

    SHA1

    57a303a222cbd2aab67eb7d86910c27925c08ae3

    SHA256

    6b4d26301d69b08e9ba87b67c6697dc9846a781f78990bdf3bd0873a55e1650b

    SHA512

    9b8333a6d66333f50011ff836e0c81ea2aee547b884d60e9c730d0ade5a357f93aa927608478ed16762e9404c1bd4749b646952878fe0fc0a64068dfee66e437

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1766be98107c37bfd38aeff6381905e2

    SHA1

    28b82359b2ad3beefc6a03b0599ba3794d2a4922

    SHA256

    52b39b0fa0b4f79f9dfc1146a2ffa2d8414e952393c92081c185fec5fefcc2e7

    SHA512

    b06185d2dfe32d6f01fc53b2d1dd2bd09b63101165f5a83db574eb9418f44e8a21f9fa6ba35dedc107313fa9503ae271e8a6587ce66eb4f7e9a649b839095e2b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    63d2a3345ad07a9e006622d1f6c005f0

    SHA1

    0a82891fca0ae9bc9ca00142616054e3937b1dba

    SHA256

    48b9d35c5eefadd22ea9f24763715022a4d1bef64cd45475ce1f4b8a60c1b3e5

    SHA512

    2a455e0ba19026c454c3fe678ae4502ebfd81307db9985601fabb9b20bdf3986c4881175b934abd32f9680d5835d5f08ce0f82e291206f535a8f2cf544f0a95e

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ccbec31abe3b1411ba98237391d4e4d3

    SHA1

    8c02db12f35b7a5494f5c187e965cf7c600f4b60

    SHA256

    b75f494230fb8f46ad2e70dc47fc767473a23a25471ead4d31e1fab098b8c071

    SHA512

    65954fa2fcbcac33ca7aefc589cdfd93f1f32964c30bc0ca37af35fb787625f127217b0c16a0fbc47a4a1e09ca05fddfc8040d74ae7833a3cf197121d19787ee

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bfa354a9f1df9944a0690fbe8499fc2e

    SHA1

    fd28f8ed3806ec6d3194557ffd76f3257ac3b123

    SHA256

    75bc71715a359fd354233ebd2d3a490a6b3652a1eefc94eac8629c6147668073

    SHA512

    28218c0e1831e72b56a3f222b160e4e1e2cdc96dcd68f6895616743bb7c8f407e45e1a4fd35076307719dd613a4c2c1d8522cd589f5ace43fe4e269a22d93ec8

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b8ce3b472e08b56eb98f74356942df48

    SHA1

    19abce364b5be194a71f1482548a18390cd7ce6e

    SHA256

    ed59fd2d0c3f8cc9108ba90671b554b5a0cc4e0c3540ea70f5589f818f7d6fd2

    SHA512

    c40f7f142c486aba034443c29295f5719a0f451c60acd7acdad63d6f4a343e02251afc28acb31d1ca201a932689f64f15279a4b7f55734fae3bdbb9b549b16ab

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    001db76bb62d20ac64c50c674fbfd3ad

    SHA1

    b6eb9fd7d269cf7f37f15b824fb5f1c66f55ae64

    SHA256

    ab81532249e307e48c6babd2ce70da11914df45205fbc4473dbee3756e667bab

    SHA512

    d1a4cd7461fbe09764b1e160d84e16e08e7c296ba8516c2adfe4b65ac0bbc1cc833db9307c5824f1e720e874e8dc664facd8d28f582869bc4d7de9e90a48e518

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3dd0a594bd7741625f25a3b2355158a0

    SHA1

    3e40f251fb94dfd66f0c6fc7648feb082a055fdd

    SHA256

    9222ae6ef6425c6e5ec18a1bcbedc748e7fb6d6d37eebbae5bead8940ea1bb12

    SHA512

    06a21e62d12c654cbdc75316d332a62bd5b8a8a82e7a4181f1ea9632720726b0b728b835149f741321150ea2be2d6722d75ef83392386c34ce659bf417cf99ae

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    49cf836683cc33ba19264913a7ac5c15

    SHA1

    67659247b028db90ebc4791917432ec961b7ec8a

    SHA256

    88ebb8bd8a50f653a2891041e4d25fad8410374ece499cd048b522bbedce3402

    SHA512

    a3cd639a482b824561c0393146850f8644f4ea27feaf62e56eaf009e3de04fda23c6e018c384daba54a0731ce7e429faa9b57f27b419f99e95d8180023a62d1d

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    042a9784c3272bf1649bf33438ac58ac

    SHA1

    d6561a67236953043f9fd02bef5d8d0f28a5a3b5

    SHA256

    a53a6bea2062e786a168900d4b5b7f41e1d545c607879e402aa082bc5162c4b3

    SHA512

    d58e5a021cebc588bc399cbd2d9f1d68b97c6a5dfb3af1cf423fe493a4fcdc9e3ea720294b8ee47198043049ee2bc1fc28f4575a5a2162c0197485b3714dbcda

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\528EVS6A\2567313873-comment_from_post_iframe[1].js
    Filesize

    11KB

    MD5

    4b769228ccc8fade41625c076e8f5f28

    SHA1

    16d8dd313557ff6cb67edb51add4cbcdb23d2100

    SHA256

    c4c1b7760c095804a679a51b4c7f7d6138d6db722c4210976b1e9381f0e07ce0

    SHA512

    325645526c0317af064a62e4493be7fcc2a04da59ea129aa319f1b23b178f1a62da931effb16d542be0295ac6e61f4a44eaebce45d49268fc51770963cd977ba

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OV51DDG5\all[1].js
    Filesize

    3KB

    MD5

    de293939e3ccfcaf6c1513ce6d677444

    SHA1

    2e82d0916438d160ea0dc0cc75f659ee88754d70

    SHA256

    1edb603a5c91579155c87c7a7b3e63f93a4605e4ac875fac3a1721a94ff771b9

    SHA512

    ba167b19761c98f755e1ab0e9b1bcbc6b12e86148460e555791b7a6e94e4f5c7387baf411d3b116f7a9c90904ac414fcd61dfb7a15568cad137ecbdac0167c37

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OV51DDG5\plusone[1].js
    Filesize

    54KB

    MD5

    fb86282646c76d835cd2e6c49b8625f7

    SHA1

    d1b33142b0ce10c3e883e4799dcb0a2f9ddaa3d0

    SHA256

    638374c6c6251af66fe3f5018eb3ff62b47df830a0137afb51e36ac3279d8109

    SHA512

    07dff3229f08df2d213f24f62a4610f2736b3d1092599b8fc27602330aafbb5bd1cd9039ffee7f76958f4b75796bb75dd7cd483eaa278c9902e712c256a9b7b9

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Cab36AC.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar431D.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit