Analysis

  • max time kernel
    133s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    23-05-2024 00:53

General

  • Target

    693512115c5e218b836f4f5d038358b5_JaffaCakes118.html

  • Size

    23KB

  • MD5

    693512115c5e218b836f4f5d038358b5

  • SHA1

    ccf59efc51cdaa376901065f313cd0e0bd09dfd5

  • SHA256

    8273867b2e874292bb73d8b0fe59c6ea3333a8d3779a67a97649e279f78da183

  • SHA512

    001b0b4cd089f0c0c218f34684c130bc5b8ab00023aa2b12176b5878539a8fae4eb7d4a9abe8390ef6748bba75a3b2d55e2f1695777b3f9f667e2d0c1f7b7aee

  • SSDEEP

    192:uWz4b5n/inQjxn5Q/2nQieFNn2/AnQOkEntqknQTbndnQ7CnQtxwMBlqnYnQ7tnY:WQ/E/Gr7

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\693512115c5e218b836f4f5d038358b5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2052 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2748

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    912afea92262fe0d294737949c70e85d

    SHA1

    b97a3b609fe0e888ef25394e72761dfe3ecaeb8f

    SHA256

    07277e50ef827e99fe9f35820df3ee3ad4d1cfab16160545374ac88e5dca22ae

    SHA512

    7f5aabf11a2a8790e252f384bb1e7d73dc5478bd91d17ce7d43998f5e2b9f934a649d38aec8353ae48aceefa85c296119dae70566e718ba0293fd50f4f3c5cc6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a5dd9a842d9f3667148638a2d73afb12

    SHA1

    d59f439b705a66e84d5cf1077f9c378ad9f34066

    SHA256

    bd253255f11a89c02d79727753d4c4484f895efefcbeca350771f3e5f7a6e060

    SHA512

    f8aa778565f75532bfc9d305a197715827b86ea0162587aead7e83386bb13b2db9234ff1e48f99d041612e8312268c0a096c2154d058f6f8836f37c81df9ed80

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    de5ae78e146bd84402f064d009fb9441

    SHA1

    795f8b2bfccd4e28c9486ad6a1122693994c8ffa

    SHA256

    9f9498e01fab2835bca1d126d7eb9786a7e0b735ac79f43354c5b0c0bcf0aca1

    SHA512

    217273d4a64c96fb5c7460ddb0a7de49483d238a3c7bbdd7bbe84581bbb5480fde692009e2e6c58819b6f1bdd6868ebc0eba7d4d3c7c49289f9c1d6b9e0ae02a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    12fc2235722237f1160e3356d1251187

    SHA1

    507da905360df3c958cd8278105e9322b81927d5

    SHA256

    3c0df3bca85f2faeff0bdf7fde2735c10e441aaa51a48ef3f1aa249106f8e39f

    SHA512

    4bc7d2a30a559b2eba20508ed207b1e2151b35f05c45d1bd3cd123065335981d92d8eaf7e5da2edc1c7827d290cb983e926d8a31acb03cdaa3329a01f7ae2751

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    196a1bf43cfa6c6186745316fb8e5ee6

    SHA1

    d9713d66fe8a9e8761202ab8c407768c04454756

    SHA256

    2ea02bcabfe6151ca0f83155534b3d3fd3ab0d36e09a3f0c8ccd6cde9e453fc7

    SHA512

    46a8bab09ccc50ac048532a058a6614736bd85cd69676031b380c9f2729efa01d7969c1702f09471b39f5ab30871c35453cba3f3dedd2f8e062490c422d4dfec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3eb617d671d52712f03670bec49f23ae

    SHA1

    9f94e0215309e9f249b43e780646244a956d956c

    SHA256

    7cda93bf45fbc05a141049d8268cee96b81e6ea3b3200ad88adbf6f81c5ed5eb

    SHA512

    349e8ea4e1a270af894cf87532d5e063938d1fd8aa2aac91a2aa954e385a14f9bd06a8377c5111adb54f8cd3d553cd83885a8128cf394269ef84a4278d144f0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5df89c527aaae53ad38d4676ad3da627

    SHA1

    42299acccbbeaf9066e53c0cfcf9077dfea94207

    SHA256

    39679d2a6b6f4d1814207beebe037f8ffbba638eeff315cece80ed9921bcd375

    SHA512

    be992c95f1b91147ef07d1fb7dabd9dbbebda4eac108cb7cb575e2cebd1549c1cfab021d0c0aaca5bfbff0d21fc7f9b5f6add478d297bb5738ed29e282fc2e3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    92141c9babf9c109cf42961027d3b805

    SHA1

    a64bef5f747e504e7c1226bdc0903e685573dd9e

    SHA256

    a11b04cf5a8c548e2b2a7978748c7abbfeafb7f875036e0401a08a78489eb86a

    SHA512

    d80562022d9354f7423ae316e08960e504d976a640a3657e306644f39f386d2623987e9aee0bc0f5129d73eb7686b104c21235fc42ac529bd4c969d0c5e939f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    57897cae6a836877b522e5ebb0a134d3

    SHA1

    d61ee175ac01850814d8ca8e9f16c173fd141567

    SHA256

    3757254d31b397462f7629963147dea441604cf1bacefa8ad9e7257590ff39af

    SHA512

    87185dacb7b70653568e4dc7a8639744cb06d8c411cda0cfe22e4ecffd3270b8d57d3655b6f584c0c57c522a1de3244bad1c217b2f810d8048cfaa6295a14030

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    645c2558441463505ec9732e5af447fd

    SHA1

    561ac04db4a801851a4091d711a4b579f0dd7825

    SHA256

    5130f7006a3c61e5f928d960a10d2122ce298bce0e22e8853f72f70bbac78457

    SHA512

    01154637c75aba822685150d988469a42654a46ecc5eeb457399c561943746debb2d6313d29c0a45f187ee36776212556f6671ed21bd28de83132953c3c9420c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ce6ecdc4b2030c641a30da0647abc089

    SHA1

    9c8a993817869c9c12327eaaae60ef031cadd9b5

    SHA256

    da090a7abc2e233b21de35219c0a215a3b550a5c42efb7f447e5d64fecfaae2a

    SHA512

    95399bf9a06fd7d8b64226b0a9e2984cc897b9d74c0c339d3130e7a85ddfba6f2191b596d04490a31ef24f090794d47c4cc0f4092fd959c127f494d03dbcb897

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    291d41d13bc75c4a30757fddb84c24f2

    SHA1

    310b5e88ce31c5e2e9f03bdb379da9bda386fa9f

    SHA256

    3d1a5abe0baf11400ea24d69a8dcde990336c9a1a3d700cc91d98b0a3a653a9d

    SHA512

    4ff32a9d574928c1705249f822c2515541da9f64586e719d9a36158a099841bbd14f40fd60bf2864e8a211af7117c4f4c9f3df8189d2b852fd5321ea5e040195

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4b33e02800c94ce5711a460dd2da46a0

    SHA1

    125897aa782f41f20d48de4765aba2cf363caff1

    SHA256

    b7c003a984a414af2c4ec43900289e56ca3699e6032e9be7e4a5235e4edf6968

    SHA512

    a96b4e81d8132c43511ca27b5fbc3e5a3dc3d90db333f7879025dd208cd7655b771eb72e73c2f22c7e3c323f1f830f1e556a4b042d0fb1a2ec631d694a8e0058

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7709393233a12ea63b48c5a58e91dfea

    SHA1

    1e7ac7242ddbdd1a02d3afd8d403827e929c9795

    SHA256

    a15017291a7db64bd2c885517cdfc3ff2f98ec1a00d99911837b89ce263d7a3f

    SHA512

    c0a088c1d55038ce7bd29a4858bb441c783915480b9ebc042c96ad2ff8787b72d122b9ef0b04da0d8b7e79cb6b724ebe26ada16bbe51b203aaf91ae9bd259343

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ca4dea0200ee88a6ad7cab5ccd158948

    SHA1

    82b726a0e79b7f1cbc3179f06ef9fa697c8d612c

    SHA256

    13969896febdb86bfe134a396a85bb4cb5cc2739fa4835cd5bc39a262ba6e96d

    SHA512

    a5b2a0c6384148cd7dc5fdd402e05af57d1fb6e42eece4ef1a32a8f7a0caebb1c9790647682f3e5f738df44d6c01185e3b67d96bb129d8e07b7d4c31c941f088

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    975878b941678bb01ae76bd285feae16

    SHA1

    793d70aff52afd3a5790b7a603e6cdae37ddd96a

    SHA256

    dcfa40aa3d165d498b846dcd43b75a3017771745c1e97805905f0fc3c2bdc865

    SHA512

    119841f3d4a80d677bd28838daef369ca35f851580df4a9f2977efab5d5a60d24f425f59f4b5e74fdffbe51472566058e3f49ce063fc862bbb98e188eafc2b20

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    46a34531e6772de5cfbbee92ee2e53a9

    SHA1

    c7c42f730e69ebceafffb4b7256cd4bf07a1695c

    SHA256

    806fee6e1d30a032e877a1e3b0c102950dcaa8fdef2fa51a66f4ee43c3f8cd3d

    SHA512

    95bac00a9f4e0a6e859a0f4e8ffa07e204108bd3a06f40a9dd6deb47edd7e666d327e9c22c6d84e7dccc7c2092dd8e156cf9ab0c6e0e780d4c4b264dd47b30e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    912e8f5d173acaa09f5b76df3baeba68

    SHA1

    4a0878926c4af160c0038053725359331d89b31a

    SHA256

    0a96884fb872ac66e268feb1f5f5641b3559fc7191d8e33a0c45d54aabb27caf

    SHA512

    5a996fbde33e87423306c44c0e3abc77b0105a5ef95ca247bcb2d5f6d00905d5d1e85a09322cc94e7f5306b1b61ed69411f6e93721b9ddb4762a7c596585aac3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    07eed88c389147e903ab94b83b50a7e8

    SHA1

    70f6166b6d0efe1416cbdfe9da707ec7af570221

    SHA256

    44ea4fddb6d87481fd41c1b4aa4e2077b92de8a141616c7cfa36d3a70b1a9b83

    SHA512

    3f8bf8296141fa48f72c75fef92f6f02bd28ff88653a7ecd9b6f8fb83e1100be608ad757b022f2c16d292e159c0618d0fb9bb0a8fbd5d70246165b2f187a7866

  • C:\Users\Admin\AppData\Local\Temp\Cab285B.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar28BC.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a