Analysis

  • max time kernel
    133s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    25/05/2024, 00:38

General

  • Target

    704eda9ad0d6f9f19729eb3d222c4937_JaffaCakes118.html

  • Size

    460KB

  • MD5

    704eda9ad0d6f9f19729eb3d222c4937

  • SHA1

    859506cd81a9c6a4c4a2f95711c97358fb187e17

  • SHA256

    8e0d8d535f6f4b46c1806571b5132fcd20f704a1cdafff8c97caa50059fc398c

  • SHA512

    1e8ae72f48d59301e98b2affd817328a765d9ef2b03c28f34251625d6d4581c7ef7a931356b598b76b7f745e95ee4e0c0f4eca9392ddd973b26bacda5eae9a42

  • SSDEEP

    6144:S7sMYod+X3oI+YWsMYod+X3oI+YpsMYod+X3oI+YLsMYod+X3oI+YQ:Q5d+X3i5d+X3/5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\704eda9ad0d6f9f19729eb3d222c4937_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2972
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2972 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2424

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4f092d9b1c7e36f12393fc8a5734f180

          SHA1

          7c5c02479d106143331d57d35146cb816dda2e5f

          SHA256

          eab7d8600753b034511fab20e0dccde660bd3b013339891e21423e7b3ab44082

          SHA512

          03ceaee53c95a7e4ac84be79ad1721f31741cb1442db9e94794b3d067f34f34a3b53114675f21babfa88198f7a4b96d0f26d938b411dce05ec46f26569e4d78c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          303ffa075854d83066b1b02fbf267b1f

          SHA1

          726d5d55e34974642c0d2fa6f997497362e6fbbc

          SHA256

          bebfc611496c55a1abfe6baf4bf40a161ae853b203d58c17d9191d49138dc16f

          SHA512

          554f258dfdca7fcfa8a5425b8b53f833135fbcfa8f3bb2c0f98a1ed6df94069265814c131957f935072ba40a081abf82ccf8af39a5c571bb6b9ed32fb6569f38

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          883e355d4caadf2b2d27e96fac0fc2ee

          SHA1

          0930418fbd3f63554183f4ed57c9ad1b76c27a9a

          SHA256

          6a598d7b2fc5fbe918933ee1e3a4548d0f8bbbbfd0dae224c7ee5b2c84203ab6

          SHA512

          9f7e6007d0892acf597cd40fc35cc524994d38e8d9304c9a7ee72708b6ea46158e852762d8bce788ab5f1242dc2df40e3d89418506047dd54e32fb95c67d7b4c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9566ad83374601f82e3908beb475dd30

          SHA1

          ae82a2eb5a96329b19cdfb472eaf0e16001df4d4

          SHA256

          b410f0d8b7eb9c21da2ad1ce0fc6b9613a86b7d54fb9094152bb23e32baf584f

          SHA512

          8772cff5d5cf6e9ed16bb80701b0f6f0997aaa89186ad0ef99fbd57c4fff6e556916d61920583d53db6e798ce02feec3ed1a7316c5ef954f882ca66c60f0ee47

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2b3fcbfae42c303683b05cc274873f30

          SHA1

          2bfd168cd87c35b42eba5cf6e0ef5f6de3846239

          SHA256

          6a26025a52a7523585b1479a2f2b8987e14e701cb396c29fcafe3a70c1417bdf

          SHA512

          66ad9c720cee223bfd4333a7477d8ce10f576aad198aeb3962ad8f1e1b7fb38652c8ef1b0726dce347efc28ea2210dd3dddae1f95f91921ddf10d092137badd8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8be0f8257fe726f11e2bdc33e2479cac

          SHA1

          296e0b1b73f71f04143bcf58650173cd1e01e207

          SHA256

          ce97760da3587e6c5addeb4177fd3b2a25808798be5b64b28ac278e3047744ed

          SHA512

          f387088a92ba2d14318c15d2b9f031200a3fd94aeaaa65aa20712c49d9f7c5ea2bf8dcc36b0106766260e5dbf67fe8fce2ffe92787bb5cf74b832645069a34e5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          bbaa35b2fd91b3375fcd93eaeb7b83b1

          SHA1

          454a3cdb5d8124d67e867eb79311a70574692a1c

          SHA256

          72a1f2fb515e1acd66c6eef1ae9837b474da7102087a552339d4697e25b1d064

          SHA512

          a0cb37828153445226bba881e492fc1062a3953d300bfb40b8321bc913d71d40865d0629017b00f62048d207d42a756e2630d3d3c4806cc805390ff6b2eef39b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          359d728729576ad8145619993b80d23d

          SHA1

          ab3ebb2dd0e20c6bd39e57a706b72e840638f8e7

          SHA256

          6bed0c046fbca7ce31de6bb2bb2d3916f1808875f620ce74cceafab6648b6d73

          SHA512

          a80f3b4f7e9808e5a11ba1e7235db935042f43cfba2e7fe232b27dbe76beb15681996aae555c511821e07a1bac8769cb3109c5f4be3a57310e1f7a9af949aab0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a57f7db7fe9f850a599af312b416f5ee

          SHA1

          8ad80478feafc4048287a2f3526b501bf640e11f

          SHA256

          047975daf21459f38eb1f7b39eafd5f893a548207060b3b21ea61988ad78183d

          SHA512

          93c08985e5c0f10f67abc29ab1bf716612e400cd01831f4b5e8038f7a0b456b227f3c93f3649379cab91bd355971f6053057f1769f746608fca67e857e32059c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f3a49ac337f582b066f31505812aa93d

          SHA1

          67b869321725f2d130781537218087b22fa6ab7f

          SHA256

          fc6c92f707028d0b53627a3996c6b71949ac150e080629d16ee03c81bf2f120c

          SHA512

          76ce668489bd93334c46ac8ad56c24a70b2aba38989d2ab72541e9035a7ac2b15807516400290838eb06ee300f663b3067ddbbfe59872a9177a812c7f06a0d14

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          79dc99889afb32036a06f97856d239f2

          SHA1

          2ff2dc0328d95c7489fb97792890eac13d31fcce

          SHA256

          d5e9edd79a69ea989b483c160f47ea6bdd3aa6602f4e8b84554760c144e8cbb5

          SHA512

          bcc374c76431bab1d62d4c0655f1e9a276707ce6edbfc0b569112f5304346fd19e025de960f2d3bc9d486a30ef8bf360f9532fcac4f72abff68d072249820623

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          139e04e880c44a8e89b44c941a929bb1

          SHA1

          dcb25f1bb04d8170ba2a661910c66857aefffbd7

          SHA256

          b33cc4b5d4a219bfafc73f36d8c22130b9a516fd659edd07bf2015f019bad257

          SHA512

          dccbe0582d683ad013819ef1007a43e87efa8a7f0fe85489449f7de5adc3adec646bd96b298936f606b77df9f19ba4eb0ccf8a321c78a0cd3bad1a296055feb4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b827abb8f158274edb72e9ebf370502d

          SHA1

          fdb2d91d078fd2e11f27a7a840e9e5239853aac5

          SHA256

          88e9d2757e22c761cae216b0f55de81949260a79d62b7d22c7ece1db515bbc5a

          SHA512

          96ae71a8661ca7941a34f266428a28735f0ca1e1a0bf39fc762c6b128bf43ff03fe51d71a95b46d1b8f6652a4af2d5214fd18d2182e9df8ff2099ee6f9f7feb9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ee12b90eb3a1b60b6e88f5ca4ba8a260

          SHA1

          dccd7205e9fadd91f84fc834bef9874c870b43c1

          SHA256

          9e97c219432f39dd913e5919d7b1a86a03c681e5d4ab927885329b7b7b9ad768

          SHA512

          f6c85286a1ed8c93d952d1f068719af97c69ef495797f7f2d26745a833098b764dc302d15353b729d9ecaf19a2f786971f8ac616febee71088feaff37ecdad90

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6129278eb31e17db8f894d968f62b7ef

          SHA1

          51d24ac88e0cde56dfc7d7ea597207633a7ba044

          SHA256

          5471ba75d2fb66e33267c10a8b32276245bcb14b9467e40d5b2cbf6da3c55ca6

          SHA512

          2743bacbef0ac7259590e9b03233fbfe0a0d2afc2322e21a5e79cf061585af088fc4cbee1b72204eb1e617d769430c232d87d6bb7a148f5b0ab4a21b8dc785d3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          67cf64e8a917470db8c02f8246bae136

          SHA1

          7840eb35b51126ee4d1d48caec41e6f9206b0eb6

          SHA256

          e7d4829eb73b2974beaa02ae5ba51cfda0446475cf75917e2543053d3faaeb01

          SHA512

          5b48ad691cbe505761526717b9b7667e6ae8c92d2fba3671889bf2d08ab59402ab7fd1d23d1806a0d1f77b8b59024c283fba7e75bbc5aeb58909ecb3cce98462

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3b241009a65f1282574580376721539e

          SHA1

          c5534aa5ce8ba8606c0911a6b80c8d44b4b5e7f8

          SHA256

          1e0ae27e7a980115e79eaca4920876f838a430095e690d570013d19e048197ee

          SHA512

          928089348fb3e87cea290c5473084b71ccbb0edb5f18931682e4711060469deacdfbe74c4374668af8d4f696236182b05fa89c7030115ed6c39fb10d4836ab0c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          76b768f03cbd9a2970bff545c3a36f61

          SHA1

          0ba57a5089c77997800affdab4874845dcd30be6

          SHA256

          0d4285df7d8feea1ab0d3d6df146d2e4e2c9993e211ef86f97d62779fb202e08

          SHA512

          fc6d40337362ffb97aa124dd4bf6a5d5f81078e2cf4d6b55fb39d77df27b0a78b87c60fe72e1e20e7f793e1eea8ce2d0b61424b7bb854d99c0aad054907374a4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6ef181d77c2c9a3b8b7e5bfedd2b549d

          SHA1

          91ec3a73cd87d8c4d89151c16fc9dee7f0bc79f3

          SHA256

          e07b28529f7b82ae4e784506bdf71c9fb7e7e415db3fba5f09a75ab373e889ac

          SHA512

          d9c132a12ef15aea50f69d37a0b7e1a89b3287b6cff7f549fac2087fd52ba475100f19a3150a76df171ddb1cc060afdc89ead6f839292e088cb537a0fbf01dd9

        • C:\Users\Admin\AppData\Local\Temp\Cab5A34.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar5A85.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a