Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    25/05/2024, 00:37

General

  • Target

    704ec57b45c90db11cd119f0eee6cb27_JaffaCakes118.html

  • Size

    65KB

  • MD5

    704ec57b45c90db11cd119f0eee6cb27

  • SHA1

    92bfc403762f7e3359221560210a6f15c3a68522

  • SHA256

    3bc7ad143fb62a080db23d88ebf04a42d11ba92233d9eb4372daf30fbcd56c6d

  • SHA512

    1774838e18cc3485de0a76206882326409b318d338f5299bde6ca3eca877240dc6fad110b98092917788d2d5084b36747b94092011b3ccc8bfed4fa960bc8c7c

  • SSDEEP

    1536:Sh7FcjQ60g0jIjYtanMw+xVyZkv5vT4q1/yGEOw:SPcjQ60g0Nmi/yGEOw

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\704ec57b45c90db11cd119f0eee6cb27_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2220 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3032

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          205ab17db1a49bb831552a9b66c844a9

          SHA1

          b3236c0ffc7b2c519a4a812f04b04ef7c73be50f

          SHA256

          31c58f0927469e28b921dbeade980ab5c58e56e4d88315df6350362d9fdbda19

          SHA512

          f5548dde16e8f5d381cb85b9463d3257a68d1d1a4e12f9294d9c8208b89a6e7ec4e80a59bef56a7433d6d9faaf611d03a6774f9746c5ab1b178a24e27eb58541

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7c45cc758e4edb9a616c9d02c9311daa

          SHA1

          33021b6f61cfbef3341c1a8eae9ed02cd683ee07

          SHA256

          16f4f71da7ab9dd007dfb5c1c5e3ecbdeaec1731f7317dd09f5e94acc1e36d76

          SHA512

          1f3206ea2b70bd8855aa7b338f2bff26ac292002cbdf79ffbb6bc710f73cff6c92b813d69dca2cdfb136766e959b100b6f7ac40667424d883b944c22ccc0fed6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          85c705c68b084138f629d77d376a8a7c

          SHA1

          ae849bc47811528295d7cccbcc32e9e3f3e810ad

          SHA256

          4ab41a5b0f75b206dbe6ce0642bb3c233f02ee83f72bc3f515acd79749a10c82

          SHA512

          b02bf7a904da8467ac601a6bb9ef4bd46c5fdaa3398f34642b4c32471454481cfa58f9f30acafe2df8c0ff24580c218913de4be51910d7298472a84bb722342f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8fd20c8abe013e321a051b85c9fa6f6e

          SHA1

          162b9cad9d386573ab45690ed33000b79ba02d0a

          SHA256

          4915a5bff3fe1052caea20150e7d1228abfc285a985cd56a41046c47f61359dd

          SHA512

          c0d38eac2d10131bda19cb967ac7a35b45365957e63d69e2fababbb38a1e9beb1c5d404d50ba9ada6a2997b0f4586c092198f3ed8003845a09f68b9bb7cf5761

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3f52dfe119531645eed87b9b78ffaca6

          SHA1

          aea2d94b43cfc216ee3ce54596abe1737bb38197

          SHA256

          711d68949a5835178a166a20993cc8bcd091286eca792fa400fad425ccc50312

          SHA512

          4672a07a55992b0ad4ead896eb7c4aed7648b94a304c3f2a293e0cb4f5d7c803331dfa2f68e1f26cb91c93ac65525ddc90f86dfc9ebacda8feff454d6acdb7e1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d8e6e007af844cba03fa0fcaab3cf517

          SHA1

          44374be58fe687f4c7833e773db504cf65743eae

          SHA256

          f28caff7aaa9664899d590c9f0866897cc629f30e6740a05e14b534f0edf1eb6

          SHA512

          2bcda6978429962dee4d95d496278a661fa836e8160ab3bde591c34d8c2cb7065b8251b5bc77c9c35279276191ebcca5d5e2178c3b8e95205b78c80f913052f2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          92798ebf27f76431c739ed5adca98cad

          SHA1

          bccd84e037393b649daefedf0fcd86e936782278

          SHA256

          80eeaad4ade6c7d68f3524612dad257a80ec746bdec0801307301fb675b064e0

          SHA512

          0ae6ccc587d0422dc090bc1d539925a942be7fe01ccc7659122206def21ac8b94558bee3bfc55392fd04db14b1a40ced3bf2ca0b5d1bbe697089655eb8237790

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8570abdf1b824f9be0fc8434e1b67397

          SHA1

          aba00b01fab94af4bed5db004e71515b8724d9dc

          SHA256

          b4d35dc6ad2a80bc81575a2607736657cc0c89f415f9645c9b9205a95937c6c7

          SHA512

          79afa6f3863a180f017dce1d2b260cfe62d0562d3ba327f4d6800e8213dcf8c6d22b7daf6048ded22f21b1ffef29b70e9b841ee7c7ed25b5f0ea571651aa682b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ccea08645761c57a95d2819816890bfd

          SHA1

          5c4ab7ea84700a3763e67e420b67434164962b44

          SHA256

          acc54f987a8ec951d82af682d03a770b7677b871ff9c599d705de40f275b4d5f

          SHA512

          b79d80f2fadcdad44b1b88c62ab4ca64a40098b9b4d8e66f3fe3122b4fc343cec0a9935598953e2546e7190917ecbd7a4f4efbfa32cde94a35a3986e29db7a5a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d206496beb7cb31e0a6e8f469ecaef0e

          SHA1

          32dd293fba2b79cc307fa290f4439c3a3d783861

          SHA256

          10e68c5cbd28a396c9642dec8936326bde03eb6b10bf6879780078b7b815463a

          SHA512

          38200e11b01ebf6b234dae741d109a0efd34c8a22f24c1f05f795351ffdbad536a1e28c4e036fe467b1c212bdd9deb8d62a98d226d9c0f61562d797b3b1c14bc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          861f098214040e8d7c16126d5d70f779

          SHA1

          d98e7672cc5a5392f206097ae37aa38a32cdf2bf

          SHA256

          e3a650cce88327351c1fc9d4042d8703fd1ce2e657ddd9cefc4cbcd009492e6a

          SHA512

          2cdc284717f186d7a608d4ceea3929e698df9b46b0657e4f4fd7988ad73ce467fd3ec34ee4a360aa61cd3b97b68ace8c3c76ebb0b992986d05d2a8488663256b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          99ab8abf5afb4188cd09e4207f7cd27b

          SHA1

          6a7fb5078fec23daacb21e73c079260b861f370a

          SHA256

          e0414dcabeb4e00ff23f585286c2309c991b2308d21a69d817ebd4f1992758fb

          SHA512

          db339415caecd47faf759e43da1309a9f8631467e68575b9d2dd03150bc5bb074dd5754c9846f1af88e998b7a64218764f2c31f32ea4999b421c8ea36d687722

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6bf11f4bbdb61aac69f3ff3b2d95ad40

          SHA1

          e00c83d717c4682af2bbf1b395f9174939c4f9be

          SHA256

          137f573edd77851d1dc7f6a9afd4db0dad618a1e3de25347095a3753d56af44e

          SHA512

          d8b4024d6c0158c160855e4edf4ff3d962365677224b84d583cd4f9e92d2e80a606f1ec47ca361e20242b96cf17096c6c11c2fb4dba8d4c668896c5436bb85e1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          23333c73043503dc4df122af857e8ac1

          SHA1

          37d9a03cc64506a0c27e7abdb97613f7586b40f6

          SHA256

          2285f29a70275e994c3e1e9198b0a566088116a8bc57ebeebd58fe42867e64dc

          SHA512

          610875eb6d75662a2753cf9e2610a399465c1fd0eb6c475847f272202ceeabd86ffa6293efa88e4d4beb0b5e371f527433bf2af4c4b8b140d785292543846489

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3d480632078ba8e1241fb083290bd9e5

          SHA1

          d0c8b7e9b9ec0e0d073e8304689c4727ee4ebea2

          SHA256

          4697e2e0058f2f16359fcd41d30416aa4d0bc2161ca50bc8719b3f25154da788

          SHA512

          294645e5216f121223e2eae307fed446558de06fd60f1fcae565d0b1760a1d6e86ab60b73e3520bb9856c5af077a2286212fdd69e78941e9d5de1837ebc2abc6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d507e46a2121d4f6a894343b45eab674

          SHA1

          f766740ed58a71d7e5fa856a8be3ed06a9e49c69

          SHA256

          54f79d5dffa320be128ed5bfd7d5c8a134bb46d925b33b070210e94698607ad3

          SHA512

          4f6ceb7799a751db410300b94077630646915e81c71220388d5c07da63b3667e89021c94fae3e0a86b270a74ab020581fad0d921f69c6f5944df13841f53e3ea

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6e855a8d04aa11b4a7f99e2415c84bf0

          SHA1

          4de97406b704bc2196c3bc3f2f8ebc877604c850

          SHA256

          8973f5d616230105b5b22a4978a37dabf4f07b931c8bbb7f37619463bc3fca13

          SHA512

          72cf03dc710bb9d14b48345072bf4c04877d99486ff08c40abdcc053f1c8176640ac94217c9643ba4cdfb0c9431412454b1b6ce94a1184300daa8417e4e7573a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fa54cc7604930a83efe1c8ce8dae6217

          SHA1

          afa3d7315cbe1c651710403a161c137d4be422a1

          SHA256

          1d2f6fd575cc5ca4f7e49bc35b089dd18fce3fcffd40fb3410e19f899cef9346

          SHA512

          af2e6e69273495b90140f5aff82858ee33b41c1cf689107a5782484f7c695d715a9b716f8756c20ff2a09d04c9059aeb359d7787fd98d768f2ea9f6331260d6e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e44d86fc53f1b65e4eec1df48b1411de

          SHA1

          6fdfc851308b8ceb4dc585ecacd476136cf6f7d2

          SHA256

          5a67c7e3cb323e2c2630086cb37da8984f270efddc7bd0e0ea5157a5409ce53b

          SHA512

          79afc88642934cc9bcecb770988dda2501b56231ab8fee41925f1037cd56f615253eec7883c087f9a9275ca13104e33356073635516cfa49d1898d91f461eef7

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UA1HZF3D\audio-player[1].htm

          Filesize

          1KB

          MD5

          052a7080ea56864ff41cf51f88891a3c

          SHA1

          c73e62d2a5876480e10c04203d94713d53141986

          SHA256

          10384cd1980218483de796b19b1b9c1b9692ad96e85e3eb3994e8498ee4f3392

          SHA512

          be12319ae146f672b4d55f195273dbd9dd6b9bb3f4013f288165feb0b0fa9b4e88b404608bb46acac5a0f5c2a8f739edbf20d26e63fe9989161165f0593b2e22

        • C:\Users\Admin\AppData\Local\Temp\Cab28A9.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar299A.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a