Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    26/05/2024, 03:16

General

  • Target

    742b30896cfa9e504c8eef22d5727273_JaffaCakes118.html

  • Size

    461KB

  • MD5

    742b30896cfa9e504c8eef22d5727273

  • SHA1

    ffc7949fc0528f207567e5f9d34926bd1afb52b8

  • SHA256

    4e65ae1d4f8b50fee922ead40d4d985a71257549c123b92b32bd5ce560804c77

  • SHA512

    004ffe3fccec2afac33609c61e3a9101c5e02c33ec4f4f7eab66ab46a233d93eda248a3640bb977db591feeac276cd887111c1ab504334e92e9a124cfa782127

  • SSDEEP

    6144:SRsMYod+X3oI+YpQysMYod+X3oI+YfsMYod+X3oI+YLsMYod+X3oI+YQ:e5d+X3D5d+X3x5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\742b30896cfa9e504c8eef22d5727273_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1756
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1756 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1548

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          777b635c72e12664de5667c13babaca3

          SHA1

          c11fbff310f1b02f53fa5f4e598bd929d26dbbae

          SHA256

          0d2454da06167547f1f7a149b6198b04b53cdde5b73acf91eda2039663b9bde4

          SHA512

          e31bff3e553aa49df91a21ecc129324db9f4239db8d1da98e8198a5a525d50e43aa3b237abd814254bb0c3cf8f3b6afa847013971099455780225c9f840b3d1f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          09dc0eb4aa925ed8aa4a0290c4ac9668

          SHA1

          ab4b81ecef353702b7fe15cc56c54d7ef7f49cae

          SHA256

          8110124942d4276712810d8793c9515796a66f0e2c2485efc7e412b9d62989c1

          SHA512

          e2a12a57a9fab480733506b478300f1143f112504970276694986cc0af37943aa8f70c24ce69264ab1c2bc04485c04c9bd53941182ed806282c3c6e9206e9773

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7115eac449a450aa4340694b3f37f98e

          SHA1

          199f419f6c5eb7ece99cdb41d53198a2ba605f25

          SHA256

          4d4179f5d6c1dfe8933f2cc284c6b4441f9327ad15216a425e325a016e51d46e

          SHA512

          0ec7452774b74f4a2a477173dd9dbad15ac62a3226fa0cbb14e96a49118c1d79c97e4c41fb1725685a749b412b0cf4135d0bf5be76996b21408acebc9892bd2a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4e6a0fbf504f5af8791ee47d1f167761

          SHA1

          61b9b5205c3f9202f4a327e52cefcebdbf95c7f4

          SHA256

          1654b29d74d6a126de161fc1da6ff62eeaee12b893b783ba75f37b26a0554987

          SHA512

          691b99332b505fc2816247eea04b655707805787eea61bd57c6caa28022968c3b24b4b165bbf42cfb6184c5aea573853f82bb4ff86274b2f8bb626011bc47dec

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e66abfa761bdc42a83656cf3178a9428

          SHA1

          7f889000664860d6d2b2cca10d692cc8d2d33d5c

          SHA256

          1528e6af1eb6d230ad494097b87df0ac175e2c43892ea23384870da6aef0f873

          SHA512

          bb3a44f0cfcae29264e3f92ba3605d6650501126172f94041e4f67afd0776a2a8ece43ecaf84f72caefd8db1bfbbed7aca6da29dec32c4c836a7c8b7c900b5ec

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          bd5a543422f350c64403956afe3953c8

          SHA1

          9b76b7a4d668a3dc675da86daa3a1180c75704d7

          SHA256

          9aaebc858353deaeffa322932b3a3e53f25ec07db71571b73e103e1d1a048dc1

          SHA512

          eb309426c1ee34213f13a905d0fd8e33f2f8de4466a6f711b2f5a7c247145f9fb76117f51eb6736d51273e6fba04dc235e65df1bcb5e4f60900d500cd337699c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fcb5249e2bb4fbd75b24929041cae26e

          SHA1

          66c8849cfbed1e7349aee4fca6cd905396268988

          SHA256

          5d55fb343a9a32d6571070c109ddb36a7ba28a626e856fa2dc41ddee81589066

          SHA512

          346f921189916ad4631666bac1c3aadae059d0540972d973e91e0029ea557007c85537dd65f1632993033ccd0878f102a6e8913f2d5cafd18908dd44a4c0c06a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e31b4fd7c4a668fb9b9ab71860c05eea

          SHA1

          8c6314da790ab194a91300252f58e3cc0a41bd25

          SHA256

          21857f9c8e6424d830a3873bcabcc774055a9b2aa01ffab7b841c40441d17b2b

          SHA512

          140043d4141d77173aa2492588570abe95c5fabcc51e5d999b1504b557a3cd55984f15f8f008eb3df51f2aeed8ebe6dca037542885c0df6e9b5cc2a05b3cd5ae

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f967d75bc92852ff0dea57e4f9e1e305

          SHA1

          d5339bc8e3d7b3d105660dad3cd36cade8812dc0

          SHA256

          6be94fb7b182dc123d47842d1036d9db1811689e196dca11b6b90de593e5d8a1

          SHA512

          231af1b637ae33391a6c6d6ff99d5583c26e86c0fa6d7e06b8f8dc967797f73aaa149e0224bf2fa693621d9e49d59ffebd330b8c54312866019ce35912dfb855

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4934ba29824e69a915de5b7574222d73

          SHA1

          f56a99959cfadf68a1bf153d65520f75ed9cb6be

          SHA256

          1e87ab87e35d2f8cfd8a9fa8a7b214bc11b7ff5673593d033975356c213e3eed

          SHA512

          d7b0088d28382a188ac2045f2954fed31324c32999be4f7d8da614912aca602e3835c130e5836f864cf337b540ecb7e38aa5c223bc181d64f273756490ae092e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          11a033d8215d18dcdb776f0e7fe4d8f9

          SHA1

          39369b763957a0fed7a5c1dbbfc9bfdb840ffcbf

          SHA256

          b58ab3872c369d13eb58ae81cdd827bda65da44cae19ede9efdfd463aede9534

          SHA512

          8f19610f37cb0c28f5ee3484641d0604dd5e02a808660e438f484595c29c4ca9f46d082863ad3785fbbfdf4b837726e51b6193abb90149f8056188a1ec5e271b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6d28b4bc13af0299f1701b881a798a2d

          SHA1

          781f4bae5603e9ef4682267bb7bbf29ceb940739

          SHA256

          f776d45d588a8f78875ccfa6cd78df4323e95025b46af1d32fa512774beb8e00

          SHA512

          b83b9520085a4ae871a7fe17df0fd25572bd89ea285843f16dd1d1cd132cec71f1dc3b011fcb6db3febad2f45337bfd36af827718bb086b8450fd61992cb5d84

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          20e0517de085d5184de0789dde552043

          SHA1

          8c39f7bbf97dbbea8aa0de28be5f2b3f094062b3

          SHA256

          35a64d5545802c97ca8e879194c81d0a0cbb71b44ad169a0cc5840ca23f9da3d

          SHA512

          a8a95bda480114c56509258edea56e10b8974f4aff5ead49196bbae131cd988d14d3c73901eb074c65fa641089cde171f55d542c73bf791bb41a9074a6d60835

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c0fc0a6474431d55627672ba2d9e42e9

          SHA1

          c5bd0ad08bc7b1f92fa3891eb2c71ad20f693cde

          SHA256

          b5a11e6b593938123b9093eb852e5097cafdae7dc7a7126eb4ac2862b4553189

          SHA512

          00676e3d095bc8243f545e6efdd1888597b7e735e1ffb0cfeb377d267a893c398c6497f657051f338931ce23e05b0631bd3d406518a87eceebc5a5e714e990ce

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          67bdebdd3eec17ded38629dadf9bc20f

          SHA1

          c8ca55c13d4647039aac2322d7972f44b3d74b5a

          SHA256

          f1badeaa8939d054489373e3e30fcd11b56e32655f8534b96c75fd1a321e4de4

          SHA512

          fd1fa5a8999673ebae4d5593942bafb195720313f2a6e0ae84d85b422ea5ef3c4ac5cd7bf84f76cf1322adbac7220f0780be827e7af05b1fc159c7af0a9aa1e0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          080cfa810846e7867e53234630bdfc36

          SHA1

          b93be7bc7741571daf576e59181f210b9a36f257

          SHA256

          b6edd765924b008e9d7a9e74b51c7b7eb1c105e2e36f828bc82c9c977f83def5

          SHA512

          ba7dd144200fd04245bcec6968bf0e9943243e754ff719a888c16e28bdf723ac1c866b566777b8336568853b4bcad221b7b95ea253d7719d632e9ecc868b4979

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          628e788e52cc85d211944d36df5194f0

          SHA1

          b2d0b9a7a08a5d72921de49fac8f29f784dd7882

          SHA256

          a27506e2ef6730a9c2f96f841c66ca2677a3c27a4b09a016afaf1dd2057897f8

          SHA512

          e15c5d937c20040b3f03c532acedc51f7053385ac39b398b3113dc73e81c228af69137975c04a1664ee354e56cb000c9f14660e94ea211ab3b64ebc264d8ec49

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ba1994498cd22964056b8e1a0aacd2e1

          SHA1

          a90fc214ff83c8663d0c04419ee725d743fddd23

          SHA256

          d9e30be9180b38886994ee670ba3dd366f7f6b5445be6c48894866404970a6c7

          SHA512

          1673c448ffdebc035ab4943955f950dc5eb7a8b99b3be16c42ff8445a6a1fdb3748a35ea3a52310bb1e4f04a65d28e9ad3015809259ac55c7f57b2711066641e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b732f97dbf99a5aeb8403c5b96125bdd

          SHA1

          5c8faccdad0eede33c4d7badba8b6f7102739f93

          SHA256

          5177ef41128f2dfec5368e7ad0e8db603848d7f17310144e02d18ce2d9b1c8a3

          SHA512

          f2d5bb9650e6af5f181cb55bd471caf5ae0ec23f5bd673641af32e4057ceb26dd5b04b0104d269b6e839280f9b97037a5f43b9e498acb691d0cb5979054d374a

        • C:\Users\Admin\AppData\Local\Temp\Cab566C.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar574E.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a