Analysis

  • max time kernel
    139s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    26/05/2024, 10:42

General

  • Target

    7537b54097849d4a3cc467260773e406_JaffaCakes118.html

  • Size

    86KB

  • MD5

    7537b54097849d4a3cc467260773e406

  • SHA1

    c070c4a38e1d460916dd7b572397cba83e688acb

  • SHA256

    95be42239ff09de6fd209d5f195634565836cd87e8f10a8d9899fdb0a7e298ed

  • SHA512

    85d0c6c5cb0311b28f0ae92318cd704a9ab686428c4aa7215eedc23a5b03aee40f968c80f4b27cf1d7663aadbe6e46d58559492dce0350804fdcdd70f209aa0a

  • SSDEEP

    1536:8cEeCbD8Qhg0Sf8cBoAvPH6aC/F/2W1gsY7CsjH2Y7WRqbsGWw5I7vxlFk/S48JI:2D8Qhg0Sf8cBoAvPH6aGF/2W1gsY7Csh

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7537b54097849d4a3cc467260773e406_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1232
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1232 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2372

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          58df79bf60658e74bf42e6e768dc47c1

          SHA1

          fa9fadf219d7310890d87f0287f23a8bd16e6c52

          SHA256

          71251d5a8e35112e8c3ca55fc4a2a104c7c79582276c51acd90cc4f19d652e70

          SHA512

          73948dcdda820882fc887d476180f5ff3eee75209703bad6d91b91964cc57c7bdccb1e5d7c42f4482a77fe0edea99b9c6a01055ae51e8ac4febf07e6520f1104

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2cfc6b302681698104ea33cd640ae3f5

          SHA1

          725f1ce6e68c890b86d9ecdc75ebe01be04400d8

          SHA256

          fa85fd0201fcb70fc22865de1bacee226d967eaa89c7a700090130cde89e2b11

          SHA512

          7d7fd6efa53d29b9218200b9e7297a8edb9d3b42e45e3a03e323b13b7e9c7122b10375a565a3c604203631ace354e35da870d4715d34f7eae2af9bead2055a2f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e0bfd591ed99c93c92310aa905c4e6a0

          SHA1

          68587574915d8ffc04c3df7d2e5169e3a9a4d495

          SHA256

          11e8503b8666a4491497c2843ea19cefbeee39cf965400d74041d01e06a7dbae

          SHA512

          c10a699147b206c36070627d133b49418a3d38bbbcafde3aee8407dc4f44f66ff058a798eb7d7ce6f485a35f1e6c9a4b994d80480c130f126d4bf832177681de

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          70a0b7b5a32a1fcb9795b818b784c95a

          SHA1

          1113e09f7523948f2585aa426d387fb013edbd53

          SHA256

          a9f825aaacc0fc4937617cd68b864aa3fcfb02d06ddb02cb3486cf379292d9ca

          SHA512

          e4a280449ce0d70e7dcc4715ed6f0e1122650fa252e910f19b868b068adf971a24692285bcca825c3e304786fb2543420bcf80748ea4d66e6643864f3e817a03

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          45431458b1b9d7462c0da98738440bb9

          SHA1

          fb13ffe8adf84cab7bf393587ccedb7a39fa3f73

          SHA256

          0d682c88d7de58ee6a649a7cdfbc4fffb947c2eae17a871bd674f06c90dd0dd3

          SHA512

          94b6e49eaddab93e41ba9ca9e6647c596f56b7406e9ecae51ad0fe48d4156a1fa63966ac7d78c325e2569e8de3cff65cb266abc85bdaa1a71fad100e8dc790cb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          66cf7e73f3b363681524cf11c2383966

          SHA1

          4f34192c1c09f7d282d5f73c331f085add34771c

          SHA256

          7fafe347eb1a0e9d599c5f7a5a535fc6b2510a3fac9e562882b29b782fa4bf12

          SHA512

          8de102accbcef80e7ad62ff8ea5adcb5afd01ecc9f76e0ee9f665c9c7d38a9e8bdae48fb0e96a784559066534d52bf3d0a44df69391b71f3149ff60cea9b94f6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b83d0578fd19c038344252c6371413f7

          SHA1

          6a60b2d784088edb8233c88a23aaff7a88f5d0c6

          SHA256

          5e2849bb986fdbabb4b7a5495aff4832f5d65235e36e537acf6e01728fc73721

          SHA512

          e1f940669e5d08799d48ff5b734a37000466c1c8ebc1a4f0d7e058973751d38d45edb9c0aff7198215aff5a3918a34729e28df47b9a75b627c1571b28fa2215e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d7293c395033dad26683d3630372fcdb

          SHA1

          15c962269de13f8d0905d0c8300b0b26bd7f65a5

          SHA256

          1e741134b150ee5268569bd0f8674dc065bc8f67c34719983e0e88431dccaddc

          SHA512

          2bc3224ae41344a6ffbecd70e609a010468c71f27c5c7cab6016533fa141ac8303d11bf0e7f5b3aa27796adafe3c74cffce8297840707d5c9e3875af0f309efd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          bc39b515d61683f256056f9c16000947

          SHA1

          dddc4f99135ef7adde2d0cc9dbb243e7a4e848fd

          SHA256

          b98a640d6eb9599b77870ea6e35e027bc8b745ec3da932ea1961a60f1f0f8bde

          SHA512

          f2e06ee97e7dde5447e767881e3b65ee6306cf6b5b2693ddd81ca8eb41035e30828ede264d8b47446b3773c414ca8d440ed382ca14599546651fa7c84e1ea78f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          43c18994164231b6f6035853df228e17

          SHA1

          fe5a2981f47348958f801f1f71fc02eba8aca6b1

          SHA256

          43f8025e34d0e0c9813ad786255b9c71ed6f26264a0d8550dbf988e11d873a30

          SHA512

          f4ff16487e978b7e76703b0b9767137616f80b3af432ea2d9b5bd7e5b166f92348932da57ac4b3b0f93ae33c14ff089b9fc0ce92800c4b78c0eb76984cad2633

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          53dfed263e097c71e3673493e18dc682

          SHA1

          cb044b474bc6f0acbcec58318abbb1a9ced4d512

          SHA256

          78f457ce1c02287d95c1f2bfe7c15cf52999c502287eb2d615e395fd90575d95

          SHA512

          f2855365eea4d1b8ae795b1270fb25bd614af508df5c317c61aed950bf6c5eb1b0c920b96e4b99c137895a1909bcdf416163492d0302409babb96315a1198c49

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          30286533d1ef8fce847c5ddc6c0ded4a

          SHA1

          92a4f458718d565930beeb46d7215197d568e213

          SHA256

          87b3ad3695cf77b4176149a94d456ececf7d1a0193d4a5063d4e4d1f0c32ec7c

          SHA512

          e8c46dafa658e902d3aace82fb4936a27c855d9d3cf2afa13eb42e605ec3d499f26b4ee1a9b60bb79ae64a42a558c1737344cd319eee7ec95a121e6426c6e483

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d6d1e00e53be7887190d1269b70af3a5

          SHA1

          60464f81b38c0778933563866c9f8cbe3d236044

          SHA256

          de68d59280351216c295f6622128dbef2fb51008b1706011e9e42d1a8644b77f

          SHA512

          259b457cc85e9850fe981dae9581bb8d5b53caf6efa738d17876347ec12c601c8714e1e622ab3f35f24abae8f3f9fc09ecd990eaec9b2495b369e7e2049ed079

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c8dbabea25575d08f81a855a8d6b27b3

          SHA1

          ca8b9e56d184cd558f16ca8a372c16a5a153344e

          SHA256

          d74f53e880a5dad9d47b6b31ad7bd0005ec41b845b7860803f4f5be30fd3d67c

          SHA512

          166d168b69d5b5b6f9a401fa6151b7cb9a9c478ecc90f5c75322d4c50191d89940d657a14c315b3efb8b9c92f41ea24565bc89b3732a91c2e5d69486fedb86ff

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9ce70d41be89daa802fb4b332653b927

          SHA1

          1ec810516765abc90ae607231c103a53a3b0aa13

          SHA256

          793af40f83f81b3f35bbc18dd5220dd25d9f71c9d2c5e6d8c0c456f3ac973d97

          SHA512

          8020000defcf428d003c4e83e277ec4e9c2f9c4a91d5d10f23abb1f87e9f4eabdd6bee761b6eb9ed85045f3779297dce3be4259b126f5171f939b7ea23d3a4d3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f8ada1a627f48d576c8fbeba1e9d06f3

          SHA1

          4c6e9c5026a0254b057b1f38892500c0feaf5ff8

          SHA256

          b4b6f71aa4555dcdd91e1fa11f3ebce11fb8bd8dc348b9dc897a08f65bc0ee83

          SHA512

          4add10307ecfdc30000f293a18475fef7872f8ded53ca1484768f3e8bfc7f5818ebf7c5e651689ae0e25910f99bae152755a37c3ebfb890d7212f28fc523778f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e22d4efa4152c5d4883a813b448285b4

          SHA1

          15793c5a5aa6627c6f73de8686bfe36c33157688

          SHA256

          c7e164a2486a52ddc672fd73fb81b0e969377a26d59611afd8e2e5085e1b09a0

          SHA512

          dc6ef6ee5947c2862d76bbcf26284104a2984e3125d7db801e62239fe9939a15e02960b7cc1d40a4f937bcee40c3d32586391af96c854fb41dc75451ff3010ea

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          28bca1694e49f392d0fb48d39404ec61

          SHA1

          8c2bfbe4c9c7377b694acffd95e82682768d00b1

          SHA256

          3e928084693ccde2455f6b3a1163966a087b52768971cef14a0aa8f1f5ed5251

          SHA512

          33c1af46bfca7cdc60d633013319bd2fabafa907c38618de6ee7d419ff80a5c193514053987559372b1559c9ac84585d36bab3a51a5e5700f0c9d0e5d3f658d3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c72b5a769b63b6163954e0b8704bbb4c

          SHA1

          862dac25ea78236d64ea47e2d234e4d3a71ac813

          SHA256

          ab8a91b19d5a8ecfc95d02306e83f58a84aff34836ff4d03eb9c244a701e120c

          SHA512

          81b586342b5a3b57556efd50463c1c8fecba68f7d92f2b60b6c6ab7734a29022c4a47e2c8d71c951383690ecb0dbf8083254fbeff0b4f793810654c0cc107372

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          20a3f346c158d3aed61761f6621983d3

          SHA1

          9b23edcf695489a107ba7fd2dd6686b93d9afb5b

          SHA256

          b57a398e1a5cb7a68d32790d10a2c02959448f69a34d5823cdac4f7f9cbf783f

          SHA512

          5dbb21ca9e5e2343ca302be7c337a20f3f7ffeed5ead666e31a6cdb196472083a7ccfda2ba70fa6e9a48ded8582d3c76ec1b568d651d017927a84a94cf16bcbf

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MEFTDE7Q\ad[1].htm

          Filesize

          4KB

          MD5

          accf5275766baa211f514be52c4914b5

          SHA1

          fe21dad2cc392d278ecf2e779600058c9f91fe86

          SHA256

          dfa83ddd3fcc3952523d16d13cea7e4c36ff335cf742225ff0bd89d3e2c18d15

          SHA512

          b76064892ff830f0b566daabc789e694b23f5359889b5e440c67358f50fc83d6cb82a2256d09f148044f69d621aef12d34666956c8210331bf3d26e367146177

        • C:\Users\Admin\AppData\Local\Temp\Cab4C3D.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar4C50.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a