Analysis

  • max time kernel
    122s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    27/05/2024, 18:51

General

  • Target

    7a26b64b1195af7e024dd0ef7fe1cf46_JaffaCakes118.html

  • Size

    115KB

  • MD5

    7a26b64b1195af7e024dd0ef7fe1cf46

  • SHA1

    a71569e50f7dcc9b48b79a66b76649b825e8c7b3

  • SHA256

    bd0b55221b2111714073d4fb3aa5fab4508ac91e13e565ee145d83e06e4142a5

  • SHA512

    946d713f64bbb6158ea8bdd57442f0f80e76af10f1e33d63b67077c2f7309c9db60bc78e78ecc9c3df65844468b63497804619dfd710c94fbfa86e6084585074

  • SSDEEP

    3072:Suy0PP+qQyfkMY+BES09JXAnyrZalI+YQ:SSsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7a26b64b1195af7e024dd0ef7fe1cf46_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2220 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2488

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a835cfbdfaa161fa3a4cb1d483e732d3

          SHA1

          e7cf596b7a52a5d960c81ecefef07c2e17dcfb35

          SHA256

          111baa09df799dffd443424fd8622dbf159d6c2ea9fb006deb6cec4ee930da62

          SHA512

          ee6cc14d1ceceb882fcc1d050e8474df8f3c8e80bd41ca39db0b1c317d02a0a83a9b6654c656678c2c7999b79be569c9d7e460107dd891190d41d4035e95b924

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          70a0c194780ec061bca34518a255d059

          SHA1

          58098bb11a52874e93d27eaab07abc21d1eb55c9

          SHA256

          91396f471abee18f0543d7198857212845c1c7fd241a114c0fb6086ed25877ce

          SHA512

          10f12828c54e6613015ce94595c6984c9632785ace92c98c68a77581dec47468b227ba0efa95cbd0f4ee25ab2372f1329a096a0b0e9b0b72ef674d8083b4fe53

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f81582dbb8ab224b071f312cebaa4892

          SHA1

          752b671ab497ae1dbd98e80c92d682ba6e0361c0

          SHA256

          a7f37ade5fc248e95e09b43b47bbe250a2eb5de3f55e322c88e450ebc331a185

          SHA512

          61ed227b3ce4f78d2fa65e0c8c6c72b970b61b2f533c4b8b6ade0c868b2d0d40921497232e57b196d611e566afb44dca24470dacefdd88b9c48c03248ac3b132

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9ec7b55f331efc8fffdc1ef2adaed38e

          SHA1

          e07ba3b6dfd5c08c23440d5eb7a30b28998c3046

          SHA256

          fc70685e9e868de294f367aa7360911e90b7dc9ae1f3f83c60d5ba64d20f8097

          SHA512

          32e2a0f9a676cefa4491cf0388339329f46122b44ec7d6bd31784761652408c4a339d6712830e17c8594ba1489d6da6fe2b14b68a349f56621a1868302afe9b5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4c5e159b4ed47b025162e3c274fab3cf

          SHA1

          4b36af038a575b6bb68928fc791f173802bf6b41

          SHA256

          72834c4682778285c7dc15c8e15b205a1e37cb60ad629acd09a38ac5c29bdee8

          SHA512

          c6c946ddb436c8cb24cbdec17391aadf6f905002d16ea73ad86258398d9408fbc49cbddb814cd48f422cf63960dd8c26414e45db3165fbf0abfb067342963650

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ec777fad3de78c6e964b2b2caf9fa938

          SHA1

          81a1be99ffdec667689124657014abb9fbfbe176

          SHA256

          51c09430266d506c1fc0734d847002bdef9a89ce60d19c8958c9f7024c1b30a4

          SHA512

          44b4a8ec9a9b7a709d56606255b9c15189f4d43fa86971e106190d42c18e5f3af11b921ff4c3d41c94c2ddd7138e5f23db9cd73410b9d25b7c9c0c5546bacd08

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8459f790df4d2890f49124a48da56ada

          SHA1

          5313bb8ab940342aa27fb9badd30a9a68da862d1

          SHA256

          19387182785688c3b4702d6c041f7152d2ee69b18724d07123501e0e92121e22

          SHA512

          a60f2de4eac214feaa71f5e627a7572d877cbf5cab878b06a3db8938038d3bbd21ffcbaf52cf45e07a0cf11b3f502950bdeedafa8048afffb7eb18fe96468e08

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4f020de207ac3448f0b123011ea31c47

          SHA1

          95156c297f6396bd2fb8255a822d94f6fac6165d

          SHA256

          d6be9eb9f5e0ee8138d15948afcae1b0f9c504198245cee5c35ef53750d1a329

          SHA512

          29a74aa9d65550a89030663f5be0123e389ebc099548ff4f4a0fe8fd885f880ba8981b9ab8cdacf4ee03e2c5417e96d2927927f8d6f0e304db14959118442166

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          593e0b3d1c6056c4d96642123334885e

          SHA1

          5f548480c53b8bc9b64c98d8df4d6db295edcb44

          SHA256

          fbdf10e8fb6e4c18ee5e2f75886a32730ad11b611b2c8e386d8fec1e062c896f

          SHA512

          2f21adf05e7e66b4e64524dede7e860f761fd990b4f887818f1fa6550c079bd1c49d3b4f0f189312875ce90d17eb584e79f16f746eeadeef46aa9515c3ec2ea3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          21c04695a7dc910072a53f59bc73abcf

          SHA1

          15a7741bc67040f88a0f0f08e5ddcbc3ede4cd49

          SHA256

          1d35d3dffbec9cbe92c863168aa312d63bb7c8b226843c554655e8c8a07c52d1

          SHA512

          693338e2259c9b8cefc69672e7e04cfdfea33141f996d5ff1da9b917bb561d09d319ce67fddcb30c4b2006be24551f44b3da99590bc86264b1b127498e1c85cf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ff37b397c4ec6e7ed2fa594be37e9be0

          SHA1

          b5e06355f2b084579ca7488081d6d6cb934c4663

          SHA256

          101e0f3ba078002af45e2e486e64c5febbadb37805dff87facd88b139fe05ba6

          SHA512

          1d75fec3927552206374b0323dcf99b732222b93ba27054f3e983a8eca5ccf42982295aeaf2b9a1d6f7a4e2e2b5fbb90acbdb739ca3546185aa65647a2ed308c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          666048b06fbc1604892afa3e9ff630b9

          SHA1

          7ca27d7d971a2e46826273dd1d1e5390a1b5371e

          SHA256

          fb72c18347534f22dc61ec0190679abebd74b0c38787593bfc8d7551ed25a2ac

          SHA512

          7d750bbc1a7aea667c18bcd552f0965df5218700c5706fa543c668e6e71ffb565628bb82706e6122c27c3e9da83f99ad9a4da9e22c6c308c2bb15b477a5c3758

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9403d958ae26c347f18b3c39c896b576

          SHA1

          9c6030a46bbbda618ad6c873cada02e95882174f

          SHA256

          12eef5c94bd1dea5ac6efcff894ce95fd9356796970449d217ee43e531539436

          SHA512

          a1cac87113252e9a4d305f6958e02f81f8b1f3a819c84be71dc576bf3f0265228b404b5c7c4a1348109014440d521f8c79a6d3d7fc4ff8b8b9afa1febe39fb0b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          bab740bf1401297f535fa9ea7bd80ce2

          SHA1

          074c50eed0248b4fafc1864400b8640e1b78af89

          SHA256

          ae2912a3b0d627b8f33a0a992f8e1d74bd573207d2b66a34a85e03b27e5b3f3b

          SHA512

          ae774002f6d07c7bb8b0c7b2536156011d8a03ba256b5c6f04ae6ee091a3a0fdfb8cdd6c2706e68d235de3d3e7cc2656e67b72dad65556638c7869f51ad6f122

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          77b1795204cac4f964984ac49f192d20

          SHA1

          64750eceafb277129a2f1436eb394cb7635b81e7

          SHA256

          04da3940ac383ec6b7d9662ecf0fdbfcf2a60d50dc62364c89fad984c9068ccc

          SHA512

          cf4cdb4b9ae3cf88f4483df33d75a5c806c43ccdb57a915cef70fdd47f63f5def2df0d8ea6d6349bb8f8b0f27ccdad8a6ae1e4083b364e2851d443c6ddb22f19

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0e2e6408e97acea5f29342756952d231

          SHA1

          b19360404bb0ea38ae9857a288bf35e38e8dcaa7

          SHA256

          2ec2877652c8cb03adc0fef1aa7ec2f4936353c41529e92208fce907541554fa

          SHA512

          bdadb90a157faf6b68c43ad4bda7e92d7097531984c3b84077ca46aa7a9030cdb90175b00f5650631a6113c519df9ba225ca2954a724c15a04d0ff9a54e794cc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ca965ec11fa91333bbca7d535eafe0c7

          SHA1

          197ea0e8df3f75f9baf5702cc6282e96a71d8364

          SHA256

          856e01e4f6c8ad4eaafd4e03f53ec864d7efad38685266d8d85cf71717ea953a

          SHA512

          a80d9645354fed4d2c98a5b5713a244a10cc4c5f1b615c030311c3957be303c984fbd5f44f2703ff9c4a9349da7e0d0468b62cbf19942b6c2efa175424a102a2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          63ea4a32baff97bfd221f171c65f29ad

          SHA1

          298fed7b0b33981152323f4295a691755d049fad

          SHA256

          240a539576cbf2b19004c684985afe8a4b7872f401afc0eeaa2e06c0d5902230

          SHA512

          3f2a9edfbf7d94cb207a28c715eb775e440064cdc138c6ed58f464168d8ac2879adb8cec108c11d2a45769946d83efdfe20ecfa6037c0d5014f95fac5425a137

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0d6f20246269a40c5e1df2c596c028b8

          SHA1

          bf897031e23646c46df4e29d58eceff30f0dfedf

          SHA256

          47cf082564346b9b8fbb4c964ea29fcd20ea52ad8653acf7affd032e3c7b35dc

          SHA512

          10f2a2bc1804499199aa919a4fa6896015e2c0f549f450dfa9e156230fb7561be402d90302d3f602fdf49cf2b2eec1dc53a6b8847ef2d1d170f7e4330557cd3b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b5cbbcb44ac4ef48756ec8742db04768

          SHA1

          a3c08763b5e816d0c486fdbd383364e83367bc85

          SHA256

          f753148a46ef2f3e163bc296405b739cbc9de93648e69d5a309f9ba86daea893

          SHA512

          5aff16cfcc0168055ba70075dfe6fab15b9b68676818447109ef2436e5fda361d30f1616fd61b385f2d9b54066685e4e610d766ed611f5e478471df67e0b6c39

        • C:\Users\Admin\AppData\Local\Temp\CabEA3.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\TarFA3.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a