Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    28/05/2024, 20:51

General

  • Target

    7e5baad25317a4a83ca2e989b3ade670_JaffaCakes118.html

  • Size

    34KB

  • MD5

    7e5baad25317a4a83ca2e989b3ade670

  • SHA1

    375140c33d3a77a8b311fbbacc34ef43acff5944

  • SHA256

    7e8501d741f6ba4084cae9ca36e135fdd556659c38bcff50e42d59e8bb3fd0eb

  • SHA512

    10844f51944d58fe9120151d5293c267eac284bb85e244ec823b12404db81f520e3679c1f8cc3729e7b09fb8e15c578e98a9da53f852deb63bfdcf43c953e662

  • SSDEEP

    192:uwvmb5ndqLInQjxn5Q/xnQieENnFnQOkEntDrnQTbnxnQOgPcwqYCcwqY5cwqYQO:nQ/0pCz5cNks+6HZJPajBW

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7e5baad25317a4a83ca2e989b3ade670_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1712
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1712 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2044

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          916a7eccb3712c4f5e18eb54a5413c05

          SHA1

          6a7dec7b36137eec39941735011137f43122ab2c

          SHA256

          814a56251de2ab06dc0769d7e241e47d22964b76afb1c7c15843df4ebd5739b6

          SHA512

          a4dc1832fc526f8244a2a08ca436ff484b83930c3e031766e5778593e03fd9e234d9e59dc0755c874995b8103f6b518d538b5c2978c0527c4d84d5ae2f7bdb15

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e16cefe408f84235f14af1dda3180a09

          SHA1

          e358a3a9b0c878b5cded8013eca09b1b5484affb

          SHA256

          8a9dc58d2d7eb9ed96935aff0345996fbeb0be8f99143270fe0dd65dcf6c3abc

          SHA512

          e87d61698aa3d3c55379084dbb12ce4336ebef61526c5252d2c512b02c008cfe2c17f5d219771d997873e38a862c07fb9fdb82ad16edcead93400d1241cebef5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4f7665ba973c308bbe0b8cd5717afbf3

          SHA1

          8088bf32586b8e140589ec4f9d9c3a7bbc4ebe55

          SHA256

          f53451e96541a11f33c9001c5acfab20aff557a1860a01b16a3023af70ff5729

          SHA512

          c8b3adaee92c2d5129bcf71c4aad68a71879eb805500a90316e18ff1ad24a58847557860f97242f6dc5536772f3738494625e493aec179f8f914ee51550503eb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          dda6f26450d76c8e2577505bb7d24df7

          SHA1

          fcb0cc2122b9e7043227b9f5f393bdf844698770

          SHA256

          deabd2acfc10669c99fea69fa3d9dcf65196f2a05cbb7f75928faeb8285a5bd4

          SHA512

          d43f6e830cc1a2bcaa08b0f898bebf71430602bfa8ac78b82fb63436040872dabc56c64e4d651f4aaff4244268e6d358e42fb7ec8e5dc84d5d8ea2329886a313

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          acb82555dd5444a0d8f018c957cc93f1

          SHA1

          c3246f00161bae0eb7222ffbf8752437fe2f0c20

          SHA256

          6f273b4a6a8a44f90660ff440bd3367d94c7fd7c31575ee36eb2f567dfd0b380

          SHA512

          9304be3193fb24796adc00b9ebe9acbccd10c31522454706c6458ff31fec3b5c9ecc0aa6053b95dd7af3e4479448748e2cdb4ae1d917650459be7da687358544

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          77ad8fcb7fe02f61f031816839ab5a13

          SHA1

          e6d5e42350613e55cbb5d6ec8d717c189da226e4

          SHA256

          edbd82a52fd62cf0b90983b42ded725b1558400ef1ebcf81786ddc6bfa84b8fa

          SHA512

          7240262b49b70127837e0c40b5a650dc5f2693d82cf95c160e5ff9cd173de46376942eeb918cfc4dfef4033e6226b5f27862f7be523ff4572a6a47613c1080ec

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          503157817d73fc74c1d53ea9530c1989

          SHA1

          43d853050629c7dd309663e7190d30357d3dae1e

          SHA256

          17cd239a8938d278e7cfcc00d2c465e4c11197e17fcbbd91686488ac00db62ee

          SHA512

          e99ef4b08f0d7e8e520086dd5b1c2fec0b6c14bd79312c5dfc5231614699510c57654bfe322ca1f31ad5999dca89426d415de91c54fcd02ea36e0ff4c82bf043

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7871dde996d226a15d18471362ff2b38

          SHA1

          c934c385d4dac1ae98cb7cd8519f9c64cf9c2f8c

          SHA256

          a4399566b32b57f3efac880473ac08220372373f282f0a94f444cfe98d304698

          SHA512

          e21939cf692895cf3525ff2008bdce9d98b7f126f4dfa2ad6e7a33240381685c13e5de853e2754547403e15824b30b612aa07bdbdb1c8717e537522a803e99ee

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          451fa8ae73b243f50348983eca7025c4

          SHA1

          6756c43185d2c835b3bef746f9c71774a0a42af0

          SHA256

          c1cb768db26d9cb9913180040c6c1c00ba0ba9f6b197ec93789e0e109ea0c2b1

          SHA512

          fb35dab54836a6000ee9255152224aa702a2fa038c77f0ea291a3130d087e32dd45532f3c22216e3a9b0360cc969182d3fa574ad5cadc6eeb3caaeffae4e6370

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3cf953788dc2fba4623177722b9df16d

          SHA1

          3f2762c98bec51915dc54291582a8d298eff9a5f

          SHA256

          d7b83825732ce2039c64b5e1186f2a04aa3529cabbe4f0310c57bbe315046dba

          SHA512

          8c5f04bac399bbab027f6bfa709a8e41795e01ea8cf8c7683387d69408a6c96752a9fed94d2298c78632cdbc8fe0b54599e647be3a6dc2d675e62d3266b3519f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          7c37d5497526322fc85643dbab6a7e03

          SHA1

          d4a3435c22ebc0c6eab140611610631ec6cf7bc1

          SHA256

          c9eb59d51028f7dc8ce0adcc67ec7c2a18fad13a21a14f156f3b629995e46ecb

          SHA512

          589193cac0e797c87167dfae53d655d2350eb1e6c5bf3d29374ba57edcc2ed1cce5fc20d4b16f5a4d32dcc2c87ee06dc7cedc7b1301c826c21e1b38b6595e530

        • C:\Users\Admin\AppData\Local\Temp\TarACF.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a