Analysis

  • max time kernel
    139s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    28/05/2024, 20:51

General

  • Target

    7e5bf0d43e688792f185d14a60e2056b_JaffaCakes118.html

  • Size

    72KB

  • MD5

    7e5bf0d43e688792f185d14a60e2056b

  • SHA1

    ce78dfb6897386357d2dfca70bdc2232b14dce4e

  • SHA256

    b1db395481a71e2da38b323f82c342498c732dbda765d017987306d247f8a5a4

  • SHA512

    2589dcb81980dd3b5e84efbe4971294e4066ffd398bd24295baa4419c880e738173d24711f3837d2106b32feae98456ce1512b686a102647c58ce88508182a48

  • SSDEEP

    768:Ji7gcMiR3sI2PDDnX0g6sF6SpZgf4oTyS1wCZkoTyMdtbBnfBgN8/lboi2hcpQFf:J3yTzNen0tbrga94hcuNnQC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7e5bf0d43e688792f185d14a60e2056b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2148
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2148 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3060

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3cf3c6e963eec658b0d2409584668478

          SHA1

          f79ae2c3c84c1d145e49a6c947e5dc522938c5fa

          SHA256

          fc565ace918744bf9820006b15d01018517d69b286dce72a537e360a45f49b89

          SHA512

          99298096e4f7d1bf2ffa85a77d276c29fefcb86653e40316cfda3a7ff7102df9daf627cfe0724e05e4ef32894bf8f7e6593b41fe6dba4380419d8deb74add6e5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          521fb8a345a73cc3178545bcf92d2605

          SHA1

          dd3a9bd2d2a0bb9994a1a263cef3b1082ca24fd6

          SHA256

          02efcce84218f465e2d47ec0af284be3bbb7dccd13333e067c109dbf601a76dc

          SHA512

          dd7fab9a85d27b67b555fb06c566c446efb2159f14d7700fa518ec68a78b569edf9a84a73830391bffe149bc5c05a3103d7fccf17052d88abe4fd18ac12b821d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7d592a541b6cfb36134704deae56a9ee

          SHA1

          c873eebad6bc8f1a29366046a0bf44f837b2478c

          SHA256

          b86e680fd9f5d0f76cbacfd62a6d78a4f9ac54d42736c20b06d89fc3be94d0aa

          SHA512

          ce18bd359e5e436beaf1e21e5c75a72c275156aeca3a96ab69bcf25865ba0ae3b332b5af8272c8175fd3e68a77cc389ebe390e72178a59533f9cf64cfb9387f3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          185763293e46630633574d8acca452c2

          SHA1

          49c3d5d8e9b3e9e692d540f7e475dd1904e9f97a

          SHA256

          56527ff6fe8a087540fd5134b4e200b6964d0c401980af6a350f56d384f29ec1

          SHA512

          1f150150795af947eb958a410dd3d7a3279eb96fddc47bd9d41e9f1b13029d6924204fcb6ab9e0ca7922c0036265ced8b7fe5c613fe9ce621e2ad9f6d5a4263e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f747d7046a45d7914632980286de44e2

          SHA1

          8217ca24685f0cead255a9c1375460fe8753f3c4

          SHA256

          e7d6c2b773d5b5593cf620edce4017e0cfffe3a909b74865c000e08850a436ef

          SHA512

          72ffa6ea3687be7606e212ae57a7f33bf9045e2a4a8a139c9759c215149a259f1e2eddfdf8646367121a9c18d5f46d40f091af7e0f26824c5fc738f8ad443077

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1e1ca0f9e9bb0f1d7ecf585140b8cae1

          SHA1

          371ad25f426313c7ac6eb109e8bede878e8b80a0

          SHA256

          6c054f7e6cd3421e88247c3163af228b232b8b209db9248168e52cc5199097a0

          SHA512

          389e119fc4dde2c981554da1f6d22cea2ccae7877fd8113e668e29078e39cffec682d2609edd17b5ea25b05c2c32f31aa87c9987de9c2db468d590146cbed324

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a517302344784b296272ffdfb62f7175

          SHA1

          8d56d232339eb6ab9c91bb01878811c0c5214e0a

          SHA256

          801ad3efd6587e1d74718f156a412223997632b2ce48c323048938990baa5d8a

          SHA512

          d64f469fddd4f55c2d3165f2c428798cb7d0ef149c5a57141f2144b7ce4b0ead2d97700fcfca517d52b83d2748581e76a1e1e3c5b79f52411d6d4aa2ff6ce459

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d1fdb7bbb56b51a348850df9e411f3fc

          SHA1

          21e6ff9505ec14ae2b6652b446760a3f5195621b

          SHA256

          7c900d3db9d687cb647ad0f6683f8921c7a17527d6db6600e2695e0971a3ccb5

          SHA512

          0cf6be685bb2355333def58e14b0eb1c35443c1be7d869eaa74f01be0a6fd3b36e24229f56595b9c4e16a87f8d7c0890ea7f22c1db02f8855b0407ff61d8c868

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9bef5174a303b51bb463d9a96d3d850f

          SHA1

          2f91275c21cacb297799283a91a0210546194769

          SHA256

          4b394a5d9d8186636e38911d29edb89b2a6a34eed04bf055345cd23ecb28f1b4

          SHA512

          cb8fcd1040bec03fa58162e5541ae2eb0eb1f1501fc04bf6a09d2d07c9bf117c97e9069849f38c6eecc3f3581ab55b8bd919821c14a59910f23341a095ef2137

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          681c76bee1d1c0ddef07a6197c8f5c88

          SHA1

          465f5e613c62b73a39707c2a00776a2a0ec12623

          SHA256

          508d68d59ab3a77ed0e27487cec60ac1f0db3d7eedc70cf391b5756a619018aa

          SHA512

          1f902fb3f7b862b42f8c29555b682299f0ef6572003a2a4d26178825182f32619f73d87dcd50e8b22238e1fb5b948ce71710bbc53f7a5d439366061cb02b9882

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f0014852943fd456d9ee8eb952594b8d

          SHA1

          ee6e561e0f1505fc238efd66872b5a2dff1a6341

          SHA256

          681688ff4cbb121f75167ec6f3f636f55dae1ac4e8cb78434dd9461f8505e1e0

          SHA512

          da30c0537d8968cfcc9b30072acf84ae6c379d156d56b1cf514a6b44ff21f387a0b2ade5ee609c6cc4a86559e7a70840c94eeea24fcb3ff6e863f53d2f4da09b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          219a84bda04e4b14e36d13f608110cd7

          SHA1

          e495459db4abc36bed82de21cddec7fa86d4a38c

          SHA256

          212acf64862866560a10ce4118383b7c9291347c93b30512ede3b3bebda4c53c

          SHA512

          f107dc3eba9fee60697504cc180f337040e7fdc15e5e5b29760e3993360df9392912329032e5a768ca2de839b8cd7841ad00ca3436c30802b46307460f13d10c

        • C:\Users\Admin\AppData\Local\Temp\Cab3160.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar3172.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a