Analysis

  • max time kernel
    118s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 07:44

General

  • Target

    7ffbc00c6525919b3958bbbc02d35855_JaffaCakes118.html

  • Size

    460KB

  • MD5

    7ffbc00c6525919b3958bbbc02d35855

  • SHA1

    3ab322d74ff01e0833ce129992ecdff639e93f57

  • SHA256

    e747dd9bce1d190301549dd08c30af404ca476504e810ab12e80456c307b0d10

  • SHA512

    0051906e60849cd3c861a2dfb6623991a3dc5fb79278ae322527548412974a0ce713aef1d7d75ae589617c220bc55f057c8b597227d720441f875cb18d80a4fb

  • SSDEEP

    6144:STsMYod+X3oI+YtJQosMYod+X3oI+YcsMYod+X3oI+YLsMYod+X3oI+YQ:w5d+X3X/5d+X3k5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7ffbc00c6525919b3958bbbc02d35855_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2356
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2356 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2584

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f88b3a159d82bf2d391f44e748d9b370

          SHA1

          db0147af79d8f2f56f6c03eae3560f66159ebc15

          SHA256

          3b2c03488cc08069963a441157ee4e05afecdba06fb520b5d30ae38d01ff5897

          SHA512

          15fadee1a7ccccf40e58bd29501a4e5635efcf3aae33eb5fe7be3dabb6cd216737c9d3df066561cbd17e39582fc9dcf60e8f8c54615954ceb83cd4a7a8f61ff8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          65eea398ef5520ea3ebf7812cb93f482

          SHA1

          161be96d66f8fe73408eae4f5f423c9cbda42a64

          SHA256

          8f0e6521d3ac53996c900a5e0de1b10b5881b4744c074401d7c33d42e661504b

          SHA512

          34dd2ad3b4f3e84d9057c74015a88876f9f6df27a3358a42e523ccae251da8e5d35ba2d1ea6ae7ae3365180b26ff7f4178162a38d4c9bcf4cec5008f2a4abece

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a3fbe116e747cea1c5e1de1ad2aba392

          SHA1

          add410a383bbbe83073af411b076e5a34f04114f

          SHA256

          22cf9d5d4576c54694d445acb4525bf48d5fe8ccb4955e79072f41de7565661e

          SHA512

          7057f481cfb6e645f276934c72f2242b7a3b4bb0c0e326e6256de41d1dffc2ebb1727a918f327aca381083334d1842a65bcfd307f8a22f9d0694252bf8431022

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3e96ede60da6f7c1082186b35101c292

          SHA1

          3a6cd3e1650b1793805ff62fb6e7f4993b31994c

          SHA256

          37e8cc60f004adf68a3524aafcd2702a9c7b2a0783401105913466b38b779991

          SHA512

          d6f378d7b23ca7210eb95c50103eb2c8cc26b36c750415b127adac789365d8255761866ac676bc5b2de64c9877610db7b5d3d4b667ac85e95d689487a83b1ed9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c05c73abac076cb2b673b76c0c44d9b8

          SHA1

          d0ec2ab59b1d6759e8cd48bc5f414fd68fc56eca

          SHA256

          5e8adee5a7157b025b4215264ccea4970e05dbe3542da2688d8dd4148d673497

          SHA512

          e61ebbdcd135923ab95bc043c2b72c347fc145b208e2a24b47332fcc00ac8ab5f7b176f8e38aff7203d07a4653c11d55f0dad4ebd3cbfd1ed52655bf7787dc0b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          94a09f2024405a5f851cc63569438a3e

          SHA1

          d74b728a36ef934cac8d23f2b0fc8ec32f3c766f

          SHA256

          238c0c3199e5a55d2bc88c773c7f5d729ba14ec7c989bb96e9e21ec9778530fa

          SHA512

          5d40c7dcab3570ff48d42b4dd510d7a4363164e90ca2e152ec6a2aa6170c8a80c7936e552b30edfc3b408a14bc9f16406a3290c29f7b98de8356d0d360b598e9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a5ebdbb7c9e78464b21c5409271a3cbb

          SHA1

          05f1d5c69c444bdfaab8ed175e412be0b9792bac

          SHA256

          719c1283231142d471cf7607576b31d090388505f14619dd04362a357ebcdc2d

          SHA512

          17afdafbba78c5557131ab653dfb3b14728572de76c48a3bd45eb8bd9edc31a611ca386b2e2e9201c79137364339fded3537bc78cbcbd6f9c4f3a73c2ebced49

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          088f3a98b4f0f32bebef34c39ad96b1e

          SHA1

          69e4bab3e9a57595bf4250ab96a9952a466b4bf0

          SHA256

          5379b2476c8d3920473e94d89a1e9b87a7e8020818734d1a057a773667ba401b

          SHA512

          a27baafaa586f7a0a7ac0bb20a774c4d12982d18c6623a0c3231b98b4a3a051c8a525daee5af419815f61402f56f75bb4b350094bca5621bdfca2363cd7bef2b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b57b67f0419792e825868573dff2cf64

          SHA1

          0b4c7f9f185ea51fd0cd37356eca4d5e6999c030

          SHA256

          1a3a1c17b0220843e0acc3baf54176d1a97ed18e461534c98e62c29749207be0

          SHA512

          800a9b8c60527bc73ca4d7ef3d1ded47a7c6b537c101776cf2b9671960ca1ac4e5cac81cc10a44d0d6a74e3f675d5818b62db2739d321a825e2db79c2b642e91

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d01a63d2cbe30d8e8e988845ab11113d

          SHA1

          6ae5fb3fd62d99e077baa4460d16bec5e9b1d3bd

          SHA256

          e7f128d36a33d378cdbfb6e07e04f28ef5f0e73ed171dbaab9b357e2bf234517

          SHA512

          b2a1271df16f68a921adcc614858e7845c5018dbccd72a60d2cf701dd6f63dcc0cfb5ce2a49ca2c04a498139d11445c0c2114c2d902e16e7d8221c1236e83655

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9b7ae779e9e0ee2419a780f3c3c59765

          SHA1

          00db89f5ba085524d1f902fd3d7a12c99a7e9aac

          SHA256

          56b80510bcf84a225d4ef9ff775f1b39719d19321335e699b3a7f4d583736ae2

          SHA512

          a8ba175734d71f12a219e7022ff76d0ebf1889f0916757b3f00e4992bc50cb53de4e6a617010e5363fc4334a2a1bd1bf9e5f5f838e8b6925eb275823d5e8edca

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7776f9c9e98587997de3d08cf47a4c3f

          SHA1

          a969a7c86c5e071b564f8e8a6beb8be0e79e3b00

          SHA256

          a176705c7bef188b29c145ffe7e1775c39b719fa2e1e2c19b7a41263e0eb5c1d

          SHA512

          bf179df6ce78d86ba51468aeaed390c1ff85e1940376320d5e893368852f8e05d623e4409cb7c72b3fe5ae551b384800bb9d9c0f284099bed5d8ab7e50991495

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c91be0e3ad44e21e7a6457f49aaebe08

          SHA1

          44553dfac1d64ada7bc58ac2870ff32346481456

          SHA256

          4db0d3d4b75153b05cfce015d647165277fc47196b3a79971b4df34b928aa885

          SHA512

          7e8187028c8380deee851daa9da44ea3aa3e2ab5499300099bfedfd8091db3193ded4c7714f8e49eac10093a256a356333ac17bab3f8fd075e684c04cb6fec5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8d3bb1fb7a17fe2a792d75f71421c25b

          SHA1

          d32803cf3bb3b568b51716120d315d255a774254

          SHA256

          5fe02123c84a55f49579383f47de83c0ce70f18e6335f73dae71d6620e5fe0ec

          SHA512

          60d0141a5a8baae02b1b2e218b4463cf2c204a9ff4d456fe3fcdb9032714f6c82fd6932f123ea5254e3bc70f0ba2e46b768ff338684408bba5b394de866b8c01

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c560141167863c35c70faa5bf0745832

          SHA1

          e24cb29b9d4c20139c73bab438cdc27d96d9f957

          SHA256

          12f661b37ad64bc6d65f499e4a2719cf682685bbe42aa44f764f34115a348a7c

          SHA512

          ed3d89bef1ffb85ab4a2b3d08feadc2d75a653d47598ac15a7c691501fbe7c8a96267ebb388cca594cccee71f024dc0a30f3127f2fd8be1e0caa0d1682a0d25e

        • C:\Users\Admin\AppData\Local\Temp\Cab39A9.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar3AAA.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b