Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 07:44

General

  • Target

    7ffbce8ed4c54d5296a039c9647d6db4_JaffaCakes118.html

  • Size

    213KB

  • MD5

    7ffbce8ed4c54d5296a039c9647d6db4

  • SHA1

    48756598c1c7390045b93b17c5f6135945889178

  • SHA256

    42463fc5982d7b00062ae935f6a63fa7e2aaf5cc6b6dce68de5c3f1a3a6898da

  • SHA512

    09ebd7c528831bac4e66e9a0c208b7c6d294abd28abf3e2346ac2a186207862f418a1c9ab8fea23b99501a991867cd705c2f1550545750e28e3af5f81fb4023c

  • SSDEEP

    3072:C2ks0UzBSHmAlqVyJ0GisIOJ0/2iaVmBd1iTWbw6uRpKjFXuY39Au28C9h62NWaS:C2ZV

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7ffbce8ed4c54d5296a039c9647d6db4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2360
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2360 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2112

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ea05ab4faa472b46c6297346439785c4

          SHA1

          741bdca74f50349abba8b1fd19b23cf0fa72b1e5

          SHA256

          4a9f1998a23ebc9f7269417aab8f41cc63a48457b012213c20648467c7552d24

          SHA512

          382d80fd8fd7aaefae6f32bc67d9695a29e27cedd73f9bbdd1dedb746a0d358215db884a24f015a09339e478471bf6d3c92200e9d38e2bf2e3e21d4afc6af58b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a13c2680bf2a78a3f04ba82dd2141536

          SHA1

          f20d101ebd0a0660bca77508699614fa0978d268

          SHA256

          a623f4d38f0518d55bfc7d03b658995ed8948edc9c66ddd015a3babe9c0ec71a

          SHA512

          a9c8b302844bfbc011e546b1984094152385ff3b7e26df52e38bfceaf60616a2cff2c7d60fd82b98a6a105996843af862aab47b47c43ecfff05508322ef795fd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          443f9d2d52cbb6b5801b00b0e493f969

          SHA1

          906fed93f8cb3c22e74b084de534032d298ec48b

          SHA256

          b64e716e08ac7be9dea37d390b31e2578a01fac012099bf4f43239b035266095

          SHA512

          d2b70d3802d84331e03aa18dcf510f81b849879848acb1d712f885ed7651ecf6bb0e02d73b6e579f51dc51506eaa3fa1568b1d4908c6928f6785e2f0913926bf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d20c21744cfae45f2b7c0b9d96ea58ad

          SHA1

          88575fad243d19b9ea8ab52b36051e08a198d476

          SHA256

          d5802b22a17b39379e9a47120ea0feee13f1b58986a2bf1d0e61a766645bc76e

          SHA512

          4dffac1da96a4a9f4c35670011bf6081e598770c217249fcfdf1553f1dab6e33f20ae02acb01a3ba96228d4d113613ce82aa756bbe8da212814ff715b7a403c7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          88a865da48e7f2c4fb90dc5e8e184b3f

          SHA1

          5569aeeb3bbd4211b05ef5988168c0e0d33bcb74

          SHA256

          c12a817fcc8658c112974c955bf7cfe3f31a504a70d217b134b94ae625ebe4a6

          SHA512

          f7fa54e44114dda1002beb4578c784e2190c70d7e2b8330a9d2393bac7e290c1d5a2f56e360715c4a85a10b064890112281edc27f92c761964d03d48dd903f3d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2921ed2c46a2f89ca4532c05fbad5cd5

          SHA1

          ba87257fd062e28029c6dab8e14030f0084fee1a

          SHA256

          c70dc1d1effbf47f1c0d92a34219b6106dfcd18945f07cae67e5ec21be89c59b

          SHA512

          886ee8451017db83e98c6df43f12840301b08c200dff39697714b085b70809e0c1ace9fa6c096706a36a34cfe721906529b5239240ba7ea8e1ded354cd618643

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fcb61b091e993bfa461accc4d2c3f2a5

          SHA1

          01b60ea5557c440e295947209d8980bed7cdfe88

          SHA256

          f3b968f9912ef2e1628c7b4b9a5c3920a50f8ecdd38bd2f832a6c75e52901bee

          SHA512

          2b7cab3c8e8a36f1811396e36cda78b8e50b4e3017ab77df78ceac0fab9c9e270483ab05a97308f1a3bced00380f7ee1608eb4ce0ca7402b9d7baea161b3ce16

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          dea9728c7885440320b4c8a9ee2595ae

          SHA1

          9395d0d151baffdb34a19a8ac8dd59d8a17e1135

          SHA256

          f882a80b5a36932cded5c9fa43fe7421b9fcad8830eb9165ced8bf9856484d92

          SHA512

          5da58ca5f9613a4e75ca27cd17883bbe6e520804b8229343709a1db1ee23737bedbf212523e3aebb33348c91cd27a108f1eac7dce6121a05563d676b308a76dc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a3fd22f7ecce39de1d19b55635cfa3d1

          SHA1

          43868c74324f65240dcbd2cf992b975203a59976

          SHA256

          733a8a55b80e81c46e03860782eecb9487915023f511a655d237b1f28a1efe7b

          SHA512

          986a0d9806f02d9b099a4a051902b9a70484726faecf7c4361226965e5a462ff85c1f2df4b364ef7672012fdd769a4015dd15dff0d6d7a3aaef2280a7205fa76

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          af5bb2a942e41d8ed5250645ced48cd2

          SHA1

          cf15ea1fc0b3a1648d22ae20ff9f9873f0b92b46

          SHA256

          35fec13e3cf8f4b97cf151c2e35182c0d3ba0723a515da999dcf9bb5f39ef523

          SHA512

          51ade756a7c3cbd0c4f116b7393c59b2d55143b611db725463441097ac85c4bd412abe9e2dda4161eb3b83f2840ad4cb49cdb191e35e03ba793825f8c1f44de8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8b7e2f3a79fcb5b0b260ab0655d7ada7

          SHA1

          a08d86925d0df1abb41462ec37626be95295f50c

          SHA256

          25bf15d369d5d9f42cbc3e226ddbe7abc9a50939fe24286c3687b32e1a01a341

          SHA512

          c26094b5ff7f16a2c153568bbae3bdc8976da3cd22216569b77fdf1343222fb7f8370dabd1c8e879849ed77a357f828fd500a7bf5a4ebc63ac6a8f044ecf0c51

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ecfa2b66d266b375578b34f7076e96a9

          SHA1

          5b33c1bdbb8a06889ea6b5b0619833dd446b05ee

          SHA256

          6f2e82bc7091b8964bf9f3a2e016ec19ebc87ba99125566b090310c84779c638

          SHA512

          a6b5e3ff0cb2d0e7def871ec8fcd468f73d3be1251a51967892aeaab607b8fc1cd06abf98172149b5f15ea9d1c290eeccc996a1288e5d140d2c1c00dd27434f9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1dca48d0b287e9363237633ea836dd01

          SHA1

          eada84a3c50223d9512a128167ba4f11608e36ee

          SHA256

          d75e6445ad2fd5dcbb0ea00b640be1f22f06a8946272b65cddf04c1f65f94d9f

          SHA512

          38a0985f7a77f0166048e9604579dd0136e6f431a76e259fce4c3e3f8350fe2bdaaf55c87d267d9f99bab80abc1c38814de6e43b437c600141b31a267875263f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          191562ab8eb7744d8584b645e8bf86c1

          SHA1

          2604aa58bd5b90e237fde90726b68f7442e12a36

          SHA256

          00e4a269786f8ae506e695590d3e15bb4cd4e25e51848c36d41e1fc03f1dbb67

          SHA512

          594364945dac122a24932cead2c0373ab4244eeb18bf8e6909277ab79cdd91d075dd5f8156bf56feda16c2e87b6ce61bc608200d36231b3e4b4fd3209d7f5f40

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          31d70afc326cc35199e54ba00448d6e4

          SHA1

          323021c6d4fbc5a9bdf9532fd64c43180e5321c8

          SHA256

          ee8f3b46a587e77d89f836dabf16cdc2cccf4a6acf153ed12ade9df3d84bcfdc

          SHA512

          8739795cac5f0321c83f108a22180b75b43378fe8af88e75e5a04ac6c9bed39b063e900bed7acb442170fdd0f1bb372d42b54bb2b7fc24db97e2615fa1dc67be

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a97fcdf82adcccd3bca7453b51ba7a44

          SHA1

          b069cf79b8a9f43fe5796ab77bc84c9edde3fca8

          SHA256

          2b82f50f10fdfdf988ca7619d03007f0a6e0445c937ca0cf85b813b9e655f815

          SHA512

          208207c6b7d1c68515c6770ebf15bab5ce6ebd2d6ce17760343ade6af44f2110f7d5d46221031a16432e4d311d50c07b2f281b856d4c8cff0a5b82c2a48ed9b9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          100911019bf18e998298605a6de78bf0

          SHA1

          dc29fdda01e4d99c31529ae740e4dda4239f9d93

          SHA256

          7c3783df3c685edc93a936be57424df51f11c1200c0bc7c282c764b0c6f97840

          SHA512

          5bda80dfa68d48742db9336a6a2d710a2b914fda27fed3322c963e7e633c53d51c4a7fc446bd5d12ee654dbd610fcae74fd7f30dee1aa0f3e94dc5824d40ba01

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5fa948cd3a7a81a250682ed6974fac12

          SHA1

          2946b6b66d6559ad8d87b8d0c01074031e323e31

          SHA256

          754eae31d5da16dee775f629f109bc1cf6c590739e82a675405d534454882479

          SHA512

          5d6999906f3dc79cd7a34344b544f9de2bc911a43da2bc46b238cf3954cc9fb6cf5494c8e1391cc87ae0e91e00d384e26b22d87810e7789403c527bcdcaf01b1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bbbdad97208eb00e607bc6272d37ae13

          SHA1

          a96b38a467d531673ab3aee6288d5726cb7b9802

          SHA256

          a59f4f42e9e59333f122a5df95a330b1c1077f978fbea7f0fbae056f245cebb5

          SHA512

          f163bb2cc9bf22c324163aa854c78f62aeac2c12adfd3d764d62e6a870f380ed4703e0d24a4769f15b3862352587e5686e16feea291b8e6db422d4768e924ac0

        • C:\Users\Admin\AppData\Local\Temp\Cab3E68.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar3F6B.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b