Analysis

  • max time kernel
    138s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 07:45

General

  • Target

    7ffbeb6376a935e9f84060e1e6ee2988_JaffaCakes118.html

  • Size

    116KB

  • MD5

    7ffbeb6376a935e9f84060e1e6ee2988

  • SHA1

    616aaf9c7fcbb03819a8a90523e9747b4f78d447

  • SHA256

    6a2dd56521678b9b5ee3fa15af5e407b3e4b3302b8d7733c8fd4dc4a0960c441

  • SHA512

    49314221a49193266ab63d91205e8ad99b592c3e60c530af51a0d08920698bcaa456dad2e54265edab7f496e300fe3d87c6c22a80fa9a6c7c2b0f5e55058d5cf

  • SSDEEP

    1536:cggLMfGyZxfHdWIIFFDnlrnl+Uf8l7/vI20e:cUHXIFFDnFl+28lR1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7ffbeb6376a935e9f84060e1e6ee2988_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2136
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2136 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2924

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6ec97944d8f969f1a26f188971d071c4

          SHA1

          678caf8a11bc70dae53dc1569d082a5302652d4d

          SHA256

          29a5bea7fec589b26cfedb5b71c4a0974c601631c02c3ab45bbf627e25a655dd

          SHA512

          1e8d2dd25009052045a06e12914ef73d671e5074c81930d790ceb03346efcd43b3a60c94c6628bafa3c05982d93ccbaad4d7a884ebde1da0e51c73a53cd9efd9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1efcdbddc47fb69d4848b7889c3ee7bf

          SHA1

          6129cfeddafce9947e1c5b3aba320bb32a92248c

          SHA256

          9172b000892ebe5adfe0debc7b6cf6d11e272d4470bf528d11281f5b1d75f8c8

          SHA512

          6e1c0e6310c4687aeec5619d567739d99c69d08ac90c9f90bc5e01fa5fb5738748a0b044b778e97fe46b5fcd6d70c20ec7c7e1a78d21003a1773ad4e792311b5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          de6253b1fe1b2609109bf614a9fe46d2

          SHA1

          06912628247707eb0d3c81a0415b79e1a7c1f0b8

          SHA256

          d4478899bbe1bd0634ddda382a3b10ff925eef23baba13230b260aa8adb49eb4

          SHA512

          5bb8e6cf5bb6ec57111d8dc6d93baf66d2cc06fd272416b8d12b2a87b22e07ee0c885b70402686ef70b251ea2a0c3835b0fed1f568f991f15ea46719eef4b454

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0b1441ef8bd9a354c889b41b2f310a04

          SHA1

          ef3d05395e891fe584dab1e7c0627221f23cc39b

          SHA256

          0a6d8ada153280775900edc8aa6bfa9b7327ef724ba1b82576ce1367919cfe46

          SHA512

          c23c3acaf2764c2a30ddbba8dda00328d4ff4a6cd6fe5dd70565242a75ed673125926d2f2a5ca4f8df2321a4b301bf8ca42484fd132e4c7c67e590b17dc642b6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5d7efa0caaa00646ebe0e2ebab9d4a34

          SHA1

          2dd239379099866d4c5065cde521c2585f3251f6

          SHA256

          36b9eedef7a688e6f1260f50e02d0231a02071115a8b095267e03f2e9f410866

          SHA512

          f4f18a86dd513b4f7cbc0e2a838520cd4064b3edd1c61001948244320c0d80719134ad3eba0cb6b3d390c9460db8a38e552413b8920c57c9552f6cf07c6d30bc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3b22039a10e4d7cbe18866970b8c58e2

          SHA1

          fb6e0e051705c3e5d7b79ee39068f079683e77b5

          SHA256

          82c3e101ed74424239eadae0e955c1f26e9399e3b34e74cd90c0bc21aec584a7

          SHA512

          f225173ff0db0cb0b0d78797784714b03942d46c1ef09b4d3b87d8a7b76fc0ac15442854c9b4484bdfc1a7e42b32a65268a1f6092dce5f41be6694f0218e76db

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3080edd9bbe8a2c659e60c102bf32c60

          SHA1

          2db92fd12de4a6b08488f1b3f30cf0332de52f95

          SHA256

          8386919dfc640f3008903f073750d0abdcd8ef97608818e793717bfe8ef2c8c6

          SHA512

          835adf366b36b15a450d50faeb1e9a66f9400e1f488de83e54bb8bb7e587545edf3d471f57387b21595660e3febca460bb4321a910fbce59e3b65915856ea344

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b47182af3fea5c87d48b8a645e328c3c

          SHA1

          cef40707d00e856285160d2611f3b5c06d82063f

          SHA256

          4661465e31b2494cfb6d3160b3398b88fc9bd74bd4805333e9c76085eba78a85

          SHA512

          1958afb76cd50206b6ee3c93cf9aeae654358ec5a43c6ba9c9ca9b1b958c20f6510f7ab6f53e270091cec3ff39aad7ff0619faeba9cf6e52148ac77ecd3646de

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e9231ff6d743ee065ef711c38421a852

          SHA1

          287415daf0a955a69cad04a6a42d669322ee77b6

          SHA256

          776118ed91e602e4a008672a6390baccbfc4270cef3b2313413bed7033274f58

          SHA512

          81d2e14fc246636021bb67e64ac14492ad1945f2d463055697b7bae8e06c87ccd8590b66c67ed9074f305fee535f090747a346e1487a1d700f89b0f923a0a150

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1c6211c293dbea89df26c29779ddbdf5

          SHA1

          3fd35688751c3ff59912b4c37b7bef63e32f5e0d

          SHA256

          4638ccb5e3a9a7c04f80d266ab675843bad0fcc40977adf3ad55918a8256563b

          SHA512

          d4cc1dd138d0650f319dc3177b9fc41c82a3cbd291457328dea7f40693545617cf095efdaf1f440b9c29a152dbaeb68c1c239561721a51fa8edefaef96a8d397

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          01873c756ce8a0aa571a6d67121f95eb

          SHA1

          df41e36ab3d53762f64203845fffef9d38b6aa30

          SHA256

          32f82266a69630b21c6bb90ae629beb91fd86706192cf3a3b5f26a61a7e9ab39

          SHA512

          0edd4158501da2aa2ebe81c9e818eb6069d23410d0a02b504b99a35c5e81bcb7028a2be78d8373b07052886e13a05560de29d8956a10051195e5feb5dd1e32cd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          983b7de58808bae8111110877aeafa71

          SHA1

          22415f3a4077847c4c92abc12d1763fae99ce904

          SHA256

          cf461ea4d108790f20e16be061a14cd0a1ba964d05794c8441d46ce3cee41bed

          SHA512

          0ab9d83291dec2060eafc5773a76a13bf8beaeca5de27c2c8e965998a286277581b0bfff73372e7d9b6ae546b2f2a536e130f9a2dd840323cd6bfd814e2e4bd5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d809c7b0fe5a6da7e6537396f33c5b52

          SHA1

          58abdf5691b69ad425b96b027c9a4b08632ef8dd

          SHA256

          e3cd6fd079d36dac3f587b7f1671f4c198c8b9a547285509e23e75f92d3a5496

          SHA512

          faab51c61c24428d7ca2faf14602ba592b49449950ee48b5a101925cb8641186922e5523723a7a5f7ef6dc33049fa280e27f1fc585864d9f117504fc4747a97b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7e233942101ac0a1c8e4fbb5c88f1672

          SHA1

          9cf2f648ba7c486dd2b8f281a726a00c1ee33cb1

          SHA256

          2782bfdbc90a315c74fd94b5525ffa8fa3f4ffa47868efca52d25dbc355de0ac

          SHA512

          c921b8b3e1da6be7a666724c1e1bf5198f0c7a746d4bc2a774c4253f5501a071499300883e43cb964afaeac4a3f21e637464c64e18f71e071bf56775039b665c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c9d21859acdf997d9a16d631a22be81b

          SHA1

          d1eec8c6b99589279f23a29f388fa944a949af52

          SHA256

          6a9e5fd68b394815a46d2cc88c21be05954c79e235e77d8438cae3e6f0f22343

          SHA512

          88205bf7e67830e8af3615548528215bfddf73592e291443554fbe114df5c737e2832c227732dc433340f7b0763a138f60713561dfac72734ee7c376d93774dc

        • C:\Users\Admin\AppData\Local\Temp\Cab31EC.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar3280.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b