Analysis

  • max time kernel
    117s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 08:53

General

  • Target

    802b2a030292412cec565da166c36456_JaffaCakes118.html

  • Size

    462KB

  • MD5

    802b2a030292412cec565da166c36456

  • SHA1

    62878e7e38dafbec3574c3049ca9ffd6d240c03f

  • SHA256

    b1472c75d6886ba349e0fcb173a10b79301959ca21a76d9e0872880878f2d458

  • SHA512

    423da2ed15d1024ba5af92479afd029c9211a838499167eafda49e22bc11ca74045b5de6eb13c25c311f0f561facf093d541d2e58348d31c2cc75fe3215f16ad

  • SSDEEP

    6144:SbsMYod+X3oI+YsagLrsMYod+X3oI+Y5sMYod+X3oI+YLsMYod+X3oI+YQ:A5d+X3y5d+X3n5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\802b2a030292412cec565da166c36456_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2984 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3052

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          64934a2f26836a12970e54f667aaee58

          SHA1

          1e0244eb4766b8ecb19cf1fb57cc48e493ad32a9

          SHA256

          040466b1cfa3949caf279e2e380686fcf86128d686933d5764aa1bab739eb236

          SHA512

          1039797af5897fad545d2408d493f6d4b5b73e2d0a3728bbd2da706e969ab182733f79a068912ea6550dacbd19c95630e238a25590ad1c8c9a4399bee7d1d110

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          477d069716690b7e1427ef6712cbe561

          SHA1

          53d3ce8dd8eb2816f39c589347a05d0cf80df4d0

          SHA256

          f516e884733d5c5c0a2dad9290fccd1ef95161a72bd567445b4facde88682c6f

          SHA512

          dae710e1eed824dea4c6f6519b962050d6ad419a40df3c39893bf773a2e97dcc30a3d927c0c530a01a3b83c274dc187d867fe7859b77f43d18ddab3048133de6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8511e8acb3290ff71549cdfb33b2fa76

          SHA1

          d93eb5f48d9903dd9876cdbbb527ee89722f9cb0

          SHA256

          0551fcd8e7d97502670bb1518410ab5cba15f58f73319410e679523c8168417d

          SHA512

          b086ef08a33c4b6b18cdf5e4c00a6b02c295248735f1c260b8b43c3d667c1a5d9575d3c7e999388451092325c93d1168b2327be6eff1fd005754b95a3cff4870

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          986dc4ffcf24611f9ed219ffd5d8efb1

          SHA1

          923b5591a501e8bb2abbb08367aa65a60805cb21

          SHA256

          fb2a9230122e9e6612eb674a11ae25b0e25ba33aae71ad79d53640bd99fe1d5c

          SHA512

          6ba8ca43d9d865970cc488f4c08ec8005face7354024789893f9791deae348d2dbeafc33f3d146c0fa9bdad0e6993a071701366dfb6e09031f4be86d96626cda

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6d90e3ea184fb9b55fa3c8d3783f4ad9

          SHA1

          94e0841ab66fe9ed0b2130859244166b2890ce8b

          SHA256

          80d8367314089bdeb2306ba66cdf9493ff5a296522a8722d093224f17ae4085f

          SHA512

          3b573e8f02e9d84c7e1d23203e08907ec29e3a5b1bffe649540e68c06601bd89a5d363030fa409db38a8cafd5351b0724ce75bd88096e4df6d4d1dca0e28c195

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          db7b41e944cde03066473affb163d3e5

          SHA1

          4f271c99b2b6699d10ba80a343e573d9607c04f6

          SHA256

          1060cc76099f42b318f5b67bf0c90de9d62aa5e007ee3af2a5cfa39a5e960c29

          SHA512

          033698c19b3077b43d569cc1d0e63bd5129b3fd97e522f8afc3a213d806c06df656edbf2da34ec7c1121110c40e154fafda4eaaf8527203e5c4f4814b38adb74

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          770eea4b7f25d33f817008a915b0df8a

          SHA1

          5abb91b9f320fe90208b4d46dbd2866887b04ab6

          SHA256

          e73a9e62fa94d817e4bcf1177e0f3d2cb6461942de15a77a935f272b30402d07

          SHA512

          624231ef3a5915bf197b09de8a007ef6de3d2e48db470461b10bd24335c88c110fabc7dc5a11937a223b38e51af65a2b9c0691ff26516de77816afea7ba089d3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          22b0492210a4f31a4e2c25f3d24c63f6

          SHA1

          aa599e676ee69488da59f40f7e7c09953b3380a3

          SHA256

          0a5dcb07d4ac6cb9f196da7bef182df8a370729e1fe0cc79952b58d4b0f9c42b

          SHA512

          6523355d19bbb2a1800a2b391423b771205f7b705e2c8ea68e05e2dd2624a02f026be0d57e632afe86eb5a8319888772e0fc635a4ec8cb33a9e2fbe7b4895f96

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f0542df2541c6c20f68f05a7d2582f17

          SHA1

          17dc377bda6e27d196d6dc1b48f57e9f88bb3322

          SHA256

          daefd24bdc1c97fb7bbb047b9540b8a0523886a0e60d2c8db71af41c69ab1015

          SHA512

          1de87fc46e6d4182f429578c1bbe6729fa7f3958e9c214aabe76285fff191f408789a504f1e8e83875cfe87bbc59215cfab222fd801a6cb6b58f769f8f476478

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1f80072dd2473da019c7490d15faf821

          SHA1

          75552e314f94656e7add397291ac9856e8f52b84

          SHA256

          304f3bb83eedfdeade1d4f368f3169c2aea24611f59a49c7f69a837de0d7ecc1

          SHA512

          df0df1b835ce31c826e7748d283703e2d90817157a99b99e98dd1ade9354fb3ab82f6ff12701cdae159364f0ce5977d17efabf6b46442f8856e392b02684be8d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0e86e325b1a01b50bed8b7b40a81ddc4

          SHA1

          a6eefd05e595af252ec0b6df996ae950b786e3bf

          SHA256

          cf0128aaaf913fa5aba5e1750ccd7a56e9bd4b5a658a9bc3ae065ae2a07c4787

          SHA512

          d8e690c4d7df64e498493ce57e9dee2fedc3a96c0d8852e22ebea2d98f90594ecddd73b1d66d66d6303a9b14ae59ffb0fcf358a1990a52b2cb289a43e238c341

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e28124b007aec0df010770974bf4c4fc

          SHA1

          1dc0d0a66e6215b165e712ee50865171cc3c8660

          SHA256

          96680291eeffa1429cabe30e6753145451cea79563832930bd86cde55d95f551

          SHA512

          f917cbe83697eab783dd99ae96c99fbe8e922fbb7c0621e6eafe212a0e00e249674b4456e846ddab0a74886f11e48e75e8a0ee2ae0c36264dcc5d98586b0330d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b37e3c65c4a8f8c8b0848df2741362fb

          SHA1

          3a032e456df60eb53490a2f3024047ba525b34d9

          SHA256

          56b165e89a922f2338c3be564fb19ce0accedb7fc86702dc7296d05e39f7f6cf

          SHA512

          1657540252fa69cfa5717e18a94b5ca28f47929dad9b3acd32fe5c898beb0d13e39f99495831c0008c2e53fee628b69aab443d67a1b8bc9e10404770e93ad3fa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6fa2a29442dac2bb849084fc549a9676

          SHA1

          1756433a27a5129eadd299e2d89962bbce2e76f1

          SHA256

          4350a94ec1f2a73472c5a5b4c5d3da71cecab40774fffb744eee2ac6bf14b5a0

          SHA512

          09262883a11a36e7c2bc7494e96d81bd6a9cb5f2a57b4c80953a69891a07d0502424b9ffcacd81938c4800581ebc83d57fb2335423b12e589cba794b4353b34a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7fb280366559fc2e9cff9508d4e2b848

          SHA1

          73d94f93ea9336d60b92ec1677bf7f39a433a0ff

          SHA256

          2304ff03591f113410c53750dd09dfd60f8f52ea9eee3bf0ac596e279346947b

          SHA512

          66dcfa39cf6ec7ac8c2c02bb784ae5ebdb6803c4afc4449dfb69763eabad40717f16ffdc3f09035136412429afaf3dfe9e46e6d045beab653252c5cc03e83920

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          05b36e63621de8a999858e1efcbfab84

          SHA1

          d226843e1a1df870af71171a9ff5c0550bf23fb6

          SHA256

          5f9073e264cbbc04ff8753894fa5d4a5c05280b57a6ec91cf743b94e50c752c9

          SHA512

          471a192a6edf65a20393d6b8e3024313e5adbaaa823fb8bce81782f2b8911e81a57e6b3804f2fae40dba21f402c19492f244226bc346ae4c2c3eb3e534d93ae3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3b81da2f02898add86d5b041e43c864e

          SHA1

          8e1aad94b34f3a2f7bbe22c0b599f4163151fe16

          SHA256

          e018d33e157f9be09a363bb19eb09d019361ac9f0dc03a227e88fc525fb7ffe9

          SHA512

          8a43aa4b91071372c00666ea4370e1320de7c59e3cb49785c7d95b41f28c14d44bda1c68481637cc53d22780a2d303df0c25c77eff7bbe8472f8f974f5b70439

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a8d23402b746204f359205a63b7f705b

          SHA1

          3ad69a973871937031cb184688905c187b130072

          SHA256

          8a07f338ec42c7ebafa3391fe3a997d6cf6caaa114167dbf414fd88ef01252f6

          SHA512

          c8b1b87935d25aeb3befb30a2f4d0f82dd24dd2bbb901ede498eb93dfa369807bb4983b4fbb09b306e8316ff41d964575cc2fcaeb31c891560d46e39f51663e3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0e2ab5df6803ae2de17ad09cbbc45531

          SHA1

          b9d4004e01be283e6a594e2336831283279964ef

          SHA256

          b8bac66f09cca1158ee0d09bed6649fce2ce0fad158146d46c0f03257ed83af7

          SHA512

          6343e01581da3803efce4c46dc4a574d3ae3da3dc6b270b16b7f616abe4d7307a3cb2fe291d5262b37b071db2ef70c612054f08644001d7a74eea9bca70b1bee

        • C:\Users\Admin\AppData\Local\Temp\Cab4EA0.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Cab4F3E.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar4F81.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b