Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 09:31

General

  • Target

    804508896ce0d660a44a9f66a7464430_JaffaCakes118.html

  • Size

    35KB

  • MD5

    804508896ce0d660a44a9f66a7464430

  • SHA1

    113e8c817495546e06407a7cad1da6ccd08c9797

  • SHA256

    31ef81b43996a45bb67e54c348486e1f0959e460c9f0fc28d25a519c6a9e24dd

  • SHA512

    368a5b406fb845a066b6fe7420e5e8257903d95d523cc1ddc361681f24294ed609662587f2870e2fb638e9a186c4f9c7b26271e55fb7a918696c05f9ce37f0b9

  • SSDEEP

    384:SGvNSpHRLAfG9MEFswUs5EUw7eb8zXJdJmoEIicdrwdQhu85eVpnrE27JOxoPvuw:SI0zDSqbEJrFjBHcrE2FHPvH

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\804508896ce0d660a44a9f66a7464430_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2924
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2924 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2056

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          d8f07a792af888fa9c2455b1f6666aa1

          SHA1

          292a0c5d8e6bd0862c3979583e9677060fb36c07

          SHA256

          6574c037efb03909575b974f2c4724e6b8115715faa42b09a6db3df99fcef6f4

          SHA512

          7af816216c7ec7a186a09a7674e5cc72664fc28baf40f0e8e2f26058a017435f0ed61bf2004fa0416dd842c05fa6de0076ab88940e247ca6db3dfd02da589781

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          aae8bb54cc4652f78d0ba30e04eb136c

          SHA1

          367cc71166df4849685ac41fb3b1361f705f0251

          SHA256

          e48bea648fbf26fdeff5fb3f66103c5cbb4a05a5f0cced3cf9eca8007680729b

          SHA512

          86c319dd03463c2a1229c8f26eddbe10d6220a92e8821fb900f5a66655a2fd0e7279b61021619db4af8cc2fb156e168aa6de2fb670d804994a8fcab519a8ea90

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c604c7c577cffb356bef4526a68e5057

          SHA1

          7f0778a753948eb90d8b64750ffd91a2aea5c96d

          SHA256

          ce658cc54b37eefc2184aaf7bf14f6cc384e82b9df755c66ba67e2e9cfbf3e11

          SHA512

          f58dcd6938f72761a75b48ed128d40abc7f2fede0cb4aaab24028954926b0d4313bf9914ed40d75dbab5aebf607c3a3bce6d34a531c7f1b40f9dd0f6a1a6f19f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8b068639c33becba1004833713c85664

          SHA1

          a9c2fc17e0360a1cd6fe1334b953d2fccb862b39

          SHA256

          35f0c733d9156bbd3fbc77ba5a1f756de61dd6b62d8715ac4c02122370b7409e

          SHA512

          cc33767d0b88cf6d562a02d7b57c2205e642ebd0683658ae298b0c5452a149891865f041b706cc0e60c03ddc74d068085e79c6de84470876e45625cabc23a45c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1f0bc5de8d665a827304748a2715a643

          SHA1

          0441dc85cc58a13b481162b28a2c4da1a57b3861

          SHA256

          e9834d0b64e29ca5d33de8442ccbfc157e4b642405fbf0884a95d09d548ce8e0

          SHA512

          3854fbaa4af0b6b1d1a255490d172280ab85246f5faab98db8adada8bbad77af8f958cbfa53c15bd8be5229d9231004f9ddac8e297c94a22a1de88c2292d22ad

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ff7533eb5af6c68a3305877db3ddbd18

          SHA1

          942e0109b4587ff37c19035a9803482f526b73c6

          SHA256

          ae69e67df999d7e901507c462a113ebca2fb1212096ee7e74c0ecdd3b2850e8e

          SHA512

          a72d8137452faaa93d8997343027f5efbf67b7bb0d71ea0b5aa62503013ce8abe21d192c9f53e7c9c03ffb16c901074165a8fe653753c4a9c85c8d1a3875ed53

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ed85d59dcab70b6379d2ff25c1ccca88

          SHA1

          10e8a521a9bcbdf0b906c08b0342f10d6bc145ac

          SHA256

          30534080ce59ec07d75859301f8f1fb4efe2bb31c1ecf56f913a261f0e323b49

          SHA512

          82f8b0bc026f4425a6889f9f9a5302a0345f7df2be469c4ad77dff9f7ef3bf76cbf372982510e42c31e86daf1d8e5e8def7fbc9c4fc89beb3f67b0834ff30792

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e551667e7c41e98dcf9d6bad27a3e9b3

          SHA1

          f187140a819f41cc13f69d6b977d58e8ee72a1e2

          SHA256

          7e5ebc780c932b97826c811826bc317039a9a78920d08af69ef0a554879adfba

          SHA512

          8df05dffb82194d6e43321374d28def7879ff6a648d90631fdad8296e65ea0148f27c9df3db3e31518ce5aa2be1b24ba9d6b4c516032d1ddb698ff4a9a002a65

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6286e2bbb9e27546df762fe800e83e68

          SHA1

          51408c92bd68c3b0cd35f46d0cffd62a04597f3d

          SHA256

          bd05fbcce6123cb0a3de4f3da0f0b53103991b7d29ac97a0521d5bdbb5577332

          SHA512

          077efc5bc6d621a276a8fbfdf5bceb65677f6c4f29fd259c81262022adfd27a4d7970141cca7236d26b70a9d166d9c4976642bd1b44f9fd8866062a7f428a6de

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0c10dde4cbead5e48f4663b82a229c47

          SHA1

          263e4a524353f9f51f6896ad7a214ae83dc9428a

          SHA256

          8b94f5a02ce3b9d14a76fb93ce4e44405c386ac5b9ca36caa9ffb27e0783ffab

          SHA512

          3e200d018c8219528c0d6a4f51a2173b370e2e5b84362e95f9f91f9c891613321989da167b953bb7aca46bb95e8cdb853fa4d042c83196f4a1eb2f81130d5b04

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          74e704bee6522428099b9edb80d8a678

          SHA1

          a3d38ce1b0098da4e6a347336b04825e1663c08b

          SHA256

          744da2d13ad3d07f6fa3b34d2702abefef5d793d767fc58dc6b996ed7e272efb

          SHA512

          f58bd2a8f2963fe43ade39b899392119d150c76d17cc0990b24e8560b4ccb072d005936f80d6929247eb2480e0f42a1791bb401f46516246d7338fdb1d82608d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c8349b4d7b46856e11403076a961b1bc

          SHA1

          2e20c0b776fa942c51b7b45f46859725b1a777f0

          SHA256

          41dd2ee59f9939d55ad8771c5e1e16763881986cec48274d10a40a174ea69e3d

          SHA512

          8ba297cd0e60a68965bbe7d6eef438f65d1e88cce6743e4c34cb0b6b6f6bd3a6fbea77c7ad55ebfdb8782335d0bca9eb93bf1b09e5e097a05fa87dbf3834440d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          ff8c91c5f79d8ab172cdd6eb871e39f9

          SHA1

          e4b9ed084ecc94edc556ff83a2b0e7702b23485d

          SHA256

          70cab2da9f76f5f16f609faf65fad24a3668ea6556f4577c24b48732600dbfa6

          SHA512

          9521f88f99452eaf3593c2e9c328d15be1474434bb99b5ad835d0d17da85fa8a515d6cadcc25ec16d345bf79ba29143ec15f285b3ddeabc6305830eba52aa476

        • C:\Users\Admin\AppData\Local\Temp\Tar1B72.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b