Analysis

  • max time kernel
    133s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    29-05-2024 13:54

General

  • Target

    80f735e9cbaead3cac168f5fb9ac36dd_JaffaCakes118.html

  • Size

    69KB

  • MD5

    80f735e9cbaead3cac168f5fb9ac36dd

  • SHA1

    d163041ee0e553c22d00880edb82c5622821a06f

  • SHA256

    404c930027d2e98fcd8d42e2fd3dde6f7807c54284b68d39adb170a643c78803

  • SHA512

    2e03542577130f3271ff88e0960e6b5f2e100f211fff22e57c103afdf97669c04f84402e320d2d1024967f0da0bf125ef9399786737664702362a49e95465ff9

  • SSDEEP

    768:Ji7gcMiR3sI2PDDnX0g6sea6qQOl1+ToTyS1wCZkoTyMdtbBnfBgN8/lboi2hcpq:J36KD+sTzNen0tbrga94hcuNnQC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\80f735e9cbaead3cac168f5fb9ac36dd_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1368
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1368 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1984

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    706db0462a27272efcc8c44257047901

    SHA1

    a175c8c41fd217d6d528e398fb4e4575f21d1e24

    SHA256

    97b29be94aa6d0a579122f68242b811ad82570c49fa59b9d1df288ab9b082ef8

    SHA512

    0fd6a152c294ae4eebbef385617b1f10445a07be33427a4a09deeff32b9ec163eef7dc1dcfdb81875623f98b3a480635627b5864e1c1069e407261397f4b1a7d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f0101d9604226da8a79b11d0d0a29941

    SHA1

    4814f9e98834983f8d42788ab25d69ab1de4cf14

    SHA256

    b84ba5140e1412baa9d6cc588f7e4060a0bbc79355a71fa5f2bb54033e15ed8c

    SHA512

    c0699c2ecc72876f336b96ddcbc34c6d16288c886cb90123ba9f835f45ebe881e23328783e9bd193c6f5905578b5c4eb9b5506249a945f06dca7483985b7e679

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    610c994366e02f556746b65ebb474458

    SHA1

    fe3f7ce186bfb8fb1a91c26c3495d63ae6bf1e7c

    SHA256

    9f190463ddc01cc8c9b88240a2cab26151294f8a498f9a34b1fcb4812cc59e58

    SHA512

    7ada784500055cf07d473979b65a8b7f5e31771107e9109eb0fb601aebfe9191dd7248a542675ee3920453c8cf7eb04834ad334980854a60ae2465027fcd1046

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    56228322399e5c0eef70a127cc4a111d

    SHA1

    5941c6451367449157c762655ce81b363c4cc869

    SHA256

    3ec4087c5f9f53b7a91773f87e039a4e0efe8a671ffc66f502a43032eb910528

    SHA512

    e941846134323c49ac1ea0334ee26ecfcbf12c89d50ca4fbd4a2779ea79227a8d6784c1a9104725cbb16c330e95a1033f22eb7b38f92cbc41af2727539518db5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6226d5000919a0dad21f09be67768d40

    SHA1

    f04f26a4b0f8cc6356195281097d5f14021730fa

    SHA256

    1877e14456a7f048ea6ac49920e779c62a3bc0f177f52af39f669e794fb056ce

    SHA512

    c6956c46c3b659b74285ea84cab1907953460f9068ce4dbedbce64eb9a422b203cc7c35be258f094c1ea02acb7b4bb6e9d2e9e041ee2cba7614582dc2c97bc15

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a1a348ba6d7c2839c5a2f665626ac31d

    SHA1

    199261afbdd1bb939f94df8e7305be357a93230a

    SHA256

    35a502d4bdfab99622baf901a4c7f9c3ad2b243def617150a2b08879a3ef192b

    SHA512

    f12e85f39bb3dff6da88ca04ee692866b98ceff5214c162a943881b968a1678d86815cdd3ee24e04759744c34568a7ad3834fdd922ae15f21f63b07f42b5cc86

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    feba316fba367fcc498e886faded49ad

    SHA1

    3b4576493db711c3afe294aadfac22e3d1ae430d

    SHA256

    107b8ec0bdb129f93cd8c574bd731ece8f646b4961388be96945bc06f5f8d28b

    SHA512

    49a439a0dde247762cf7b66f7956280714f9b1cde3f4a2d86feb268fea29b29f08b6710877648703b309a5ae9e13445528fbe4149c4cbf74588bb1b78301db62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    19aeb91be961ecddca77e4aa7524cd65

    SHA1

    ff832bf35b92ffdb141da8009c236e1ab3c094a3

    SHA256

    9afd3c5a2adfec51c37f7336b4a1c790b6cd6e2878309489dd3cd5a3a8ba1ff1

    SHA512

    bfbd94ca84b884b8d27319b06a710a64a674e4a05cb7c6fda14b101dc9a1f10f722aca75be61116be6e14a228317aadf7258903344844ae1808b24d66f86a044

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    89e2b9adc12f2d50421eb2e13581c836

    SHA1

    de5b91ad3f341e22a315137c24e8f91c2e0ef8ad

    SHA256

    efa055e45b8cd16c9a41a5f12aa818b457577c0ea04a13a613755dca2a252194

    SHA512

    1dc5bf4301b617e8aacf3a653268ac14788032bc8bbfc0b7fb3fc5470849b0dce37ceda5ce2e5391628bfba453c82f10457124be5b57021c8b2b29102328f3bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d471778c3db64d912fa8492f4ce89ddd

    SHA1

    24c6a5e2ce81e0cad0f5a4ccc52f17d394f207a5

    SHA256

    74cdfa1467c06bc1997a48920ad6f832aa7937414a1716d1c0c52187aaed4aa3

    SHA512

    3888d81961e093767d2d27873413b3a43341c40e6242978b04ecf638d461cebb03bdbfeed76730a14a1a3ce36d8e90508f06262d30e6f5ff657ac88011d9d4c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf3e7cca94026a7bde6cec40543bd7d8

    SHA1

    82176682ea6f618949bac58e510527b16d470149

    SHA256

    9f4b7c88d40017a3f50a9ea6f509e3a46cb4c299346ac137b3769fde58cf54db

    SHA512

    28253b7875e9452210176cde2d29b34595789e49cc963182397e305a818f267db0013b664d8248397bf80837f6924c59ce961f364173c643422375b6b40f05ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6b529cfc4c0ff441c4f00c17afbe2f30

    SHA1

    9ffe7cac51baebae46c3ed3312890fce3005eb92

    SHA256

    4bcf99873831d6764883c3c104ad591785361cee87bdfb0842c33cd7d56091a3

    SHA512

    c8c14d2f44369c8594525df042548bd61a205d6d19d20b6ad7457dd4235c4c39e30bf553f97bc81b252db8322ea805e57f12220ae14dc3b5662118f675f003bf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b9069f5870e01222ad17dc17aecce1a3

    SHA1

    b09bf739051d29d1144606d42697fda540504024

    SHA256

    9a695689db9fa24391bc81d8eeecc70085c9ac422cb8263d4a3ec9f1b47ff45f

    SHA512

    1b088519a22920b95c73ffb98cb0323f1eea0dbb9fefa9403e2dd4c5076eb63e05c2ff7958203a020346959b46e3cf7cbec3238661eba0e6d96613e3f9c4cd44

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eae25dd50836bc03f1f30a7dd1246d79

    SHA1

    76ac1028302b08858273f95f1768db7740269195

    SHA256

    d31fa1da3c7499b8ce375af9bbe0f22ed581c43f17b3279fd4efe0fc41b001a0

    SHA512

    4f849c73e2e04b96bc7bf63fb242a034c6f5772662a8e59b9c2cf7c5674c630c406568a51c49a3bf1d0e0b7321183f960427080c3fed0adb056df1aa2095e9b4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8066b38f271db7c3d8b5439a36fb505b

    SHA1

    2fe7403a5ae964ae485dbe9fdc43b875d140f01b

    SHA256

    27bfc0a317c42b3b1695a7e96d67a5a0d0ef32273e5e1c60a8c0cecdc36f937e

    SHA512

    a6e78edf15cedd9cf6d71a8359ee97a7136cfbd1b8110da77c50da4914ff8b25adf0cfda33e1477a0fab05bd0a9b619786018501d136b2cc4571c7066d9c1ec8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3fc9815fa3da9d33aea2f89c00253acd

    SHA1

    1f4901af4e54d6f51a3fc34a0b4bfca779c644e8

    SHA256

    feacaf794a5890e339c4a4da39c20325f56147383e3f51af17667ce4454b60f5

    SHA512

    3670a44da8ea27b0d5a8818b46f09cca45874da977c34fd581b043acae8f7ba474553966e392ae85a574050631dca524ccf11dc3264e83f72f5c765e7bf5415c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    af67f04a70d495534fa8409cdf4075c0

    SHA1

    62b9b4f94ac4bb97b91affcb17d356220efd53df

    SHA256

    a99eb3d98a951aa2f98e228a932f3235f29e7386fc901d8f624e7d38cffa0edd

    SHA512

    f559c40655bb9d46cb185cd1efc45cf0ceb375aff6465bb1293f2a6979f5c364597afac69c2ea6b710d4ff447412ead00b00fba7e1895f428b807f07bd8789f6

  • C:\Users\Admin\AppData\Local\Temp\Cab3A05.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar3ABA.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b