Analysis

  • max time kernel
    118s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 15:11

General

  • Target

    8129f9bd21f8e9d67383c202a0926a40_JaffaCakes118.html

  • Size

    4KB

  • MD5

    8129f9bd21f8e9d67383c202a0926a40

  • SHA1

    7c9fb681c100f622fba4d6235ae74ec28140abc5

  • SHA256

    1929b97ba405831e6da644e7a34996e15ae49b12f602917a8536727d5e89a5ec

  • SHA512

    0272c57099c9bc557717787a8baae5707e705d8d7d8aa5070ec6c23beac9c8813289d91dfc7fd33052b081f14cf9acb6ce8a23d53c7ce61991cd1c5afec9d15a

  • SSDEEP

    96:Pk7yJozTGknaEFHVKDZTBJl7sNjtXATIQFMA5e3fhrvDJUgwa71D5iJ8owuDA/d:Pk7yY1aEFHVKtF37sNjtXATIQFM93pDp

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8129f9bd21f8e9d67383c202a0926a40_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2340
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2340 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2840

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          135cd912befbc95129ead97ff7f9d6ec

          SHA1

          fdd23d8b5fd180489863fe4b0e1a6fed2d9505eb

          SHA256

          066a35030f122ed87b1c6582b2bb17b247b01c45c3b12b59953fac06665a9999

          SHA512

          3e8af03fd14572506315f802ea9454f16d96e4547e264700c21c4a762cd13f9dcb175beeeed771db974f4e921bc6ea8e4db2a208bbaaf982f621012c55e0a79b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e870976276b8217e442b31185bf6f9ea

          SHA1

          4096ff9c46c831760a972cfc5cc75803cdd27d11

          SHA256

          58566239d2e6ca2d0a991c01423f7322e6e978584db17d87a180e3c3f8ac9709

          SHA512

          ba8e78e552c5024a20ffd2a0607fbab6cb77ca031acea0eec6ec8c6032f9c2d35fb19823d88cdbd6b886d4b11365cc923bcfda926c6b6150b24b2344d579ac72

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4e0e1d619937bffec46d89a3cb65758d

          SHA1

          e209b9c11d33b794fd94f3a9883db2aef6761b39

          SHA256

          4835faea12576170e60109bf69bd4e9607ab8e4dcaa0ebf10cf14ee65b71d42e

          SHA512

          1ce0aef820b4bc33fd4742d2362c02cc4ce85de7c9abaafa501aa832ba25ba4448f2c711519f17fe867874693ff74f6cb04494d52bd1e4aa7b37e99344c21c10

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3e488a9e2366893aea5f448bbaa5545f

          SHA1

          b22ad517b65d4f9edf1a1618af3705a981fe3034

          SHA256

          7bc806a1a4bc248674736bba82eb14dbb58b7d2aa44795f64fc621cc4585d286

          SHA512

          a5db52298000ba429e77e8c9b9c7fcced1b99d6f30fd85be599b6247af98102c6853b703fab7d64c913811563e8795fcdded450b571574aec1966cdb5b5f283d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e0970ff6a6cf15fe883aea337ab4da92

          SHA1

          92d4c74552528b02fe7d4e0761892ed668ecf8fb

          SHA256

          111f28bbfc9b9eb22f6a480b8e36161460e05b6c6f0a7661a64a321718d190f3

          SHA512

          0afe14f6bef5dcb9ed77f58025ca218343b5b43c2658d783d24b4576debe897baea52e5287d6c18df8d48ad53112bfa6dba6a6a58640180484a2abcd33dc4641

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5eda07ed9fb1d9e6ce52e80cad1de3c1

          SHA1

          90d034028973a168d4b11e04fa2e1376d913b922

          SHA256

          058bdfb111457b6a193b9a82d5cfde216654cb9a054e8c3167781d124e6f92cd

          SHA512

          cc36a865a75e99803f5b28d75fdb5168cd0e2fb4ad69f9388011c0c04c8be32816d98a38b58e4c0bcd08485e596f09e9464c97bcf11643ff7b8f099f6962f634

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d8c5b9e13135d11fcf176b4cdd13a33b

          SHA1

          c8dc68f1b85e508ced60649b6a41da6b5556c94d

          SHA256

          a6c49d046f3c0c3dba7de244f3b79d9fd70c847bacb4842c2ab1e074485d90bd

          SHA512

          2f5057a03f5004dd91841e858601ea374769cd4c765ae1cfc13b3d4c8231116b4da296d1e3cd530ae2f9a752cad447096da3a8c06ab9427771f69a6e7a87ccfb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          67ba26a289c56fa5070698372e0debbe

          SHA1

          b16ab27fa4bc63dfb5b1f86872e55a1a3fe833f1

          SHA256

          519446bec6baa7dfafaa8dd3ebe57717e8100b35939663ad9bda960bf29e957c

          SHA512

          569b68dd10e964b17d34934c064a1d635def89790e3f284efe00d3df44341962624ba3115a31b7f1b92218b3422390229fd8b5e734ab01b0177011c86c5c5ef1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ffd9c5004a3ebfbaf310e122f4ef1035

          SHA1

          0f40f6ee346f83a20612708938822e91da4e3514

          SHA256

          dd23d65b0a6498150d20a28cb1187125821731d732d20850a8100910c93683f9

          SHA512

          b7b4d802d15cff6a0570f8ac01cdff882510a10b3c2e924280bfa7c2fc985432a621d2bcdc59096b2edad90163a43771437404e2a5b9c64807e3904a2da476d0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          57b06660f47cd9de3eaa2f61090afab5

          SHA1

          7244be340a5993dd520f0942b38a9b8fe8f72ec4

          SHA256

          1f46f222bf6234118565972602c63f15d82092ca13723e1dc2e362b43600ae8a

          SHA512

          8ffdc18cc8148e94ea284bbe6468d6d324637fb6b17944d1b6792a24801cc710dcaba18fbd2bd8d9e212896afe7a7cf2d510a733008da625114731b9de6645e4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          dbe4d6cf550ecff365edfb7ac4584634

          SHA1

          2d172daff4f90449cb487c73f61e4301ca356a2d

          SHA256

          09d83bc6bfbfcc000e35cb00e08c63fdbe7219bf72f1ee18a74404993ff2f2f9

          SHA512

          eb95bb94937059ef17e5441981945ece570acd9b9f89c045538a8b33de41a634e35f0a95048cbe7188290e62d67e14e3b552fdd7d2da0beaf1fa8135c27135a8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d4b282880cf04610fb9c0eeb31ab72ab

          SHA1

          0291628ba7954bc62af57ef3dc1834e747d0b6eb

          SHA256

          ea70c224a09b8d05bf6ddef42b6bc3bece8f8ab013388c86d1f1ac7358743231

          SHA512

          c19134fdfa9f9c9a662df5e40c0c9e163dc33f691eecd9b04d3270ed0f6d16aa6bb7c75e2f03d4f8f3ff4fdf54fae7acc61b4be0cff9f682ae40092790805982

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e72fb1a8c59adbe531e8cbfe024a8bda

          SHA1

          110c4b0f48e3b730aa1aa6e1d8dbfe6773872ea0

          SHA256

          66d0197bc535e374133f05e95b733604952973192470ed37e0c1d40b83e60d1c

          SHA512

          9a83a3f09e6c7341d457ad962d7ed68d0b615fd86803d1e3ee6949005e667935b2a413d4cc5f2b201255b739c567223e7dfce9bbd444721ede6568d7f16f7601

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5574ee166ff67888c5947479aad9f10e

          SHA1

          6827d0ecb1fb14a4de280f33f6989b33f9a1ddd2

          SHA256

          1b5e8d1d83b62da095770d853f27ccf1a06a2d8b46edc915ce21b8b66c1cc620

          SHA512

          64ea601433c7e18cd33b43315066898658c38221a948b17d532f80a91cb3c5e14bd0dd0a0f91d0058853d6dece82fdeb18ca08a50934ac138807b7102a4fee01

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          73c4302fa0a51025444c8882c1a40594

          SHA1

          c05564a2531efd94c10818a93cb4ad08055face2

          SHA256

          87340ef3f93b99c4684bc0e20646d1c71bcd431b33de5d3f607c570056d91f90

          SHA512

          c86acd96fc0c1a9fa79af4dfb6ce0a8e2b690c91d3f308fa39431b6cdb44a17e5528be96171550ffcb3c117cd40ba7be1ab02795e345502bffabebd473672f97

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          20dfa7bb1f640a6d55caaa188a0cc170

          SHA1

          63470f028d46bcdb616ab97ef26598c86cc36c24

          SHA256

          e030faa299d6e438a08e0381b52cf1c8dbfcd90737300f162e1f039265d12ceb

          SHA512

          7d8e885e34584252e3bc6df2554d7b665d69ee4d4766b69add2ed75300b3c449d0cabee297e3baf2a1ffead165698ad585e7dbd12abdc47cfd024f753d34da72

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9dba6c7e6dcf8583e033acb86663ffa2

          SHA1

          76fb1f22f93c3a26e5ebd5127a2b089ace711a8f

          SHA256

          1e9fc2992cd8c4d3de19db50ef2ff728823b3eb433b65a7862f313695b4d5dec

          SHA512

          559899f0e6b33dcaf57e7566ff3b9aa85bb4541eef73b5800c678ae4a8484d28357afeace74799f1d33b4e90dd5cd471960aa904ce08b2e0e07d53e9fb1b99ff

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          37aca0f2295ff67123a7a9fa4b5627bc

          SHA1

          c4cca72a18869fa1925a170c88ba2155eb395736

          SHA256

          785d33cf120b5f97b660957ee5555b3fbe3653c0a2ed8c66a97514c0be7ff7bd

          SHA512

          1fbdc0fc8f09fd2c9a777c8508b5b0b49bee13b17e183de31076250fcf0d12382fe572671f3250f79cd045be3120a5b11e5d34a4fbd7947a8225c849a9669a72

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          26fb848806abea9dfaa3fea50d04549b

          SHA1

          cc87bce6b28f531f842abdd0da45a47a0340cb9c

          SHA256

          ef14a54a1194631b48373903b6a7d3c0ad16e297b80955857969140275056d2b

          SHA512

          f56150e6019017cfe69cd1ffa926a051ef5f3a12c4408dea873fece594ee41e0e86b0645225d0c99d6bf82d741d3ba548ddf65b7128039d9d4ea87e7b4cbd385

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          8f07972b8bb10ad6737d8904cfce94a8

          SHA1

          7d7687252731e51078dd6d82db04d3c7882719e5

          SHA256

          add0905c96576e0dfbe12a76f3fb66030ca3ecb636634014d31d2ac404c3c141

          SHA512

          9e1b95cd41951f825340cd46808a256a0b8a3a837c26112f021b0622028a2a15a81543ffb8e0c48f5ff3db84c5b2eb96220a5f2deb8930eead69bc4e4063496a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

          Filesize

          4KB

          MD5

          da597791be3b6e732f0bc8b20e38ee62

          SHA1

          1125c45d285c360542027d7554a5c442288974de

          SHA256

          5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

          SHA512

          d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

        • C:\Users\Admin\AppData\Local\Temp\Cab1E2C.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar1FA7.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b