Analysis

  • max time kernel
    143s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    30/05/2024, 01:53

General

  • Target

    82b1d245fbece9cfdc2f4b2fc0ea6d57_JaffaCakes118.html

  • Size

    139KB

  • MD5

    82b1d245fbece9cfdc2f4b2fc0ea6d57

  • SHA1

    0867a22a19915e9b3fd7a738179a4d8ea479ed04

  • SHA256

    9d6771f214219cba400e454b940779ddfac0f0ab9bba0d8cd12ed832271af091

  • SHA512

    80260a3993e172d38394b6ebd6ca03cae04bc0822101d23049b890abc4ed5940cd3f2cbe9174543f135c753e0fabe110340787a663a8ab543eb6b3f31b3a1104

  • SSDEEP

    1536:SArNsoQvj6Xlc9yLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrk:SAroG+9yfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\82b1d245fbece9cfdc2f4b2fc0ea6d57_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3028
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3028 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1976

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          02c1c5ecddc369ccd03e8cdb9eccc9fc

          SHA1

          4b63e3ffb35c7b428a800c8a6ca94e0f7f3e66d4

          SHA256

          71e27f0714b4ae1ca23bbeb96bc951196bac6d13b62d997d31ded7bfb806c946

          SHA512

          c894b29129b5871bf1ba318e4d7289910d49a114e5555d60b9c38f6a588b6c3d28b3bb4e2664680789737dc4db5f1897c081ae66921c4d095bf4006696433ceb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          aec692975cdad304b25d4de56f440ff4

          SHA1

          8fd5a459038c684cff745e7d76a2fa90a55d3678

          SHA256

          9c3040fa7ed16ffc85424bd48f01605a5a5fd3b41e71dda1b848f53869164c12

          SHA512

          1c6385c1229e20ee49d905aa57399d6cde533aabf076e5ae113e1ac2949757fbf2610dfc404d882eaa6f30c2cf5db941b99b707f1e973cad211abd7a32138178

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cad9742d1b5040ca23a9c8fe5faf4e45

          SHA1

          67540391bac5195a2a2031af451ef3b4c2e991be

          SHA256

          31c7fa3da72a16c19c649d372faa27a4e82870481946391f125723ba3b6217fd

          SHA512

          2948ce8620a6c2d8c6145a29ce7dd6df156e7aea02268ce87b578ceafbc38aea709c64113dc2b91db2109e915e2cbc4fecd6e2aea36372a02d7daef262382eb9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7cd97e7b669af4687d6f2d1799ce8b34

          SHA1

          dbb3450221199e90835c68cf0dac733c75d1ad8b

          SHA256

          61521b9627766110e683f895714d0cf23d316a99feb0472f6fd0faa30161f020

          SHA512

          4b1b6a21c2b12febebeb97db9148d711211c500b0e9332b7c99cdae71e094e958eecb2065807e573f28925413faa708090f942b145726a283c3d72f9cc5517ce

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          216928317ff74cb64e7b847b62c1fb12

          SHA1

          d501dbb675e139c18fc4842eb847b897bb551eac

          SHA256

          545bc761725351e68f0370b82d80146477c9b8702c86ebcbbd3503d4d0945521

          SHA512

          c8036531e9acc69e952e10b162fdbaa7553d336ebcc529662e6db818561eac9f011b4ded1a99ce9a715a165a4db606d8faf78dcac2463a505a62bf6c8b707be4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0819b6fa09ac1bafe8f1f655641a15fd

          SHA1

          dedf9a55df0c3cf96b4c95f24491b6a920d095f5

          SHA256

          5aa5077ac1325e640a3896a08a43d28b9053ad0a8527841f5adee6001ac67c8a

          SHA512

          9fc33c5184a6ad83ad71235584aec0c0f92e09e6a5a914038fb1c86241029d2654eec07e28cec0497139234a81ee6fa3b728bb4b94170152fafd1035f3709984

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e3182575944ebc9abe417e974172fdb7

          SHA1

          e0a97ffb8e11c84e9fe22a06075e55c4585be45e

          SHA256

          fbfd1e1726c1aeb5b09c11c7948dd70de7bc18003d6ee84b40d423f1ffa58225

          SHA512

          0a3ae0e982244a46a45228d569f674b305574687db965102ac5f7b8b79a3c87a3f5d4a8c6a4489aacbef1f0c5bc1955e1a3912fd64d8159ab4a35a45bc6aa1f0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7753f510fdae2c1f12c174d67cc5ab2f

          SHA1

          af3515eebb4b85f24cb20dae21043d9a35c61f3c

          SHA256

          f4eec627e58f737d4b3c11bf4c6d2bcb724f8789db10ec58b71decd00845b93f

          SHA512

          1389efa2f05ad027e4524dcc4cabc6203daef7efab66639029faae10c0117b8422aa1eaa9896ca642a8f09383b54bdfefaecbc76789afd0ddd598c828053a5e8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ff156a556262b5d6a2584555157990d1

          SHA1

          436eea4bb1f69a4c87a2b14dab835a43f8db8edc

          SHA256

          6fc0d325da5014e0ba6350916dce83ee488a1965980d6194a27e3ed9b1ff49c2

          SHA512

          dedd666b26c33c7d7ec905c897e9f69a85c81e135c9dc57a07ed1f26f4b2bfb6e6e10975573a3e5c688f246bca6b70deaba059cbe3ea5e4aa67e15806afc890a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a010e9a9d6a2e884ed77c1faad893e25

          SHA1

          1d877510ccf4c3702c96263ebc432ff4d9500801

          SHA256

          b96b409edceb5aaf65d8bcc68ef2f75f25d05776634ad5fa1a6df68b742fa6a8

          SHA512

          b878e69419966de047f53e0e8da461536a0eb6e3aec25889c37d093c3759a5fb986fb44b82d0fd7f50c92171265b46872bf976da638561c35ffbf4e0c9fc12b8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2507f0a9f9aa4a363254381f99e4ac20

          SHA1

          268b906e7224b40467cbf9362ab1dd797b8bdc33

          SHA256

          147889632211bec96f0a0bb80946af5d3b003b5eab45cdfaa12e404799ba76bc

          SHA512

          1712aa39d9b7d7e699286f91c1644a8af5d4ba4c37d3765d602a6b8f7215a053c90f54cbcdfecde781ca237ae48ba82b724876679ccae090b57351b621723ff1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0104707a5c273dd442ddf32ee8785142

          SHA1

          d69f4a58362639d440074ce6ab7f8ef405bd0612

          SHA256

          cffe6c6e61097f63972be437c44b530e764b342c6fe0388c635ebff7477bc840

          SHA512

          02358912370f3691c197882e96eb7c48b4010c36834e222a6e30c6ce4fd6aa4750ca5a01005c5904540af4f1e34c56a4d69cf004f6deced7817ce8e18179772d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          028025030ee870eea79c5eee09662187

          SHA1

          2b0e52b725a1db0ec582a3a9ffc0da3c9bf23164

          SHA256

          db9d3a3308e2bb231b84a05ecd847027a288514dfe446454670e986dc558d92c

          SHA512

          f2fc2ea2cb57c2bdd30bd92bf5d7ac1212b8c398dc0754ba0ec1a958cc907139f48ec6e60efd522539becfb378ed2a367030e19c2b7220e456c4ed1fff64b15c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b9208c9e973407b6fba77ce4de9d2fbd

          SHA1

          2dd2bc9433f9516fa0b8bafda5161d937bbff34b

          SHA256

          b8558e1541ff07afc265a20e4b017288fde31dd77631f32e0c5e9382d0b04db9

          SHA512

          96a0c3233cdcb28002ac81662904274eba6ce65caa152eeb524fb1cba8bd09535bea4155891809561ee6c78d68c306e8fce1e8b076bc129dbf6a87f885664a08

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d7d9b5b228373bdf17d8fb9a66eb804f

          SHA1

          ae9ac399fd70cdd718ed12ae5ac12dbf4d8a8134

          SHA256

          65c005d512c810058da8cc33c060d3c0527fd1594bca6a10679d39d89c16810d

          SHA512

          319f6cbe7e9ebcd6478ec1ccbaf37252113dbb4d57d2a4425d211d2dbd72313c267c07dcf80f4eb9fcbeafaeb417f5be7fb1392698ddfb8c779e300ce70bcbcd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          eee58c8f76ecc0a62e07ba4c8902d03a

          SHA1

          c3e37067ad7003b268ec05ddca731ec13a3c6a4c

          SHA256

          aac68f56a1c703e502d954cd62f5315c7c518f4c9ec077326935f6b78348ca2c

          SHA512

          fe6ad4d232d52937e1dc20f399b1fbead6350f7881ce5e129fa4a3dbbcf09a7bd233c64981738bdfea1866f5b86a30e995898d21b40631f748bf56254e268d65

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          77486f8b84a3c3991fbcc25e156562e3

          SHA1

          c661c3c8fa1300085801c3f4bfa97f7f9a36eb29

          SHA256

          6b47a50d3c82193f16cdf1bc2eaff63aff66b8ce8057953815d6e82d7ff642c1

          SHA512

          a79b4e9d7a283ed2090d721bb7f07272663e155e3de3f6171fd2ee8ad432c4804d8081a86a17806e9d54c668dec9b4764cfe56d6603e7f7ec563eb62d67afa12

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          95160bf3b31979b611b71dd02c6362a2

          SHA1

          f63173dfc9f33f84b9196809edcb57a4bbcd9ee4

          SHA256

          5b0b40321b68d03b85aaf586c0cabb5c6ac974649acc05f5c65cce918211c52d

          SHA512

          6dd5b35e45266c265dbebfaea8fcbe6641890d8c9c2d4d7affabbdd4d9a43a39458466e0882527870c795aca1f6135d88aa08065b9683f5dc8b8c6280f6614f6

        • C:\Users\Admin\AppData\Local\Temp\Cab258A.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar265E.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b