Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    30/05/2024, 13:56

General

  • Target

    84624011749b65457a6d8301ed528cd4_JaffaCakes118.html

  • Size

    461KB

  • MD5

    84624011749b65457a6d8301ed528cd4

  • SHA1

    2cf7136b813fbeee06da227c5945cfc081baaf67

  • SHA256

    acd60f63cefada6dd2749ba32caed934f04f9f1434c08d346d226a5ca3df487e

  • SHA512

    7ffe8ebcef1b9970e7d74dcad8967fccbef576ee55fe519f9ff2c8a68d6d33c0a45e81c981d0f0be4fdd2e9b2e057ada604eec13b99747b776550b12d1033297

  • SSDEEP

    6144:SusMYod+X3oI+YtsMYod+X3oI+YgsMYod+X3oI+YLsMYod+X3oI+YQ:r5d+X3P5d+X345d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\84624011749b65457a6d8301ed528cd4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2860
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2860 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2800

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0c05f030cf4d696ab67be560727bb063

    SHA1

    a26f0e4a1aab5a87727cd4201305e315a636ff97

    SHA256

    ac4a244475fa09b07b69d0aa1a85e82f671f7b77fd5ac02b759c3345fefd83b8

    SHA512

    a2d21d996124185fadbc8c55d415a59dac07524f806c8dadd8c6ff4960f1bc3bd4de200dd9c14d2f9ebe0a0838be6289028be992401c1e4101c145450e5472da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5e2b22761ec55102f6b2d73b1bdab664

    SHA1

    6a4edf7f937ca7661764d0453ceb35f0bcc4a8bf

    SHA256

    7cb6a8fb6de8a0ccf24a2f702d16ae36d594a4f1d4fb3b70864aee96772ffc3a

    SHA512

    889309c99808245ec2e04795a2782b0c4a36dc3b067df2f5fc515956a2e24b9a3721e4b26900323df16905a3bc379afb63caa81443063b8648e39a58b2b875d1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7f00ff5e8aebd78af3d8dfb98f28f12c

    SHA1

    88867b89633de466a7d029d23fbd3a27d0717647

    SHA256

    94361c1423d7b09794acb800338d0aa5e6b2508f93af71af7272de2975943549

    SHA512

    dedd06b6cbfdc59149ae86c72c3421444a08d592c65eff6a7e0c768bf1fb73b2baeccd3dd9c518571aa4f576be9628d8fe5ce120c44363728122379f182dbca9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    423a5a6d8398e6383166f0e905c80638

    SHA1

    7a2671928911a6a8da5604ca4d2035df77c862d1

    SHA256

    40207f11433eccb3e2e2f0871405712c702197763c7376be6449aa39a63a207e

    SHA512

    ff2770623353d27d8a1fd03851c7ebffd714459a45e95011de040059e522ed6818a706a8b99100353946117ca4a4bc82047b734e0a19f8c8710fc0d567476663

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3f8ff6fd73c69b24752da7a7b04d5922

    SHA1

    a84ed2ac9beaad06d0d1c38d91b0032817bc1601

    SHA256

    eb3b9fec398f9e5d85d6a09591026a102d263679b2c3748ad1f528c646ba84b5

    SHA512

    97072a56f54622742551e98430ec4f3862c5936d0ef6d38d9370c9437f5d12fd6cbbc25e71732183eadd215412d4c2d1a33e31eec11a06367005925e459a8eae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    13b7d10d33b02e61ce367207f3ad83aa

    SHA1

    29be25db4a812abf0c201c64e172f335e8eedf3d

    SHA256

    25680003fe512c292e62fb3a794c5a7268f38f137b86bbf68f87d420d9854d43

    SHA512

    ae487282b2b1578a970c661f4e0128de30cf9b3db968c154a26329f090a14a9b2397d76f6ce469c9992f0e79ee9ec38aa0e35c00855ee01d944d234dbd3d8097

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc1eff57525470e37d019186b968a913

    SHA1

    042feec9e4866d836947bf3acca331449f60daaf

    SHA256

    3c62212bbbe660373fbc2cc6558383e4ff71f0a0d159104879491c5d1dae87e0

    SHA512

    364fb324e7e87284b0de80f5844afcb6dc2b9aa57b51668e52ff7b7e4c8f9f23c34dc363f0ab81d4bc054e0c6e9224162e376fcd6592ca8fa18814c235ecfa64

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0120c7a0f1947e2972a0949b435580fb

    SHA1

    12ca0a42fa04f713b96817a75cae413fb499b17b

    SHA256

    cadbd4e9eebfc000af38773dc5ad67ea0b71b8b3b3da46c542da5fcec932b087

    SHA512

    5fdcba85873a41312c333f31e84063af0e25421539be26a687a3fc14a7f467f642b6908323242c02888ffbc00452ad4c600c1221f3a3448f6d8f5d03c52fddc0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3519f703c3f03a88dc37d06eaaea2e03

    SHA1

    dea513580166201942639ca7888d066992f9b20c

    SHA256

    92808a1b486f80f906cc104e33654880e8343b0935287e57adc35312d82047fe

    SHA512

    501445ff20f5d0ec9c87be652a5340d9104dcb91de78a8755e34064db9c8b778560cebb8d4a85be1be45e88ebf357444d9aa31a10fafd1233c494db9e95ec935

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b9403e1b2fe0d805547e396b0fdbf40d

    SHA1

    db8fff6cd5f2fbbde74fb63ce8ec275b6ae74afd

    SHA256

    a249716e1f90898febc8d17010fbe8d55a2ea59e9248a840159f87fb2911941f

    SHA512

    32761801c25e25b625b93f3e2074a0cf993a6dafb9496745e8e9c170fca560320bcb15a1f9878b7ff32f184f8d96269a64151473d8917a4135a3d5d421150320

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7a0a89b29c3f0ac86524b3353f1290c1

    SHA1

    be74d2a558c2b7caa94de828d78841f1952ca5d5

    SHA256

    afe88dc606d198fa34347ef7f4f31e2ef3b2ebbaa10b185c19c31cbc0a77e59b

    SHA512

    41de47534b2ca7d9a952f93f5e29d7c903826149448fbf8307358a690a34a2c718c605363cfaaf03e26ff8186ca77eeaca7ffc064d84ebbcbeafe3abdfa93f28

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fbf8b88c4ad66a09b0543e3613a7ae49

    SHA1

    5c70cec0e0e710ea6df7cc2dc28117a26380944c

    SHA256

    acd605e164f7c39424816b88e9a0d3c77f27da1249ac8a2d81219a70018d5bd2

    SHA512

    2b2c0b9c9ff540b4b388a93d59e397eeaebc639c170dc449ac13a7fb0fa659d0c1b54163fa9fb9259d3db783b6f5d6bedc2213c64e02f95cbafd1a1cc67ee46c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a8d38f4a83f0e9af6b61b54cd0caa275

    SHA1

    03c745a393f5849a5f05aaa7b59262da23b37bc1

    SHA256

    d2a7d7708d85a21813c73dae9baf683b8e725d99c643e704450c799b57a1e2c4

    SHA512

    3eadd216c02b5e8dfaa8a542d6f030a9210d4af2e7810a02b0678645f084e89af30cd342f3cb897bc041e6733c7b55f6e4472a9e347b84d6d3888cf7112e7858

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b82d2a4274d4dc358506e3982346532

    SHA1

    2363aa1eae3ff77926c7663938bc1ea919672ab9

    SHA256

    57802cc00351d163b37908a78b6749c4fd8ecf9c2356583f07b9ced08fbf605d

    SHA512

    ba52f87b87a22f5efabaac89f0aecd5a280edb8d8ac605f8d5bcf97093997cb7905a268912f0c317fedbd6dd05f05b2640bdfe3f9ea7852f61b6ff1851d1b323

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    82dd82d9cd9d7e2b2a86415aa56e6c30

    SHA1

    065567092e56a4383ddbcece4389083e331bc583

    SHA256

    03d2cf9f3be520c47d06ef0661f2d18c65b099d2c0b6cd0ebe1ca474d603f6c7

    SHA512

    19c100e60fa84a4bd3fb5b96643a1afa525240e0fc9a20ca9b14e40883fc2f58136dbe59114528205d2624ab5364956e99301809c806f5c19186d642ca95e0aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bcf624cf8e5b810b1c04827fba0342c1

    SHA1

    9391b1ffeb27ecb68d56e94f326196831dc6a656

    SHA256

    a2287969afb1210f237f40dfb4c245f6bd3273f87663ddf9ca3b736ebcba7ac7

    SHA512

    1894449f1a2758f1e469ba1b62cbc7dbbd4e364cd628136d7c4a153d2e3f84be05c4e8933651627f5d38bd926cfdf99cde867719f39b446a2983ce690de7db33

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e43621e2b9806988e7f568130a1c6f14

    SHA1

    9f1f1c4ee96a1fbefabc669b755e93deca1e05da

    SHA256

    51e5eecedb33fa8e8f10bf333987e998774c7b096e3a2558d78f097d9378efd0

    SHA512

    c3a9b858393b73fc652f09c8313af83a56692314e74bda1491a082831aff3270219037e9fb93247a317e8bf29af1e653d6b88f9a75064e66d3f5c52a81e4997b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9807d9414bd189497f3e22b79a05a894

    SHA1

    e0bb0e33d56ba479b115d1a635c9e32cfc50467e

    SHA256

    e86607ae32f8eaf1484c2d29d12751967c6048d5acd5b513441be53740bcfe58

    SHA512

    5045abc9b59c99e7b0d4dcd376432535306a853fa7ba960dbeb4ec5968b97c0b2132b2c120b825a15f5657781d067f11d4977c3f1d32f99dde10da17897c697d

  • C:\Users\Admin\AppData\Local\Temp\Cab4C7E.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab4D6A.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar4D7E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b