Analysis

  • max time kernel
    137s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    30/05/2024, 13:57

General

  • Target

    8462603fa3f96a411e80730f6e75b245_JaffaCakes118.html

  • Size

    21KB

  • MD5

    8462603fa3f96a411e80730f6e75b245

  • SHA1

    4b39ee94c514e82ce5fe853a27f3be840f133635

  • SHA256

    85c3fcea1956666fcf675f2711d943ebb67a841b7d159370d6f56d65bdaffc76

  • SHA512

    67cc0e5be14ba823b4de0590cd0bdcbbeff5eaddf4aef2ba02ef69f83d68b9039a22ce5d3c016d58c1b466055c1538e2ae2eed5b3eccc461fdf54ed31915ffe2

  • SSDEEP

    384:ziiKhJefGVBD8cG3RRxihrImEfP4ycbp57LzVcr/DJZTOsuo:ziYfGgcG3nxerImGP4yoHiJZTOsr

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8462603fa3f96a411e80730f6e75b245_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2356
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2356 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2584

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    08cf48627d4c8666ee70a5ee1b98da08

    SHA1

    465dda1d6a5424f16795a834906b42418ec01b0a

    SHA256

    f9e3d0194ad22b258ca50032cc32917f283f13053fd239c65711a333de9246ab

    SHA512

    70670f2600482297db5dc43a6e36b0c9ef26071be51647cac71a9dafda55aa69e29d3b3d2b1e646f4591cddb114385d321d25541d54ccebb0418a42c94f061d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6f7e7ccbb777e91bac31a4bfbc0e1756

    SHA1

    cdda98c4b75ed7577d5aa6246660605c7ec5d9af

    SHA256

    4cabb84489e4d0d7d9340ad12ffef514b9f12badbda004982ed1664d456a91c8

    SHA512

    f40cc5c745e8fe4fb562edc41cf384374e550d193ea8197baa7fbbb69aa972a1c78bfeded3bafaab05f169779b3bbb774636e711d50a4e51c74b146e6a688981

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4400d797461aec7ee1fe966b6423e3bb

    SHA1

    a3e6c6759bd8a447c9e3c10ee9c93de0d6866cc8

    SHA256

    460ac1d886885af12eba08678d1bd1c5f1cba5661f04a6673118cecb5e6dda8c

    SHA512

    f0009fe577c85166e8f8204354862c0a45144145e87aa119b1a80744fc839087ff4fe7bcede6aa6221bd2a7c601ffc9ad06561525f442c1d4de737ce62dc1ef3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5e659efd911df499e7f274a1f241f5fe

    SHA1

    534e6ff93f5bc623fb209a01ee070c99ea17ae56

    SHA256

    a7e8cc6d4b1fb75dd0b98c6c5e998a722e742f1afab1a30854dd288b777811b4

    SHA512

    89874550226611c093df69df5b15d2fa07d28c9f2834301e94e60b58c78ffba807d99e1f978a224b603287ce8dc440f541dc19fd0ea27e08d200b9859edbaa6f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    91e74438f5fc55523eeac03b4e83fdf3

    SHA1

    409a5eb06d92b676cbebbe3cd9c18e3e41a7686f

    SHA256

    64612b6e95ade240dafc58a715c9d8699f15d6a1b47479000fe6f5bd72db517c

    SHA512

    3055a5663f8240fbc0cc902f77fd3318ad5a90a0c675a7f19f6c9569844f64e383bb73552e6632ad9b105f46edebbb2db5f8c0e12b4caed616224d26b0d62319

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5bfad7e6014c24ee427e9552c1e4cdd2

    SHA1

    049bfb91061502edd50f93e9f87ee7f2b7dd2ba4

    SHA256

    9277dcacdf79507327b4995300c4eeaad4e9381bef7b235e16c186de3003a03b

    SHA512

    eb2e5d46b85446b5672eb3b9140e80dde0e646bfd7fe1200d4c884a0eb203e5dd9206620582f348021f342b68beded681d863b0e40448e71bcbc438f4c4b5a4f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    51ca15c894f0aa2e28450e7effb6c7c5

    SHA1

    a402ca0a2eb43127b6dfacb911dd1bfc22eeff65

    SHA256

    85d1568dcc54e2b0100804728bd8de7addd4504794590a9ff82e0a285c32ff6c

    SHA512

    a5ce53e6160a9df91b3947487ca841822e498921a11f9a9613a64667c8a90aa599ea18da75c5529bbf16fe1c0a07076bd43f7f9cc5bed0b4777c57c8650f00e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cc021256e7ac6a45aaa73039fc588047

    SHA1

    939f17090fce4a69ad7ef69db61b7d8c6d464b6d

    SHA256

    9018aa1338902cb789f92b611282832771109041738c929a1eecdbf1301a42a3

    SHA512

    3b5ab199a337d931c86387ef8585427bf82c7074328daeceda912f665bb9a62b32a702c6cad210c3025bcab4714ce05492a4062b46c3201edd743e37f1b7d1f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9060fc231ccb661589507efa63fa44ff

    SHA1

    9c0f9c076e6fc76e0d99a27ce50114a2e873a733

    SHA256

    ea62103325c267fccfd8fb9bb79b1c4cc351ca932109a88236ffa987bc999ab9

    SHA512

    64d3df49c8c87545ba28625d1eadb7e1a7d0f0328a1d57c331df61cab18c9619a0678369e239ed6315f749138fd8afd065ca61c098f3b4344c31946e96606f24

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    27fc2df89db4e6d9e03fedfd4fbdaaeb

    SHA1

    495c416cdc4daee0f7e9f3613eb818bf615d3928

    SHA256

    635f917e130924b723e9f392da0c193293186873b9119da1cfcfecaeaef8ba83

    SHA512

    ad09653f96a808fe08eac03ba0b7c1f23655884dab3c8f63a66bc1172625cceb6e1cd37d55a092dd402222f16671fbba0f699ad7f4944f58f122151c37ba1f7d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1bfc12d4bf51722845f49b3804e5e05d

    SHA1

    f53e93378b4fec661ddfc7b99e084693606a0a76

    SHA256

    6ddb7cc7d270317d1ae9ca14ce9cdc32d1bc9e3a34637d2c0bff44b623593b56

    SHA512

    deae88ca1b89de96227c494d3cfa68a638d3294bc37e1981943654fe27ef0acf1759058bb3971fff70f10d61ed03148579da780fcdc88f38ed0107b9f1be3028

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c21d62725defb8bd812c61c78b80101e

    SHA1

    e1ac26ae49e36457a69bf20a4b7e6cd84dbc4b3f

    SHA256

    38d8b59a867bac1b48951593058311c4482e1636335051c02f0611088cdd933c

    SHA512

    ce5d2bac32db01da9df044acf154dc8ce60e34efef142da33f2152d224e67157fd986ee0d85a93ec098f72674c0721ade1074dc3431ac3090eb3b52e66180f7e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d85310f6d78eec51721e45e51c606a97

    SHA1

    09865d87736fdcf1cdd9c7f3c47b10d464107e7f

    SHA256

    492e975a7627bab25396a531f52924bcd086e217c9b6e91c37412850d5c96d04

    SHA512

    c00015f40d5a98c3d34530105c95aa31f8907423c00e0904927aed681d3c1b40832baa7fd7ca00c3ca40f2e51300e106e3bf8535f59344deeb507a26dab90fb0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a4163e21e5074638b64eaaad26a3891a

    SHA1

    f7fc73dea0294f226860787784a8d08aaa010ca6

    SHA256

    da0f44a2ad70169ae93784a9c6fc0b4763032e5b97cf75dba83a31f15f15a17a

    SHA512

    d367eddd916f0d5ea3954e9f649356fb272c05065059174b0a8d9878ea014f64dc4c6227de7f22298c8281afbb5e9a78cba647edb8c317d7e0493839f237ebac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6cb5b981ba778112ff87d9312dd2c2ff

    SHA1

    cda9a967fd5ddb1e028e27e4675c2b97a66d5b47

    SHA256

    82ea57464ff628b04065217a340e04a1e822e05ac28b48140b7206afcd87afae

    SHA512

    90c506027ca3e17e149dcae856ac3047163e86ba200f06d67215dd2753bc855da56bb404926aa813fb94adab78b9c18700ea00336feca3fa53a5c697c242d87b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9265e1ab0ea1b4efdcdc453dda8839ae

    SHA1

    2221d23d7c22330826fc5b388c59d3e627988695

    SHA256

    a760f1bbf272cc052bb8be665ee3a650d830da73dbb8a63865545578c9931636

    SHA512

    96d1341578fa8bbadc4ecf2890c52a9331b75d8e8542b76afac2d24e38b5fb1d5474f132a95553413c626d4bf0efef6712c1a5e1b7b29a08d2dde0780dd7e5b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5ffd353ca36e69fa365d57f97c209709

    SHA1

    4b90983ad802e57ced5166396cf05de373341417

    SHA256

    c629c12b4a9efd8c0cfe29104d9dfffda18b06eacddf34be57b3484dbda786a1

    SHA512

    7363b2ce0d86cedfa2150f0cc7f117fd0911776f7a9b022465761aa2369f416de961b8f017080efeb2ecb07f800f6053ca0e43a9adaa55f4777277e7e8948be0

  • C:\Users\Admin\AppData\Local\Temp\Cab2169.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar267E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b