Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    30/05/2024, 14:07

General

  • Target

    846a53081f138244db86e75b6d5b098e_JaffaCakes118.html

  • Size

    452KB

  • MD5

    846a53081f138244db86e75b6d5b098e

  • SHA1

    46a50107716c3bbcb845ac9f9d40a5e301f684c8

  • SHA256

    1a27947c79cc0d9dc060e8c30a5cafa499233723c0ac9e3463be06f7fc8cb9e2

  • SHA512

    382ec63f7d65b47416c9643b86f16900aab9474e5cf54c1b13d773153185bef6dc851d69456b9d32f1ba4c29d480a6b3c294ae52824d88c667fb70834291bee1

  • SSDEEP

    6144:osMYod+X3oI+YtdsMYod+X3oI+YWsMYod+X3oI+YwsMYod+X3oI+YQ:25d+X3Xp5d+X3O5d+X3g5d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\846a53081f138244db86e75b6d5b098e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2140
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2140 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2440

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ff6162e73110f426ad05827b71ea822b

    SHA1

    a6f091abceec108f4a572e9f32a5eabea1e9308a

    SHA256

    e38e48efcf970fa0925817d38d7d7131c6d8b39881abbec5defa251bd65b7c9b

    SHA512

    a08b8f3aa038de084c1779b072addda22d370e3eaa3d372a1abadf39e60b964e48f60861505f2d3cbc9838279128ebaf7cf39fe3d89d33db1ece1018cf215f0b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8e7418ee3400e2d406b0e8f7604ed550

    SHA1

    1c8ae0544c2cbb9c45dc28495b15620936d6a79f

    SHA256

    0997f9dad624ca39c67931fa29e47f7da8c8c2f8b25e4818bf60e5c4b089485a

    SHA512

    f8b505ba067e62920456a510ca0df6a46d6007fe961872339f186439e64f49dbaf217f8d86890d0045aa950cc5db2348d7dccbb5e789c5e99eef44e26b000ca1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ad61c492ce0f9508facfcb72efb9392f

    SHA1

    967b0dd86e8d62a2e1d21e6be7328becbf9180b3

    SHA256

    cb47377b069576ffe386f639e1def5f55740b40068a0c32a460cca20e8e7096d

    SHA512

    e972ef9a5dd4e5e4987b4d1c8f972ec63e7373ab4e713c3dc174f2c4d9c51f7f74e2d15abb4a7efa55804e9df2c90e071e5905fdf1adaaeb2e1921d739e0c358

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f3ddf77e525ca64be859fd904aecfa62

    SHA1

    5597308c3decaa41182d9fcaf0704a71c0d23b2f

    SHA256

    d5aa6a6eda12d9402cf7b3510ee03b9bb000c9550b1bd6be8d392961ac177b65

    SHA512

    ca85500649f7f9ddb045ff40f97298d74081fb102c0e8fcc6152ffdcddb3923927eb029fc84e6a132055cbd0e80613b9039bdab81676bc0a1a392b77166e1dc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6b559780d56b2fbbe9cee697dc786e54

    SHA1

    84ad8e53151a6761fa2d4a4c7ec71840660855cf

    SHA256

    0d2446f706686810043332f50df772dd90e9f9f6da7efcd962eea83b5c6916e0

    SHA512

    8fe8bc021b94b2c24c85d4bc991be9c868b15fd5793a7f6b64f44a816c9e1582563134b9f47701a4ae034f9d9a91d8d844d16b53a4ebdd35f1280fa667bc0e38

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f3e4d1a79c4ccbd925b7be882f97df16

    SHA1

    d50717c696074f5069e5e69a55d8525e094cae47

    SHA256

    5997a2d58649f3150e9ee7a60fdd7104ba36423f274abf95870e43a42af140d4

    SHA512

    330e0c235f80031bd72fd657dc20e5ba41db9b4bfb10a431238dcbb2e37816e584382d88a1acefe8959326cdeafe2a732d1d26b5b8f6937c671542deb9a60bb2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b25b62f62a92b230a1e426dd59dec703

    SHA1

    976ac67f59a3daab5c3c8317eb324fa0439abf73

    SHA256

    e50b8c7c56a34f320fbff1e4d97ac6813ad6d4946ea43cfcc88ab2c5ca101054

    SHA512

    ce3c72c7d3e3276a6f537022e9b9a127d522710bce9db720bdc06781372d42da7d52148bece378ca7cb190132245dad6667f749e066a51825e8b939c3166a403

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5bdc968918b29fc987e6e590f3a1e35e

    SHA1

    df417a95d3599d0667a61b5122b8f39d83217c3f

    SHA256

    ad4a8dcc3c1730cbae883281e2f3e596c9fff7c0510ad88e54fae0456c8080c2

    SHA512

    441642d83001a3313ca8be6000310147cbfdfa48e6364111650b4f12a3835bbc7082bcca37ea1f03aa05da030720a2e7709e02c2c1a2f854053df74f12a1851b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3fb5b15853c58931bd9fbf7b3bc2536a

    SHA1

    db9f2408b066717fdb8adf24a37c0a8d09b7e793

    SHA256

    f7d7d347fb860a109fb42270f489342c7dd55ba98897ee32bae3d874997bdd7b

    SHA512

    40cc7ccb2fd1c1255a1af298c539f21e985cf394ac99fe2109b671de22ba4485dccc387c68f780b72b656a7020e5d82ca2516b18a34604d163621f2fe163ad2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f8b79de36ae4da9aab3d60fd934b1927

    SHA1

    4b061939b63a2f2618c7ba7942b32ac94f1efd50

    SHA256

    2c8faeb99b6fe8be4f8340d0a097acf66cc63dba7a53ff59e6449ddb34d95d87

    SHA512

    f6f9676a049372bcea650696400e120e5b74c39ff3a84a7b309c0171a73217352fdb07e989ae5a47f21370b2e00aa0413cf632e0ffe5dea939e1ade244ad5afd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    918de2443a31399fcdf4c2fa0ca7d80e

    SHA1

    611fe411d16f17882324607afe38ab79f86450ee

    SHA256

    b9d44897ea6fba100153d046ddf272ee651af33cc96e016954db65f8977bd558

    SHA512

    9fa539481fd0db287dc92bb77b72a20772c3ff37f40239a9fbc651da4b4df7cbdbab8cf31d19aec461f5fb97a9c2ad2d5117dfc7c7ce229a9481acf261822102

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    05c3f9b52c62a97cba72337ee410b13a

    SHA1

    886ca7da8ae719f3332035d12ce4260f1210783d

    SHA256

    3606c8e4c2f8fbf691eb7f9aaf58f4f41088f0cef8dfedaa6e12a66032bf7f85

    SHA512

    8ec847f0ad605dd42ac3c3d0885d02a175712350c5a3fb2e51899c4a317331c231bb9a41a63eaad74fb3b47c570a26c279c47805c9b82aa017b9ff7045aec7c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    43a88121a8626f43c31789533de0176f

    SHA1

    035d7c643e964290988d06d74d07320b7bf80ef0

    SHA256

    c983ab734756369adebe4e59dbd66c36ba5527ebf49d2640f523a7734ad403a5

    SHA512

    32c907b9b930150dab30fe393d2cf15dc49de107a7c32664641d68fed09bccc0e87ae762a457f611c79666b5874aa88c59a57961efcf535f7397af63e08c779b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    470d06bac33b7e1ba9b40de84e474c21

    SHA1

    fdd8a43b2859dbc247415c9d06d970818361bc1b

    SHA256

    1128982792857d5a21d6d5bd1d3302ddf432b5f3606c468fb235f388de025a7d

    SHA512

    a807134637209c4cb914f89ad3cfea2ddcd2e7f45291e66b76c10c378332adb74c8aad6a836f21fef8100644451a429207377680d5235a0a5bbf39e56b3fc84b

  • C:\Users\Admin\AppData\Local\Temp\Cab2BE4.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar2C77.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b