Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    14/06/2024, 01:13

General

  • Target

    a77b639e65ce5043bb0ac0d943f55d6f_JaffaCakes118.html

  • Size

    460KB

  • MD5

    a77b639e65ce5043bb0ac0d943f55d6f

  • SHA1

    67c5186c7ff046d660c429fc14676133bdfc46d2

  • SHA256

    dba3d2dbc97ffc6045f0709781a34d23d331d7e1555d9f7d621b238a6f0d0713

  • SHA512

    57d82d99f5a81e921f3420f3f28d90700c5b33c74b50334b8701a61d1504c2eb7a56e3ad45741450941efa26c77f2ef287a702891d73834e463ecbb7a7c10fde

  • SSDEEP

    6144:S7sMYod+X3oI+YMsMYod+X3oI+YIsMYod+X3oI+YLsMYod+X3oI+YQ:Q5d+X3U5d+X3k5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a77b639e65ce5043bb0ac0d943f55d6f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2036
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2036 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2696

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          75caf092cf3b1ab428bb681132564a62

          SHA1

          0e268a46b6fa0d072ca15757c9c17cc559573ade

          SHA256

          7937394eb62914248a30d079994dcca42adbf246569d88665101c78aeb44021a

          SHA512

          1f0e3e37f45aa7a37bde3d2dcaa2c877c4c62efafd1ba4a1ca189083af01d184749be76ed6861b8dc2c447da841c4fa60ac2159672da3e099176929d44318228

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b2f89198fbf9f17cfdcdab5f26fe9d53

          SHA1

          da8c1479095d37413b1bce239d49b8f5b6f0cbbb

          SHA256

          f6c83fc27fe92573846ca7b45b501842a386262b712fd799967d5d1ac61175d6

          SHA512

          5a7d08d310622a896a91b8bb29be78bb2e77d46f81fd408c8df9ab0b1719a842784974080629b3aece0de383a7b80c00704d1f882085539a9a3ef3ff271d6664

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          17415343f8d8e419284ee362795fa85b

          SHA1

          289410f62a01f5600971cebed566702773422e30

          SHA256

          5bc7c187f4f325e0800cf34f4654b11d70c9c0f88a2eaa8db844b6efcd8cd5de

          SHA512

          0ea72f19f187c6476fca2860dea185284b9e9e94c6aa04f912a78df7d54ee573746daa3c4d2608ae792364c0f1964774ae0a5cc07a278543365300993a304839

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2352f65f7e495accd18ded49d0c323ef

          SHA1

          edb2af2540c75bfb01496df04e96b6deaf4d6d2f

          SHA256

          a9476d35a8493d3c25e00da5981ac4c8904c5d98cf3c71a65b97e08859729d66

          SHA512

          edd8256c9b1df3672a8928aaf3d713eb42949a3d73a85c7c42c2d6783c8a7d80003d10c55024af3ceb96730b363b492340f4ba231d8757a5271952c688eb7bc0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          80af37f28084acc12f5a98bd7269d34a

          SHA1

          cda7f8302787ab12c2c28e5c5e94f28fe2aade97

          SHA256

          3c9421674db338ede56d8c02d50e37e75ef8785307184616c8d55c02f2012984

          SHA512

          0c42921f33e0f1191b5ea409b2839b57372c12fa1aa7a752a52048b006a06ec52351d1cda9ec41eb582615480046f2497338e396a02ddafe971871056cfe3d79

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a927539b1ce6ea1edf906873c6517725

          SHA1

          8928ab79b89c01b19a3a2fff3f842bcf8bb9065b

          SHA256

          14488e7fe762ab0ca70d682cfcca6fa8f9118e759c51173d7bd4169d257a559c

          SHA512

          c403c33310d0494e2276d9cfc15cee9b85c6c79e89c9602249c8f65171f7df8c2af233dd55699e4049f3793787fb496d76b70ab53ebb41d26931041bccbb3538

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9bd39a3ad01d51317b35800dbcfb4f52

          SHA1

          2e8167624c659ab76c34d4091f6ece82f57f19af

          SHA256

          bff5d9f510d64142324f3738340e2335a7823453182bcf280d69d29e610d8393

          SHA512

          d1304e25a4baf706e3ea23eca6154f3fa5b4660ff253f68b36ea179d7c1a9738b8a767d6f25ba626b681b1e7b20931dca2d6fc648ca895286e8bf5b059034aad

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          252dac2250ae97e256668d7d4dd3a6a4

          SHA1

          128e2f0b5be9cffa4296b53e762eeab445231233

          SHA256

          8d4de9c45f7d214e13a9e8d684fa59b9fd2bbe149f21f0b8d430ef0851fde834

          SHA512

          6eed01230126df4ad4c7f21f60ff22746a6b8040f750308433ded6b7e775fe1364b2b7cb8b36bc54daab9566b5ba889d916adc23b216fc1ab399558764d0345b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          09f9ac06a37a5385f3e2236efb446236

          SHA1

          10bf88fb84a62e30032e2a10522a5df2c44db62f

          SHA256

          b2bb6c1c12addbba510c3ac12c4cdd044f75c6e38b33a4137c79b05fb6ed12bc

          SHA512

          2b31fc235e38ce08f7fcc93ab57ca69a0121dcecb7722795d3cd5759fffd93cfe8507ed0f76bb336ee085c37ad44ccf383f2bcbeec476b40d805c633b21cb347

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a8fd4a10431e98b1875bb8eb2ca97606

          SHA1

          43713d22726ea47d4e73093dd78ac50be13bae13

          SHA256

          570b9facd1797a32217f484efa5f0c3ff76b44dd0ce69ac21c48f1c111539d35

          SHA512

          f961ab6451897e878709b24daf198a8a6e4d9dcbf2ba7077d5df088bb771036a5bd5401e547d6e44e268f4822fcaf0ef09056f143db23509a48bc45d1e1a61cb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          29e90b0de77fba08e4293b75a1eb17a9

          SHA1

          64bcb5739ee5acd5cc94ecf55ce1322faa1f2f71

          SHA256

          20a469bfd6914d5a09d34cfc9685c73f849bd6a1c3549ed58ed2f25355062ff8

          SHA512

          09cfe44cb60e5ac0714868124387fd612212917c5b61ac6a32047494bde6fee9892abd514ebe68a8f8e10b7d98430628647f87a2cdd8c595b8be05818bf82a7c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5b0398db65ba60a9eef53e4feb20f639

          SHA1

          81ff7dacf48e14bb3ad11ebd9f12f604e845fa03

          SHA256

          51ac97bfa4880a4041d695d26a1beff243a69e7ba3387875798e8e2a075aa1ac

          SHA512

          8e44152e39855b3b516df1e30e46290e22f2713f1015d59459fa3ce9220e5a50d8c6f76703b1da07c0ac0c6ed11238e2597db6034deecbf2ecf9736b3755d1b8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0cf22d466defff11b790f12ad6aad220

          SHA1

          da5fa43f38227c5f99afa6688b22bcf27c317540

          SHA256

          2b41d0aa6151341ac2d41d88d1f8f06b51004d8ab942fe9e18d4ba09a8ff88b9

          SHA512

          2c38b80c50aba04c67339eb65b6ea050ddf963fb480ea48836a0cbf3dcfe586df4b6e288936934b1095c1d528dc1e31a02830b28ffa4f159b458533e20dba569

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7c2b838a3dd97fe7d89e048eaec2c6eb

          SHA1

          edb936403de3306e73551122e0882bc42016d1e0

          SHA256

          92fc9bfd67a8f882adb118594f4271874a36918190f0494e467215df21ae903a

          SHA512

          e36f2009b0abcd94459797e8d6fe83bb54316d65073ad7c89bf5d60849a41822b24416a25ef9b627b4079be809b60066eebab7bea03a78abe7976c79b9b467e0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          00bdc0023830cbdea4bd117c5c17f1c0

          SHA1

          910ae6e5582f5c12c42c157751fbdadf5887cc83

          SHA256

          3c87f886f40952486d3ce0c81f4e8b52ebcb282ade9ee31efc0087d816a720f5

          SHA512

          358ada745e7be20fb3c928221a7917b9c96862a7ae7ff4a0fa258149738db6b1eb616f467f38b99f444f0d32920d3208ddcbaf4529b77a20a13e05d34fcc7288

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          356f11044e188679cfa3e9e6edc6f57b

          SHA1

          1ca14dfd0d0633d08df768608d4786b1fc20c07d

          SHA256

          de9154445dd0c1e36786ada948f9cde0860083ae27ba07b45beb9791dec3445b

          SHA512

          0f478735e4e90e1f257e340b24ad18205370e664900048421e59d0f350e1e6d6a599aff7f4050070a009620a917ead425442ba5050a9c0307cba3459148b1899

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7867e54b862a3d2c1274c021fe064ed8

          SHA1

          05f68497eca87b64dc98a6ea16b3806530975f27

          SHA256

          1fd925562108de889180a71e388df883855bf6428c5b3a5a03ebc8c23cc8c60f

          SHA512

          920ee0cec805cb575755d536c96f5866d80b44eeac03dafb5332e81666a77464f8bb9a0bbd8cf63a33b741fdc707fd2217de2822f1a5bce58bb355eae4d6745d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5b0d8114605746c9638eb852967cb21a

          SHA1

          00f80df90c19f47b53a511b0c847e068c1d6299c

          SHA256

          65d916915ca60ec0d708bbcb3e1556068c6c6e1179c8c9132b97e40f6cba0e17

          SHA512

          8c7aaeb7efc3c3941edbd38b7f1a23ddb78d32dd7f751a34834791f7a97c6f00f764e7edfca771a719610389c440df10b0492bf9d8681a81d442f21271b8a0db

        • C:\Users\Admin\AppData\Local\Temp\Cab479E.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar48BE.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b