Analysis

  • max time kernel
    134s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27-06-2024 20:50

General

  • Target

    1779dc957467fe97d6fe2f1465da4d2a_JaffaCakes118.html

  • Size

    15KB

  • MD5

    1779dc957467fe97d6fe2f1465da4d2a

  • SHA1

    671b9cfefb36898e0ded2965b8176c91eafa1149

  • SHA256

    4979bdb9974766ee1b1a971eb6b4a6556808ad7ce46a58ecd1d8f4a33f0fb369

  • SHA512

    72d16dd0f20afaaf94d51dd238e1b22dc3d788536f3729afc4cef0ec2fc8f40ee7c6feb6852aa2c8c103e10177fb01e230a9ce0f11944c3f5ba2f78dca37dcd6

  • SSDEEP

    192:5s3L/3J9K2/KG8sQse36M7ROOrOHnYihaXuayVyI8Kh4m2kHR:5I/ZdzQse36SOOiHRhaXlyVyI8YhPHR

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\1779dc957467fe97d6fe2f1465da4d2a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:360
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:360 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1720

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5928218ede252dbf9ddd56573f9b1bf8

    SHA1

    6357e09d9d6177f7617549d4fa4d71fc266a696e

    SHA256

    814d19e9e31959db24779556abeab42c8563a7f67845c81a82f7aefb3f83cacc

    SHA512

    1cdd62f19a886037f38a2c6a161e2295f51eb7c3aa3826a6ec15405dcbb62398d33f70bc660a1dbea7f14275895238fdc5e57c45abb56cbb78871cd64a8803d5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    484f8b8bb3c62268c6d910ee48a58dd9

    SHA1

    3fa828bb34f26f651fd67389367b13e998e87434

    SHA256

    cd1514643023cf3f915d0c24e98b4fc6bcb142a1ebfc1559af4d4ecc98649646

    SHA512

    70db172110e194e17bd9337ffeffc04d08b74816715db5265158103a2d5dd585bd3232b9f032d3d0e384c067066d0cf40348219e819a26c3369e8f8f03046c16

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c194d26c1afde121b84b407877312b17

    SHA1

    c66bd78bd47a3454d88140a9f0dad521682808e8

    SHA256

    cadb430778b845f8ef2257deb4ab3929975d3836738b7bd576911b0e6f43dfbd

    SHA512

    8a9c0704cb8fa6bc2bc8b87a3f8269cd0713ce4a8c655128e48bbaef9c1a46a39c84c9b9989656904664389529e249e0c76a2db7b6ac67c7357e12b21275a9ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e725b6c7cc2239a692ede30a58cc7d29

    SHA1

    a5952427bf358e2f1a5639a60941a3a5af577b53

    SHA256

    9aa766952605e295936e592bdcde8f9c7f89a77eb5392ec23f34258f3de7b433

    SHA512

    e15c3f69da8c8672ce5e6f45a3de082ddce84a2065a0bc69345edafa162897d8c4b3b5a1af4ba0aaa071b4c0a63b32d9ce64bb68dd0cc1ff43962a685d8e0fcc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    71d42c38d3fcd32600404f7a4b743556

    SHA1

    69af51e03dd443b18f46d9b37bbdd14a8f97106a

    SHA256

    5d93218b990cc796ae31e460eb33684817556dff50511e67ca0dd24a9d86f1c4

    SHA512

    2cb7883b89766f760e80d152039f64526b0e84bce67b49a1648eeb6c672bfa929832a30e2e3fd7afbbd22465d86e6ba6cb809a1d649ef13b46cea675f40b3b6f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    60f881da94050b5c991fb956840cf0f2

    SHA1

    ff7e768f8ab09aedce191a3ac9b6652a1400e5ad

    SHA256

    3264ba70c74580bd3d2b23cb77f2af6eba863a156206e68ddf24237a3f7a2802

    SHA512

    fd167c2913727c2e3bdc587f80b5d7b8a8d39da97330f44b118e84912bab3eeb1b6cdd9448af1ab2299e7a335a4c818e2cb9ad17e8fe9fe2ca4aac2133e460d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5830fe640ef2ea5141c5b6be539ea045

    SHA1

    7acaaf5c03df61af50845ee3d5ecba16eca7a489

    SHA256

    c3d6bac4bfe744028e2b339fd3e7cc28c9eb7d773c6d56646ef3f2112df15d82

    SHA512

    fc731d86aae2413639ff5c27effc6526f203b9b84b2432b033442b2a05c2f828f15853ef36d4b259ed3ae241d5d7b7f8c94a0a0dcbde545d8c641675e90606f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    335341e5f7d648ed6426c543c9bf7ae3

    SHA1

    ff9a916479522e2631211ede8c81fd0b2e6e7271

    SHA256

    0602739d6c077b23aa6ea3cf30c3ea392c78de3517c561cca0b372295e83f9d8

    SHA512

    44612b64353b5df6868c3d017fa23cd09bdc135fb379f6fb173733197bfe693f7dc2fe22c41cf290190faa6b79a624f56e5b73481a1ef93d7223bbc6cf609369

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fc800f46e9da205c8ac5c4f8e428d1cc

    SHA1

    5be9e4021d2e852394aec54feb904f3874cb563c

    SHA256

    c2b7753f3e98367b5098e7826738745f1ea7dc54c904c515778afb0c295d3675

    SHA512

    44d9870c603a912eebf5dd325647d5ae7685036dd971d93219ef93d3c63d4973b982a0afbe4d25541e80ad085f609cb4ff3f9f89517f2f6b05f8a35d0b77d620

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a004ba45166425a32c8eccb1251d8a26

    SHA1

    a4de1c9f6d66c62647f1a548f7eeb5ed6ca8c43f

    SHA256

    646f4ba93a4e39701007b36ef72baafe6fbe86c6407f612452045e4fca880845

    SHA512

    ca65bd067d9f7288944684ff01b77cf09250d61c3551992db77d3da6ca323f0a42efdf8cba38b69b0c0c88d0b494432c0b84f6fa0b207311a4fe255b00d69fd6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    49b7f2bd5a053427335f9e3a0f92c6f5

    SHA1

    e16c22f5c250094877cb241f10fd871c57d00f99

    SHA256

    6a0da99d0d4aff1bc20eac1bd29a63849638b9081e55d8b5e1431364255fc3e5

    SHA512

    bb0a2a20216dd8a8907e2711051681e4a75b7ffa95352c23f34675ebfc35041307e19b576f9551dd539f24cb88e41c58f86fbc28b2921f3e49cc9f348df8813f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dd78b68ddf390860b5f722acccfce9f5

    SHA1

    ecdcd8d6637ced6fe0da74b0a943e92e84f1cfda

    SHA256

    25c2278cecbaa081a461a151584efb3dd315fdac8599f9612163a1e0d96ad5af

    SHA512

    96769ea28219432e26b8a679f9c0fc9330e03b896193b705b636fce92578875e234fcf2338a0d754d81ffe11a9c1d68744452e703e82109831d8ec1f3b47ceac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec1a92792be5799fceebb7fd11964ad4

    SHA1

    75cc823cff78032fbc1bd203faeec0913f03d97c

    SHA256

    6a92f7b0ab64669387ea488eb5e9dae84d01fb5a0bf1bc8f0c90e099feb81b7f

    SHA512

    08ef29bae6b5c9fe12da84b9c8ee735ad62a02daeadad105f811201b08328ae31b35f1097c08d00caab0cb3de7e62edfd2fe611d8cc0f844445f05ca1a3c05be

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    33b133d29f09e81212f2d41e60888919

    SHA1

    2a43ba9cfe1ca400a001e6c2f4c5f5e7119ad7ec

    SHA256

    163627289081b47092a458f0c62ad35dce33ab4f5c7385b1d1b62aa0a49cbbcc

    SHA512

    2504d73259ae7803204a5d88ac0976b11a5e604cf19d318136995df07cdc5a3935aa44c115e587ca295c085fba85c3cf01320146caa556e231d43779d2d393cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    604e5dac31d46bc99de2276cc18a0e22

    SHA1

    b3e91cd55671fe04077f731cdc0f7e73b60fcbd0

    SHA256

    72bac89fabaa48442fedac6cc91356656f419362d9f2a2ce942d145dcab7164f

    SHA512

    2e9e3f2bdf54c39ab98105b7ca90c43bb8a4bc71f7c1b7caeebbaa3d08f132d78401d9335186bc95affeb563ed58e3b75e7c685d37caf03f7f03b3fd42c65bf1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    201ef0966f051adef0a8784b8c9f2221

    SHA1

    ad17ee470dfdc0a95e4a7189e6d11345947d2da4

    SHA256

    a4b9766e14bcb166c0e08ef8acf8a71a88de8bd60b08ef99fad858b8b6e08663

    SHA512

    9c91f208a758c38cbafc514db6113c18c54f8781db7a9fdea636e4d259e437ad64a2225dd214456a2a0f7e93cab172cce36229f67fd913f7bc2bcb1ae64a7b66

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    86dad68259124985b3a1fb5252edd6a7

    SHA1

    53643d76bec5c510e31fc040022f3f5e14cbe8a4

    SHA256

    e422ef6d36f7283d31482849b20a53cc164da78f04a409e456478ebcec8dcd91

    SHA512

    304b3e85dda10237fc0abc1c2c293fe0220b3e994f83c9f8d3dfc2ed059d620c0bfc702d7cd99a431fa4dd1c62443af368418e3b371df27b7ab49acdbcdd7452

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3f949200ebe1d5cb8ff68006c539a30a

    SHA1

    e81f0759aea70fee9e1ff66aaf101ea8228f3544

    SHA256

    e3a0f101dd0dd02591221ab4779ee82644b269491e8763fc414365f674f0244d

    SHA512

    cbd80ca2906020f8384230dc2c7055520036baf0a233a6ce2d8f310c21cf95db1702528bffacd88ba9302fc5226c0553d3e6ffb9ef92a7dd67da6b39224d05af

  • C:\Users\Admin\AppData\Local\Temp\Cab322B.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar332B.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b