Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    04-07-2024 01:14

General

  • Target

    24206a00f5288aa1f81780d155d5696e_JaffaCakes118.html

  • Size

    53KB

  • MD5

    24206a00f5288aa1f81780d155d5696e

  • SHA1

    7086f9756e203a8ed3cb00925269fbd18a138893

  • SHA256

    c19d56c421414547111813627d589bec6be58c016a2c75ce23390ee51c37a6f9

  • SHA512

    9f7371a5b09c355c9bbf0131082f679dd5f2d25b07b03e22b4fd95986e2db826c644805ba770fa74977e09e56c553e7918911a0cb46e5a9376f26330aa7ba530

  • SSDEEP

    1536:CkgUiIakTqGivi+PyUqrunlYs63Nj+q5VyvR0w2AzTICbbQol/t9M/dNwIUEDmDc:CkgUiIakTqGivi+PyUqrunlYs63Nj+qJ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\24206a00f5288aa1f81780d155d5696e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2928
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2928 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2092

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5caa3ac9ab5eb6e0e305ded359787d18

    SHA1

    4550bf9b6852a86a5254ecfec9b826451d2fcfbd

    SHA256

    7eeac640a97dc05f6440340561c78223b6c0bb5e6f189dae40f4e92778cad443

    SHA512

    15c53d10ab58733c59f820040e59795d41da264475d47a24798647261b98187fc814796fda5c4844d9db9bfca0a65e7ec288564f7a72137d9a6bf9346e32c401

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec2af49db5674b94b0b2f830f07c2360

    SHA1

    891a1641a3d7d79da9e753793a02545992c281fd

    SHA256

    af30396c26931124039a14cbd71d8841d7a4dab1be668e71d0d4ab0c6fa7125c

    SHA512

    2f4f78b69dc4d54ca07dbabea48492088dcc0de8f87fee0982d9efd28d433169a9e38571fda34e4ce542c1bc6b27930d4964dcf7b851159516a15f62dd7f2c46

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    45a76b08ae86ec8909b4d0c1d06e4c4d

    SHA1

    88fee737c559a6f778a83ed1e785dd0193c9be22

    SHA256

    e93fdf283ab56daec8a0b2968745f611aaf507a5587a9d72b3a1e6f7a5490db9

    SHA512

    ae22bae891a8dac6e4a35f075915c7ef7123dac09d0b1a38914272691216ca7d12c14c76d2b8080933cad97a5ad186a0b827da3ec3b9de8e3cfc1f3063efe5f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    18cdf64bf218604776807d32faf11209

    SHA1

    d5c07dcad6e5bae3c4d90c533e3b0eeead53b760

    SHA256

    8baaa10619e5835396111eb3eb8fbebb9399f32eadafdf7edca8cefa2fc6f0b9

    SHA512

    54a8476daa4b131591545758e7b55ddfc4b0393f97f210188394de4bba21f7dbbe503047e77f9085a4e092cb4b83aa9c72ba74b02ebad9e29b0799a40d0d51e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e6e92dce0a3b44b7ccab579e3b0169f6

    SHA1

    ce52c620c949c579dc8e5c29fec2c0ab40027eb6

    SHA256

    a67e73962dee5020da746fde8e80678e88c827e075379e30948c0487e7c3c858

    SHA512

    e4b810a1b983344c6a9d75102ede36edc9d6f7af98783825ffdc8841c9511b76763c9d2591863e0fae6b07963c6b98da10575142f8bc88f2b666c73b0b37415c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0e170020080426cbf8c225ac714eca28

    SHA1

    3aad5b82add799fc98e19f4b12e792bc10f93c55

    SHA256

    cef2355ec0848a84757a39ddbc63c381d7b31b7f24ff52f1294ba32cce831ca2

    SHA512

    a6a6f68fa28783a84217b801a0aef4a30bc60830ea2fa876b83ed4564e2f55cc51b4fd7fbfafb117998766ccd76132528e7898b53719991338bac5f291a3028a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b036126890e77f8286afdbb77d2d51f6

    SHA1

    afe466475d63de58026ba145af462e8aa7f7cc36

    SHA256

    be2f42d0b94dca0aefdae3bb31a9c6c4847eb26eebddc7a763bf144ffef044f7

    SHA512

    7d7ff360359a77dd1c1f3f995259655f1c202d6522c07c5ab0c65eed8b9d29b42e9a40a67da4a4d5757355c36e9d3678517e48f39ac5c1111a8be5bd8cb8d5d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3974ec13eaaece6efcd77b1eed555faf

    SHA1

    6d68fda5d5fb5c3809ef000fd35363dd1e261658

    SHA256

    d3e89623426207bc2ecf7773634446a401c3cc04d6f9037fb3c397b3537eba6f

    SHA512

    2728269066da5c58778a776c01f28566a5dcd5b4dfa843dd0ee6470f0ff3e449e8eb1cdec5c4ad7b5d3c8e8cdc1840ed8aba10947fda5aefb7841fa191adeacb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    50d658d2c99209515e83259c42c6afcb

    SHA1

    0930a37c4487a757595cb7674974a9e90784ebd9

    SHA256

    159643cd520523339c3e25ea97b2ad922839b6689b2ed1da8087ec6c1c637aad

    SHA512

    ee9d82291222ff012e1f7e39f5ad7dfe3a7368437632d1b1069306965196299f2cc76e5752f773496891e1517c468cb6d6782684a83e043d39854b74bd3d52fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    42387b2ed15cbbd9daad84e75c56ff02

    SHA1

    f5bdc9f90ac97e65569b4adaae28815a26909641

    SHA256

    c8eb68132089a2a33f9e0fa886383fa11f5de58faf5e2e1360b51d03abe29a06

    SHA512

    93cd87534d78cd56b06d7ffd858a11f3a073c038ea563b3679f6c1f135b9a725244e6133701d225943a7d12312de8e3c384cc504635b55048bd77dd561d4497c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3aba82b461f6b081af38a5c2a5abd9e

    SHA1

    05f1d842d23f287cd9dfee7561597f3e91189400

    SHA256

    0b7e1870dc62a5970554985e6b028d3443963531dadf552a011f474c734bf9bd

    SHA512

    b5e969792ccc30f9d9654956ce0017f6e8dc67a0c6af591503695417e5b5afd2883775955e3ee94e42ecfc2016c296e8bdb6767a8bcb2792f846a5bf2d7861b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    28d22ccf635fbce6e330f3f62550bbb0

    SHA1

    a4da73f76242d08418f21f515bee8652e19bd38e

    SHA256

    4d9e85ac94f6ec4f30ff78d0926ec2694926040561f03197e1954a6b1c411df2

    SHA512

    8881a5c0c1ce827f1b35f7318e1eae40d61e1f4bd40fd3060d5bf4be0b8d616fa10c6a2712a9ed0e36c6b644465c9b73f5c9f43fa280700df63bdb2fe3e91e0e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cee8157cade7dc3631fd766604085eca

    SHA1

    bbceb50af5ad08704be7109409fa81945e48d5cb

    SHA256

    8e3a2b205fe58edbd443c89a9ba67c3bf237d0f8a4828fd97718ac0cc89e1151

    SHA512

    68013a96c6925d422373a0c091025529218c86ce7b65fbcece5397986319eb7819e4a9dd72574eb53e5c01488961f89cb00c5473962326c779d33ea134adf21e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab76d07396cf7fda6dfb8af9a3ce6a80

    SHA1

    712520a66fbda6fee2e3ed2af02354ad52742bfd

    SHA256

    5f0467636b2bfc30dac840d123311fc4e702900f932f80778c4c9f4506e0d8ad

    SHA512

    659d6616a8bdf461a94c38ceb5a3aa113b1178a3da6abe68cc7fec96209ddf01037ea0f78a4bc30ca9850c88c9b1d0f1d0dbe750fe08d74cb2c1dc45dd67a6cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed8132743434ecf0ffb9db87b55290fc

    SHA1

    a792770e8b80c7edb0644c1a3c5c332a42f7c10e

    SHA256

    9567dda65f20fe92cc3c4fcf366e234507559ddf50c55a7d917e0607cf781a8a

    SHA512

    ddcadf75eeeddff62e02f0347469452a515c60a01d8fec906188f984c2933735c80bd406df16c8451238c2b4fe4840ece4b84061fb2ce74cb9d9790d2888fd1c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    58bc9f6b2166e53df889ad91e6b2f3b6

    SHA1

    96179482d0c8c94ad2899940a579c17339bae564

    SHA256

    823ee72945b5f5eb7005b21d995d2aea6ff869e1079a6d9cf6a59faa896abd4c

    SHA512

    d2521c88c07e1aefec77db7cc47f0debb488e0e110897155fcd9677b9ca83780c436ba74412e2a969eeb757688f88cf7fc866fb807eb1373b888f65393afda37

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    59797448e433603530cd2b3fde4355c6

    SHA1

    131ba6dab2996184d863139c7566b94020e31a57

    SHA256

    6e9afb30b48feb219df3a71de38563c0d2d601aed6568fe951d7d6be55c327fd

    SHA512

    9f694075f750b16e672ff2f9df1353b0bf0ad54c911e233b76f0e21a08a0ed115b0931a5b2b0e97e2ffcfc03aa7852e7ce4aa498552c1eb87b4b517427d9a94e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    95b691247dcc10e38fe110acd74d0f3d

    SHA1

    67c3684f6c4451052bfd4b801cb35eda742f4b25

    SHA256

    d2ce53f046b72f312dd68bb6ce53115063afc4ef6685d450582c9f7dddcf2675

    SHA512

    563d129e96dee64cd6553fcac2d2cda8fd8831c7e4b383b301d7905b7c2f516fa41725561095760009abc6283882b8cb5cecc878b34cfc060c79820b67e1cbfb

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2XHJXO3H\wt-logo[1].htm

    Filesize

    706B

    MD5

    67f3a5933c17b3ab044826d3927d0ba9

    SHA1

    5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

    SHA256

    97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

    SHA512

    03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

  • C:\Users\Admin\AppData\Local\Temp\Cab3871.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar3905.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b