Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    11/07/2024, 04:52

General

  • Target

    37c3711e8397f95e20726be78cd2c1a2_JaffaCakes118.html

  • Size

    6KB

  • MD5

    37c3711e8397f95e20726be78cd2c1a2

  • SHA1

    6590b0a1c98933ef239b69d0f96bd49716b98b05

  • SHA256

    cef9a5f3d9f8c5a4ddb3e926ca7798991650d5593fb95ad9e2417c3eb7a0f4bb

  • SHA512

    6575c4f80112f9c00ce32c34a2a64f16c58618861a004375339ded32ecede72413a08b9eeb26feeff832537a0fc93d30ac70930662b0d3b894cf939c48757921

  • SSDEEP

    96:uzVs+ux7mg0LLY1k9o84d12ef7CSTUvZcEZ7ru7f:csz7mg0AYS/qb76f

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\37c3711e8397f95e20726be78cd2c1a2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1840
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1840 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1972

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          9e04de27b2354026086de495bc2b51fd

          SHA1

          fa48963f67d7d1e0e125ef4a4cb7fe7b920c01e4

          SHA256

          9a8d56e3ec0e7b00f38abe6a90e584ced15aa62f50cea8e0b52b0a54280e76c0

          SHA512

          46a0ade06ebb34167302cb5ded2b7d0ea50cd6fbdbc410de2d382e2e00351a6cd286347d02cd3ebafc60e9fc85168253ec236943b7cd70914c8044d4e47f884c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          20b49e42c7dd5f971e78671869d6f69c

          SHA1

          8e44bdd3c93ea90b545bd0560282d067da408086

          SHA256

          1253a59bab2c47968d8206b61421809de36b900b321dcd0bcad45b4f8cca0b81

          SHA512

          f4fe6ec323635f3cec333e53f99341faed1b956d86a9cd884aae8f042590b19e364bcc4bc3ecb641b7b5f3f71b5924231ff00e0c46934dfacd242f777770fe96

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          d5f46461b44a04d08358a228979e5249

          SHA1

          a19de68f111bf1a418f8dab6478ea7f29b308c3f

          SHA256

          b12dc964e4427afd07c3872c727794587c82fc1bfd75ef4533f99180022192ab

          SHA512

          b2b4b654ea83cafd7de117d7f903847a5b5be89f87ff9ea7d953072808fa962363912af8e52e30c23da5ba92c8534671dd036dd619da3b61554fa8b7790c71fd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          2d6364ee0c905a94cec5e0a0590489c4

          SHA1

          802aa64406a91823679114956aacfb3a1fc1aaeb

          SHA256

          f6408ea0470c24b358b058b3885a87fc097aa469ead4ea328d416d0acb1a8ba2

          SHA512

          4a5835994e66762325893f2d6c3d2c8cb5868029fe0f5124c29c94afb54e3be452ba69123c3532fb15ab5f79d91bdef5747cde864f500263a8671b9083b9c105

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          068fbdada4e714f7435f212d1db9b3b9

          SHA1

          2bebceedef7b2e261723c6231a49cd702c176c15

          SHA256

          3d1cc4c8e5b0bd4f6f7d6fbdfbe04a93fa9577a09e91eab0fd56c593ec4499af

          SHA512

          46c631b131d8e7884376b203ff0699755597390704020dd4fcb2cb4de69612aa7e1e075d6c4ffd5835b9ae5af8b1072e74d91d03d40b516a293129c39e372fa4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          b8f946589a217a7ea6395bf283392135

          SHA1

          5bae5b8a0cf36181a67c835f703964283525a671

          SHA256

          bb900a8c92bbd0a89c5217d415a9fdee182890c39a88cce103de3320690be635

          SHA512

          dfe28f463607f4f7b6fd70f603439baf56a0ec1baa52dac95adbad537257776e6dda92433b6123e93e4e1c0d890157b703b3233c11f5e8de6de13b61e2fe3139

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          2a7aa25954e000c27056f5fff6b07561

          SHA1

          5b008b47a3f60473a2568be65149015c12373045

          SHA256

          5cd0ffd3b4fb883810926c94440574e9936dc69440b63d01b9b8c45d7472f1c6

          SHA512

          4dc00d09037b2957c558ac9725623b244c41c76cb5469b61de2a12c9def5d35d119e61c54de14f45894c5942ceae155ba46f8142ed218c965cd20aeb932f9944

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          5d72ddcd2caa97f26eea5d2fc171e8c0

          SHA1

          2d0b8128f5c443956b7a0c59423986df4866c983

          SHA256

          d023ec356cad9a6aa3094f6fc18d3d3e23d6b2c6ad3a44678c1333740595337e

          SHA512

          02bb3986372a09a23848c393a317666267664fcfe3fd75c1d136178711fb94cdfcb0b07ed99e26f294c9ce74da803eba18880511e9bb7d1f27f203e3e70be040

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          8ec4dd97009a862b969b7a423890a6d2

          SHA1

          752540593fb0d05345726d6e31d82a1b9b437c33

          SHA256

          b378b7d7a7e9bfa7a0cd6d00c73c872e6f6e4bbe96f3ff8b7f7a8b475a633213

          SHA512

          6af88ac43e5e8e60d5e7fa7e4d5d2f2f45c05e70219c325e9cddd3ea72da2989efc79ab484d782b328966dec0c174d7d9e1fcef12462f4bbbef7e39d85019336

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          aed4acec4d3e67c6317c1db5e50364ad

          SHA1

          dfcbeae0a3b57ee789b2b5df7c8157d2a13f9d90

          SHA256

          d10a7c304ffeeaa17b7c8801809b6eb76b4620e553ee21ed64caa0295afc02ea

          SHA512

          501c88a4dc86fdfcd3407eded9c3e618a184e8f22fb4feb477019ab8a3b322b9540322603f94ba7cc558ce37e18ce5ad499f8e5993b66e67bd84c7f4309e450b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          f1c971275b87aff87cdb5bb8497df520

          SHA1

          b7b449cf7b7a5bb11e3fb242d78053dd547fc584

          SHA256

          3a5f55f038e11356922902d6892db705f8249109956385271822aaf25d7a3578

          SHA512

          c98963d1d0af580c6caa6119fbbf58d7e4a09fd5a27983ffe0078143d5243017cea9d6e761984d2a598147e1476939429f361b5b931a01f1ba8360b8bcd7f8a1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          23adaaa0da3f220bb56ddb0428d8e33f

          SHA1

          a6b5c12245d3f1091eb442e4ccc5853faf39f50f

          SHA256

          7edea85738c4354b571872791980827d8b92fdad3e970521b90095181680a975

          SHA512

          33307e0a7e5d5f0529a89dd8c4d74733574c8de789c97d5b9b0b805c007ed051a02a4d225a07855e4920cc6806ae024d634e40291a1f4aac24d6fd039c8dd7b5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          b4a06823035bfa746e8a99fd7483a98a

          SHA1

          0d12822f090fc27bbc5c6a7a218eac10869ffead

          SHA256

          ca57c13698cd8a6da63474f61ba3fa543be3715659c1c4484dc814b72b6cb6cf

          SHA512

          338578e49bbe9a56a049f645e1c17f2bd9be70c06b65980783dfa22c0e2696b29df1af2c6b2ed9f927994414be56f1a8a9d230e25d7a76fd8680793ff3b45239

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          cb4e4d9f1a017a9fae74dc33269465e4

          SHA1

          caa659148daf69c1eb0846141555644f60196504

          SHA256

          ced7f4ba039a0f8099eb4681d01e076c6621ccebe68163b6c5f8da2a483f1ede

          SHA512

          e0ece15581664b26acbe4236113afa3dc6a70aa396442968fc6b7084cd05175b039b57336f8f84b285c381b93014412c990dee7954c9c67479186df133fca9dc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          9f0ee50f67a081267133495db8c8d8f8

          SHA1

          143e9c6709aa1edd2a8771dbaf5f37f102ace1ab

          SHA256

          a6c578fefb3c74b2e5cdd730d2baa077c646c18ca5400f155e9ded80b294400f

          SHA512

          772610159ca8ca8761e6e3b6620853c5a8b1b6c51cb808e711d1f5717f0862524a0857113940d789fa63977d382a8be6a96c82dc60f2ec3f5ce09a7abf8f26c1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          265f17630c242ae42214efeaef6cd4b7

          SHA1

          321147f6f38c4cf18e0429570a1b2ac2889c377f

          SHA256

          7e183061616513f75e85adc131e3ba894b8ea52c6e78eb019da7d3c50e08a510

          SHA512

          dccb17855e34a0c49d7597b4084b1c80b2d9c14ef205da65e0528bd0caf43acf446ccd6bfc75e4b71847c79b86fd60c0915a170ed49dc5ddd96a180f0a310422

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          5afbbda454e3f9cc16a37c0205ee40f7

          SHA1

          25775078ab6579030b88c5330232e9cf6d7b6c22

          SHA256

          3294a62317fda74ce892309cecf8b3eeadec7f4bc20dc1bffc148c3361b0feeb

          SHA512

          7014a72a3852b569b4324c1d86e6a4127c5a9ea1eedc380ff1817f2422464527d606dbecc27c96446b43684a9d6d712bd37e06b3ab63f49cd1df5bd66e9e4082

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          0c53ee1027e8fb58680396b919cff5b4

          SHA1

          59ef1a24141fc7e90d681083761ddb2ef2f1acd8

          SHA256

          2c2fba8c8701b4bb0c5fe9161da9e4d5a367e0414fb7681f30d53d910f795f21

          SHA512

          225c31e72a9ff80290d894ad9e2973278c7466df4fda3e9664e1a0e6e0a2042052db597e91452dbe105774e3be628cdca6fdf8ecf9d081ed4d927b9b848aec44

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          eb9a96989e51c6b72c2e82e448fbf801

          SHA1

          22f9d1f9af1c0482ce6cc7ae77803f1eed10e81d

          SHA256

          3a5a2843b417236c89c8bf573633290e9da81ec1059e9c3d5b25fcb8ad939ca9

          SHA512

          d615690a25d57bd487093bb5fe9f0b1bd30b8ed28bf3623f82b48214ff27a4a9398808841621094c3e5d51a501fc7571470a119d46f0428c9ad62eded8ea37c6

        • C:\Users\Admin\AppData\Local\Temp\CabF6A1.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarF750.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b