Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    11/07/2024, 18:58

General

  • Target

    3a5bfb4a08f16cd5fc5ba0a5ee59e507_JaffaCakes118.html

  • Size

    53KB

  • MD5

    3a5bfb4a08f16cd5fc5ba0a5ee59e507

  • SHA1

    46c72302971a4c2680c2aae00859619d96e2b645

  • SHA256

    d915230b88cb2b8febb6754ad105798b8f11595afd9194bf13ae1860f4fc6dc3

  • SHA512

    6bf0a2e6f624070bb4d69fe0dd95472fbb83b93050cb4f8f3249d6e7e4f6d58e13a485b6cb8258c56721045e53b58ef9be4bdf1a78a60a5a83c3f8020d1dce10

  • SSDEEP

    1536:CkgUiIakTqGivi+PyUrrunlYh63Nj+q5VyvR0w2AzTICbb8oO/t9M/dNwIUTDmDW:CkgUiIakTqGivi+PyUrrunlYh63Nj+qt

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3a5bfb4a08f16cd5fc5ba0a5ee59e507_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:836
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:836 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2308

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0b7776401b22ecceb699abca7683b81c

          SHA1

          e1133aa5bb5318e2f810a02dc16f9f350ab17e13

          SHA256

          f6a210fa720c33cd59b1dfd68ebf72399262b18e3195a398095660456eba77a4

          SHA512

          0b135641802334253461bb9e1e9233d6234ba38fc437ef91f1c9a80b162ad6a89ef064420482ee5654af2341160d10226634bfd9b2c60a403ecea65f55ae93ff

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6280227f59d6fe98306c2e35a614233c

          SHA1

          b9c25656ce797f8b101ddaaa61b5cc1b3b27ffba

          SHA256

          36581b7bcafb0e4ae3e82ecf2ae3418875f5f90904eb49c1e53c4d9d2971aa21

          SHA512

          d0cde46e3e9d32f77b630965ead41de939d3f7f0641634bfd702045a70e1860b7385671957e58aa8a7487fba24ef1e6e94cb5d37400c07b5cdc191c9420498c1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bb581b502551e7e2154dad0b68b0c2e7

          SHA1

          00a082ab09766318be6ec5525ca567a6d0f0e608

          SHA256

          4a8eb72e439a82406d3278d49180fdfd9964e9969dd037dee5140fbb32276e07

          SHA512

          010d12f6303a7b412bd7aad2286f2f57274b7d05f34100b2c6d2e31444947373acf905738d79b7d078a0f85824c1ba39475f96e4551fef2f76a0612ac04c94a8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cbcbe8dc6f449cf3d5d88a7a8b5314d5

          SHA1

          2f84a4e6902b32e0d4e79c37b27ad4fafdf3a4a4

          SHA256

          05788e5de575715848f1438d5af2546b76f319d23693f1faa8831577f66830a6

          SHA512

          b62d9c2e7dda9ce7653089417a5080213a5cae7bed8f40841c1f75e2705766d0fadc0346f4dc9b7118b85652676cca426d05b47b2b402729f0aeffc9fa800f64

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          833c4007b673f4d351f462fc6b51a551

          SHA1

          5c7a0d63ff9fa4afb495bdae5177036f07558cfa

          SHA256

          4428a0421638265a1285b9ed5b3444ee007997aef6baca130e3f51485933800c

          SHA512

          a6d54f839a5a1878f9aa3239f3a7804575695ba7297baa186281f08ad64225ed8986107aaac86da1389857f7ab3f7549af3c7909344ef2ab964b71c165ded30e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bd56c0f1918ad01723ade68bd4119a27

          SHA1

          77c7c8c7c3cab77009179f2fb958701c07a6bcef

          SHA256

          7a9d4874ceb0762dbcccb4f230974d1609c5fff8adc064c82d047d56f749cb9a

          SHA512

          7dfffca172c6af20d85fb314e43ff6e66c64df5030b6d8d26f25b6fd49db644392c85a8319c86969d6fd5f80658848c2916125ac6fc82668cd2fd9570944e15f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6faae2a1c88e5cabc31b29f6816d6c6e

          SHA1

          52bcd63e09005c921a09fb4bca84bb02fd7cb4df

          SHA256

          7322ae4a426066dc23bab488bc02fd81689a59cd722210d2b0822abb59536a96

          SHA512

          f70a08a2abd9acb3c7f1248b8bf000bca4118d977e0f87ca8a7e502b342cb1d9a554a89bcc4b6ccfa2b64d8a345d3e34a0c14bcb96bfeb7f7efa7b94d9846b5d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b4c91058186d17b78483b9ab0b1c89db

          SHA1

          5278cd2ab4fefacbbdb93040829e1aef2fe84695

          SHA256

          8b4c65668a1141f3f3b8a0fb37f905a1edd9b0be66dda5b400d14f0110397a3c

          SHA512

          3fd00017ebe136bbcb29c3d13ab818acc25da7b8c28231eeb1914bbb710d230b87c08ac7aed1e75f0afc632f0670c86e5db273f59a4f78aaa0a2c74b4c626416

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8c7cbf05c1723141ce6149e59768bcea

          SHA1

          f9bbbfcc4452ea3d7501c07a2515284e37e5ebd3

          SHA256

          3f3c3218a9c5d017bdd4cd87df0ec3656870486ee18ab0ebb54f63c361ec7cbe

          SHA512

          207c7b358490f2de679a13bd50f0cff1ec3109439f472db707f3790b873a4198b95f3043da935801536215f074d4f35b09864bbfaacdecf6b935ca99018349e2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          703baaeef710eef2a7b52981f86e68aa

          SHA1

          0698d9e5be84e11e6866fe22d5005420e39aceaa

          SHA256

          b65cd660d548db351bb3b209ecf532d504b588f144b4d0c1bf312b1235e462b8

          SHA512

          a4a682785ef4e03c28ebc13ec471360ad469c3d9faa4c16580943dc3aecb32e9ae71d0fe7318a23db3cf4ef95bb37aae4af54e2a01de4cae7691d8af65929a9e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          edbfb16dfca48f589311b4ff0b30fbad

          SHA1

          cd6a19a0f9560c1f3a6f7d103135059622738ae4

          SHA256

          342eda00eaaf0a47ae4ba65df1092b5716009d60ad95177c79112377982055de

          SHA512

          f55ee5c75e27b7f39542b4353e304c330f48cf5c03e1e15d6cff7012f72052246b8262f1d3f2e89671a78107415495734254bbe05c79e0ea24ae69b854e80691

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          447713ce4275889d6be7e28f8b1772d5

          SHA1

          70294e4544607c1cfe10c0ec2795e3c631cd3d66

          SHA256

          6c423a1295922401f08195f357d0e0e6e550b3d2b2d656cc126df1aeedee6e17

          SHA512

          c06d87926bbe5e9c4940dc3180cc3dc100d296de079b6a725f4738c4104f80f67dd10efca27a983d723812c305ee77afac2d3e53fc72dbcfde449ebcc1bc8e09

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          16bc74b4e8156b728863c6d3c20a61fd

          SHA1

          26c9704baa641bd05a4dd61ce2bff51868ced2d2

          SHA256

          3ccdd0ce10de24aabd1841227228c026611d0e10c8c8f6778b936ed8350e83c6

          SHA512

          a22064891d3f19ecba467f3c15097da443a347af3806513ee5f91def7ba22dfe7f6868f82823cfd931f5c83dc7aed44bf9a5a8c2d249b655d1bfac222981e249

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9e264a19ba6aaed5c8e0d800b6ddd948

          SHA1

          42915f7cb4b1f79e5b4d31d838e865aa2b24bfb5

          SHA256

          6156845215f0a674552b0012c36fa799b888eb6d477e2be3b32fb4cfcb6f1411

          SHA512

          3ab29f5214ef76b5eef002b7d359a413b13b00ed5ee38ca917431bfc00ff0541589a7ad2b4a2f2659ccc294d180ad98e4bf131a54aa42ba0945899ab9e4bea6c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0e92c22750c1faedaf9f851dc5f455be

          SHA1

          57a58f80e9b1e437e10f730d4ad58ee8865f3f67

          SHA256

          fa9f577985a7598e63ce564b54b4b4d4d9fd0bb87bedbe5dac07cccf459eddab

          SHA512

          68a94085ebf546b791b5b7cec1337782c262d79943921e92720e889d50cb65e5cded8c283b6d0883279ec10943a66c4a17690968df670c282d0580916e772179

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6badb81bc6380bfebcfe39db79381c74

          SHA1

          8c146d97295d669efbc47a7ac7062890d64c926c

          SHA256

          4a702e8f2e5870eb9a09718df9f06d6f8cd5e1cfbfd02485aed5a60e1e12dd45

          SHA512

          9d760136b883cdca83aa4f5f3c1986873dced94e6ea975b63bfe80d7eb0999a965a2dcfb86b77982567a80c2bcacf4b14b0168bb7b2ae353213b0c37b8c1db36

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          13a45cc4eda40f25b26cd426f1688ec0

          SHA1

          ab1670247dc9731b14764d542abb446973db331f

          SHA256

          11d9cb4c1c36593e01b1fb6ac615949e5cd2040ec8fbbcd15affecfe8f80259c

          SHA512

          d912c40e09290a2996da1c3d2b1dc3139f8153d95c1a38302c2e0525b22a8e6de3a6595b80dd157c0ad3c98c40ee9d00b41104b531b8ae7f357b518565795fbe

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c096606de0a72615ac613129b5a7e1ac

          SHA1

          d9ff3a088c14bc48b96ce3e846f4cd7617c8f264

          SHA256

          cf7ba37ba65a49a02a7f5e235e45c054798c7f98cb9eca7e6155090046add8c3

          SHA512

          26c3305dc6c4fb8ef9acd48a172156bba00cd12d090e885b3692cdca0ee1125a9203d556d5115ce8d81b1fb1ee3f95683c6c8b06667e8b9766b2218b5c1bc409

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2316b63853dd8ba803daed0c52e59512

          SHA1

          e87080ed4ad33e47808be899645a6e708060fffe

          SHA256

          fba2142a0662603f703c39ea9032509cdfe7d3e8b9f898fadab2628d8a79df5e

          SHA512

          475d09579329b3a8a33eacd839e2f4487db507f5170ccf23234129f4092fd30ab54675c36853698e3eab886f2dd4a4fbd8d68a4550d86b59b7ff5696a3d06422

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WNZH54VQ\print[1].htm

          Filesize

          706B

          MD5

          67f3a5933c17b3ab044826d3927d0ba9

          SHA1

          5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

          SHA256

          97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

          SHA512

          03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

        • C:\Users\Admin\AppData\Local\Temp\CabDA1C.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarDA8D.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b