Analysis

  • max time kernel
    137s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    16-07-2024 02:23

General

  • Target

    4c6b73c22399139e6b2b44bbe51fe653_JaffaCakes118.html

  • Size

    53KB

  • MD5

    4c6b73c22399139e6b2b44bbe51fe653

  • SHA1

    a29cd43fe2bc5bfb30cdf288d86fb8c136b13772

  • SHA256

    4058197204d2cf1b5a6ce685fd5ab77829b6bb72b1fa2d425edde9a84c62d4de

  • SHA512

    277de0af2fa1b59bc3e1f7f68606777b55905610e3b49aca6bc1e070bc550757b043b405009c0e75fc27ef6c2412d114b6d212e8738bee1426fb226592d8d12f

  • SSDEEP

    1536:CkgUiIakTqGivi+PyU1runlYF63Nj+q5VyvR0w2AzTICbbDo2/t9M/dNwIUTDmDW:CkgUiIakTqGivi+PyU1runlYF63Nj+q2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4c6b73c22399139e6b2b44bbe51fe653_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2596
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2596 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2644

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    22e8811894a3fcf042e30fd6e6ba9e5e

    SHA1

    c40aa14d349db4fd29068b5b3f4c2da49db9838a

    SHA256

    8b8e1b876be312c0115c1f91b03014a3f55f669373a647c93b22bd6a8acfb1cd

    SHA512

    1ea231ab27d0b7af3a6f596a98bce4fc89cb4a91f3ca0a611f7e6531c75818e4b925669be49528f8f09d59b2fe83b25f0313a59e7fc88aa12d6543128539d333

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bb5830cd36871eb3123491b27beb14fa

    SHA1

    dd0c64c7d7fb0d48e4fd5e0fbc4146115e6a9795

    SHA256

    e982d1ef65a96d1b42679ba4015fe9ddfecec6013f997d47d5a379360caf98eb

    SHA512

    ecc5b141fed32ca733debf8f181ddd08a281b58ff97568bf5904c415807dbc3befc425e5d6cb4d9976f11d6ebb67f4dea3273c6a1e85910c8d177994c83e8efb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed0c2311c4b5c1fb8a0e836fc6c99198

    SHA1

    e2cf6679575b5125a8229943836ae2478620c72b

    SHA256

    96f4541c248463a534b521cc1deb879d557b969e2423ef99d414bd6b7e517bf3

    SHA512

    1b41e0cb60cc0f11e4233b1eacf0bd11a5866763493fec76b1203134c41a29bad40179e1682d39a13a69968092b9342b1154420a4213c49b835f3eac37fb2303

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab62be1d3b664bced81b1541be50860b

    SHA1

    2c316612b68ae89c2b23c87e8a22aa6258e63d5d

    SHA256

    a57fdc64c41ecd6715513679bd7cdfa0c853be6b4ff8a1645c49c07cdb520e8a

    SHA512

    08c88e6286b674ef0bada229133e85ae1a17c1cdf7a76029f9605bd616f4d5b40f929a6561cbacf0e92c9ed6ba300a76cea77b5da0a58636555fb7ec9f59f72e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    058d54d66fe52e673e10af610e01e553

    SHA1

    54a38e70327061fd973ba8d42fc2e5c26ac8add9

    SHA256

    020e312d5dafb66ba0a126c68ae715bfa9ec645b4be30f42a8893a20294da1d4

    SHA512

    73572fadf8eb77db85ddd4c343230cd8aea66e59cc42a0e9b6a8777607e5da4dffb040bb9fb2de17217c4d5793ad9d56d612b189b8c7edf729ef6414d2e64bcd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2bdbed8cfa14b8651bde56159400ae92

    SHA1

    130bdf2fcb8e3fa40afbca4f89260fd7ca5a6415

    SHA256

    f3bc068310e1e12cc41cfcdde3fcb3579940557e038d33dc2e7de0417a8d57a4

    SHA512

    c80878a565a65d28c732e6ad88d31a86466938fd5552f39bf7d1b7a3496e73cf996dd4e18c3773ddbaad20e544149abbfb095c450f048741f35a7db6b5e9a293

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    96d4504b7263302bee7305f11885ae6f

    SHA1

    62c5be4b426e2e0b5404e7ec70a45b29b7fe160e

    SHA256

    74acf2dbea596f544873271745603eee45f0c9a8b201d5ff6c4fb9eaa98f24b1

    SHA512

    5e9bf18ad2049ec48d5770c7601254e05e3ae5a23364673f196d3794e163e3609775d7dc8fdeb861a16df6e942de1d7acbc9920d55af52342aaa0b92dfcc39c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67470d6128916460e991a50dd46ffd14

    SHA1

    4eaabd9afb4ffbb026ac880ac6db8680ba5fd27d

    SHA256

    9a4836a0e0b58dfa9e023ead0a4eedfe6ae407d32ebc108aeef41fba41c844f9

    SHA512

    f4d1405e0bba19741a3dbed85c03d049a4b41922a406c4d7ca2c0ec549e5c61b580e7c5b447f1fe9fbd5dd3b99ce8a3f3a5d6309d7be0813148b5cd4c3563bb0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    876999c5398825525869557b975da4d4

    SHA1

    eee075e770a9c2bf75914e70c345a44fc42c5429

    SHA256

    8548b48cb46aabdbe4feb9550177c2a7bf72aa5ebc12742047149e783ca3e139

    SHA512

    e2ac1668e10bcccc7ac1023e4cf6d8037cd72f9adb3931f20b05bbe8d22c99b26958f9be1c4f33bf24e963c52452d4b56b20a6c5a891ced89840282783f5d79b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    353b08c688d8c00a93e4cdde0d4f2c47

    SHA1

    681a36fa0d3720231e7dba6b47e8fe9229605cb5

    SHA256

    01e9452403509d6718d1e6c860e16f7c8377082aefa007538f4c830c3da85c4b

    SHA512

    264b6f2d2945829370dc898af7f7933267c89dde9be4d086900ba4feb1bbfaa1e5d452c81930780b050b5096772a0ef2a1a395ae337424576f4650b6d734ce44

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bb1dcba913b3dcf9cd75981c42d7c487

    SHA1

    61d8845ea6ce6e14f6acc0aad49893113232cc68

    SHA256

    ac57dc3f2b86c650f6ed0cd51b69a0549babc91b353f65602bc048cdec64c4a0

    SHA512

    96e904e70ffcff855d93dab05e66ac41e1ee1fc995d38263011a93f59ed814e351afc6fb3f33ee0356df49103d826b79a61c859567fc2d9a686dc76966d06e54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2ac6fffa582b2d329979520915e28629

    SHA1

    999c68edc603abbc2ea9ccd597bf09516de8d390

    SHA256

    622a115ed7609131e7db63ed0782fb7f474604666321fdc0fa7290c386b924f6

    SHA512

    680e25fd044f8c79fa734a8a84c813e9bde3ce4e1e67f30c23b74446da2c28b2ca2e7e1f88f9388a94bf89df41c2348ef653c5206ad365bcde4b1ee380c137bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    74bd33c5768035f093b0f705bff32de0

    SHA1

    942bb4dcba87d4c683d2a0c54d565a3521a63a4c

    SHA256

    b081c60462de8edac9c9c56ce4b924e2a541640158aed128501b405f99d9ea16

    SHA512

    857e4cebaea6231e2f9335ebc636b970101169572a296de8172ca9dd1257720267ee7df8e50aaf081fcf1b001446e00a708dbbb089656cea6eed0f85e079bd80

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec71388ae297c94ecdd34c645e461be6

    SHA1

    a4b5fe3b7317185ef9728fc192ef5a39b1e1acd2

    SHA256

    0cdd2351851fde6c361fabcd6525ff5391de7241dc38f05eb0a2f0fa62698c4d

    SHA512

    a8b3de15447425d0c4ae814c080fc3d67562b385d7e653e9c952eaa765887ec31a15950b96a4e19963017cde542e06ab944877ad43423fd9347f73c9887340b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dd8cc5cc0b9c4f997661c2011079b6b1

    SHA1

    69c7a0dc50905169e0d537ab143d0649cfa1b513

    SHA256

    b1606a190f027a9a23f283e43f21988773840e4f1ce106981c00a53a368d3315

    SHA512

    a5b4dcceb3eb2a0eda9523cca415f6bc6ed8b19cf65672a81bd1792597deaa84ba6be6d59e83f65e34254d355d1651882af1244b918d70e23ae620dc9de1ed17

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8c5d5daacd7356c0d9b12fe58eac56b2

    SHA1

    2953577bf2e7596a88c9e40aee7ee9d0499a06d3

    SHA256

    a20c1aa9d6674b84fb0139856e2b1ea95c453d58c64876de31c42131734d9912

    SHA512

    7091b40f87b86066d33dc8f9f42fe614c1d77a4772c7b76030a273d5074440d14c22c406e4f8a511f4fd37d518319d1e223c84f4f5ff6eed3b971f4ac665d4fb

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NFAY0EOS\style[1].htm

    Filesize

    706B

    MD5

    67f3a5933c17b3ab044826d3927d0ba9

    SHA1

    5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

    SHA256

    97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

    SHA512

    03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

  • C:\Users\Admin\AppData\Local\Temp\Cab6423.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar64E1.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b