Analysis

  • max time kernel
    120s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    20-07-2024 01:35

General

  • Target

    5e87c12697aae0835419894ff414d77f_JaffaCakes118.html

  • Size

    53KB

  • MD5

    5e87c12697aae0835419894ff414d77f

  • SHA1

    d1de8fcf1bc481824eae441987261db1a53027dd

  • SHA256

    d8aeebe3799650f5fdb7fd0b10644ebd8cc18fee43fe865659d5c507c398d047

  • SHA512

    0a4fa08cd6c12ddaa31426e677f6721dad806f09852720071fdc507ccfdcaaefd217e8dbcf3c9114a00cecc02662241d025dfa3d63548e51f9a98874ebfb3e4c

  • SSDEEP

    1536:CkgUiIakTqGivi+PyU2runlYs63Nj+q5VyvR0w2AzTICbbxot/t9M/dNwIUTDmDP:CkgUiIakTqGivi+PyU2runlYs63Nj+qs

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\5e87c12697aae0835419894ff414d77f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2376
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2376 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2264

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b76fcc701070940d83c8802bf4494c98

    SHA1

    7802cea49447b96cab82cc46f918e10960d33c53

    SHA256

    3a6cef20b76dfef047f93e06c0ef11e7c23a293b9d0e758b04a52f3e8acc60e3

    SHA512

    ac7ca991cb1b4d8c7c9f91d3d5161ec6a552caa27d03a691bbd3acd004acf19447bc538918a9eb06f5083b942ddb03164d4e01bf8e9db452fecb5c69dcf94136

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6fa3ae36dc51e9d2488806bedc3df798

    SHA1

    0fe8368d9c7e7dd73d98f9164cf3d0a0c5cf305c

    SHA256

    69fbee0620b830f1ae8e466d32e814adb21d3aea982e5fef0cd6549b314fae6f

    SHA512

    59992966edc5d4dacea8e08246afb201c56496067f43bca7bd18632cac71ec250dba7e0c5712d268d97e16b54d376d4d431ae2172da46ac2b4819eee01cc58f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba541df1abe421c69e31a6dddea09599

    SHA1

    79782e907914d64b42eed4aa2f60fcf563adeef0

    SHA256

    b623b2817aabcd55e0e561ed299b25b9b8e2d15b02037e0cf2a1702c15f1f063

    SHA512

    42ce79fb022d352756b0fe9b19b96cffc8403297f2b585b763f085d8e1740c4ea1bee5c15d846b675953a677394cd3e29ce3f02318285e7b0f58edc816c77785

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eff73c514537e9a388ee5ee6e9eaf377

    SHA1

    bb829ac732d81b55b2df1972c010b2ad1f604a5d

    SHA256

    c4cd8538106d3a457029b1e86aca08586ba6e8038bfc563ac2ffec168e13c2e9

    SHA512

    02335dd31175fd6b690003e1058c6bc8d4a2a0d05a55095aa35ceb04ff0d1b57f1869ded5df21b42ab8a231e6c34ae177e85163950b3801c1a254ee946a69a9b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc7ae3df9e593e4515b4a9d33329284d

    SHA1

    9aaadab6392f19974c5b1f473ce8db128b863c73

    SHA256

    2d734175ee2f686a0253e084131a6f34beaac1ea9aa5011385571518fcce11fb

    SHA512

    111139225dd52b0ed0a6565ea70cf48ac0e8e4260faa0aa164f80f767c55e59101e85ff234c39debb5dc42939d28c13489de7d8f195246cb12571746fa4a5893

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b973ab2c7bc65bf990c6530b905a4101

    SHA1

    62269996f19f2f1b37e72694aa945bf34280d6d2

    SHA256

    2c82b19fd3cdd4e906adbd70de1e88fda302ed4c600d9dcfb9dea47f69861858

    SHA512

    6e39c2348241e440325b4adf3423c79dc0da120cf5a94de1775bfc36136f40120c5b1fe2d81277e8788b2f1b5f0175c7e7bf0d6747c83167529ce6a9d069ed96

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4960e5bd1070c4a55167613f62cf3224

    SHA1

    3a12aab75f5c825ced2c19a3c2fc379612c8bc42

    SHA256

    c88bbeb1a46b2b1f693b8d9529287f4a53542567e568e95d361850de72ec00a7

    SHA512

    4296b85a250e257694b5c8beb7b1904ed11b17db9977276e5d3dfd70c9af5dd7f39b4d2f59728ff566ff96381f6a1ec172e2d1b0380dcd7ff4822716a7eac34a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    05a607933d5308507d6e2021e654694b

    SHA1

    446eec468a3e5fa00798c6cdd0bedd8cce7b3796

    SHA256

    663efeda8e012306a4cbac09005475eeeddb10184058cea358cbcc9756abe639

    SHA512

    c7cc6c4e2cb42416927e64bb34e2bacae73f86c311ac38f993ca00563c0ca2b175200a5f7fd69343fc207ffe76b943ceaf8a74ae433e0011e2bc25ac72de4d2a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1588ed0689968bca36e7038f8fb5eb36

    SHA1

    6a4c35b12c9271a22d260e211f466a6f16ead7f1

    SHA256

    6a62b9b88fd648d681ddabf8b90c4879a9a332b9863e3fd393982f87d2723891

    SHA512

    416944a289ae3c6a0d359a8779a5bee3372cfed65440e2195738b4d735cdbcf8eacc3f14011ed4d02d4c213f505455e6fcd6827baeeaa32ef189a0d1eef672c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    863bf1a75874cf36e4accdf5e9288d7f

    SHA1

    33f1ec688a61d1b0c703881508559247ad4f685d

    SHA256

    ca60ddbbca6bf4ecb1bd7c4b582ddb7ab1b737edbc43bcfe05eee0b295213e9f

    SHA512

    51647d489feed846a4a9d641e13fb2602e189f6ead4df9c0f99b8c6e2c543ea2ace0e856e698755b90b47d0a3c838309bed0e31f0b81b3b891c663682be8b68b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3e4194d236699c2829f5d377ec6d62c

    SHA1

    f9850eedf0299718c584614f9dfe68527bf3f028

    SHA256

    4bfac442831ada669b4fed7bcbc426544585546209d810e020293aa95af9c361

    SHA512

    9830b1aae047904d49bcd0d1f7072a135bf084b9020910d0d88377548db487d2e6d8c2a22e9d89b5824a99ec7927b0699276e15181390216223811d515d042aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6d1b13047c8eb091f58e5f3e05814ace

    SHA1

    7d048b0864c411ac8821c0059b10599c4241d6e7

    SHA256

    5a23dbf2718058a56a760db68c89bbf639dbe74e2d054b78bc2221016b91da95

    SHA512

    00da0aa120f446d46be98509cdb445a0ac54be3e03e61476a5e1974b9f6fd1f356cd67ec86b5cb2d7821b8308f60a5cf27cb31e85ffaaa998718c5a79d9a36cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ba69d6770789701bd982fc5c6559ec4

    SHA1

    191b52c60225a50a49f11603eaee4e634aaf6a09

    SHA256

    0360ae3729ea4b76b2d6670ddaa19ae4cb7ea368248e02c300252717c4c5068c

    SHA512

    bb26da947a07fbe6bfd72f29d8ea6241d0990977123ad17ee5206d699891e597cdc2d12e1bc71b3b6c72f3c4b4a8a7be24514c75a1f8b0b64fac856def76a557

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    763ac07992a832d0119b3ef43fe9ac99

    SHA1

    57ec207645a25458a92782be15c3f0cd06c2219b

    SHA256

    a9301156e594e5d5e01988701b79bed05159a8ec4987d844a4f6d197e9962963

    SHA512

    2d2ede4512a14238eb95cb1a6f40e23013c472c02a1a24c1fda5b7d16caef5ac1e43527fc6f0bc6c4b92671cf2a6488a019bd5859b69f51b79d860d94d2a46ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab237d3f35c408adf7c6b72d7b476e39

    SHA1

    52afc8d869dab5c9c88bf55416e6856248b102ee

    SHA256

    f0c9a7da193104f035ce970ac8ed81fc7d7d3851b7d69cd85b7a8fd2662033ce

    SHA512

    9173a7d65bbb80d787972af0ed7f7c29d8d5697ccaab5018e52a250e0fc3d7df12f254f75d3b2bae28528454fe3b990093c0a7322a1d8c653803421ea898cb7a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    be2fa16b4d1c1dabe4251804e7faddce

    SHA1

    265324176e9217e8a9b620d3c9dc862d14fe1133

    SHA256

    938cc2d857b14ca4ee2054c688023f56675e3e44bf5de1183c36f6fe1074c6e9

    SHA512

    921b21d08369938c6ecc766474ae4d5c75740de76a27e9e2b1733de916841ed27efbcc0c269d4d226ddcb974ad9472828699868eb63fe02832deba7730538e48

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NFAY0EOS\upshrink[1].htm

    Filesize

    706B

    MD5

    67f3a5933c17b3ab044826d3927d0ba9

    SHA1

    5957076d09bacaa6db8ddc832b4fd87ed8f05f8a

    SHA256

    97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

    SHA512

    03ba224055ffdbf32b7eea30c764dc18d66cc6d8707dc5fafab74e155b0bb3d4d691c5788b033a68f05299547297125122778fa7e3252f93e7343d918936643e

  • C:\Users\Admin\AppData\Local\Temp\Cab3ED7.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar3FB7.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b