Analysis

  • max time kernel
    121s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    09-05-2024 15:53

General

  • Target

    2ab84cb6714f06f1c3b710a68a136115_JaffaCakes118.html

  • Size

    254B

  • MD5

    2ab84cb6714f06f1c3b710a68a136115

  • SHA1

    f92126eb9dcaf660d798327a3086b6e0212750d9

  • SHA256

    5523aeb90e64a6fc7d3d1f0fcdc3723c0bd56f8143a10ef88ff91a89bf6b3eb5

  • SHA512

    9159ab7da93b39497c4761b6ac28329efc3477d5759f4164aa5b6bcf7abd63eea46899d524eb0cf643f904c1d1877edc1b02975644d2f121d8b9b9311727f3c2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2ab84cb6714f06f1c3b710a68a136115_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2320 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2448

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f1ab16ded58b7c59e30220717ba125aa

    SHA1

    cd7ebe75cdfa31b484aeaac897ef248308af419d

    SHA256

    2bf13f238a853591b70246dc2eeb89834ac8c177706cafc7307f705f3a09ba0a

    SHA512

    b48f3f0812bde25be1afe5ca0e399db8efe4e4d2ddf02db2ca35fbb080bf79a94fd5d4dfdc5709a91cc292c5e5673643bf56347fa583bbedf13f0891fc0ef583

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3dbbb6caa2652393bf18f70a3ef79d6a

    SHA1

    482acf78d7b1450187dac0a52f0c0a18148b84b5

    SHA256

    90162416642c258f678048d39ef7f41542a06908c636578cea9c6dc380704ecd

    SHA512

    cee4a911ff03cc9d42a2caaa83e8f144e6279d9ed346b430b30d0a4786e8f1070ccad895fc501709cca6b1f8ee4b42a32cd5dab1a9a05a575f5238144eccabea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6071df51dc2d4e71b9059c1eead03d5f

    SHA1

    e7b23e41abb5bd002c00087aeb1c4c944f9cc52c

    SHA256

    09e019d4c246a3f039d487b917c26d2a90a2d8abbb4afd15f63c29e74ca26f7f

    SHA512

    24be888859598f44b314b20bb57250353fd7599a830b2367d5177ff3567062bb3742ade1a512173fc4a4fc85718e08584e50526c2992edd7daf091f5230ec361

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9998424593f68685522be9733dc49415

    SHA1

    946e5a7bd9aaf25101d7e496cf3c53e91d4dd860

    SHA256

    1ba003001a0fe35fa29d3747c62c8a72c56d5697d8666b4246b5cf6f3d9dbea8

    SHA512

    89a8a00e6dc1239e7ca895d25bfcc9872c94fe9eee8cb5a9760951f65c6b9d8224065d9373d954aef358e7052a18f33eb0393599442f3b0470f845af420f067f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ea65ecec9483ee003428ef663e8e3b9c

    SHA1

    7e82cd1320bdf2fabff2838a10c8ebc34b27708d

    SHA256

    a450d9fef5760422f34b2d0e31042425dcaef0df5c7aecd452ea485fead68fbe

    SHA512

    1ba732bcba358486be7815606efe37ac5a414843c7453b411d253121b256d95fd0255a2abba29b49422446ecaa8f190823882c97122121dc7e43db1e2f154e79

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e9a2f1efa20ab712c8cf9140b7c137ad

    SHA1

    7c137b04c8ba5d15bc56e514f2fb8f17a6889e35

    SHA256

    6a926954a327acb857926f591a842e28b0fe1299b609a6fc1de4732e0b43dfae

    SHA512

    f7eea4d2ef3ff11030178540e08d43353b1283a2bc70a82c4441cb16a91d52032bc8ba45bac92d7db51b0644c1b596704250d9e60d5abb2cb3d99a3997a77095

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0b9a4bd58791e91d44847f28cd7defc1

    SHA1

    e2d98c366145546b4fdb0dabe821bd9323ee7eee

    SHA256

    37d35a870b7f34af86bc1e15ff465fce58860e0181b52633b5034e63283a0b40

    SHA512

    d97be560f1724e094016e3c9b15b5a2347f65f45fac012ef3daf296abfae3c20662687c11e1fc9d24319ed4a04b41814ebcc085f208f62f9cfe2f1001dbfdabd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5a0d5a13a18dfe41e8850f832ecb4fd4

    SHA1

    4e8f50b2636da05c86cdee6870af42884ac2330f

    SHA256

    0ad5c813b1829b9b8f259b5a74207fb81c2f2de54428a84dcc494291070786b9

    SHA512

    df2c08cb7436d8e7dcf3dee09847a476f644bd70a431e53e63a7e3881e60870e7d0a316bfdabbb9a801bb841ebd955a0e6a14e8368cab381969261a4ad42c280

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    458f5abf752ca8debc9c25b1d211d2f6

    SHA1

    2a694e76435b215aecd437155d20091bca88802c

    SHA256

    22f202218802576473d205a869f73488e8cf985d618b2a5e6ef611e8c2b5e458

    SHA512

    192c0f28014c99db7f26453192ff4e18974d9cdda2d52e9ab240fcc85ae0cc18b61c8a2b77da0a3f965e5ff1c62909921e4cd1d6e72a431414255760c7357a81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    864b2f7e426b71b813ab2e63c9401240

    SHA1

    32d8cdd6ccd221b5b2b37eb1788699f11617744e

    SHA256

    d2c53f73ea670ec433933b630217b7a1457943710d5c577e2e458286c88447a2

    SHA512

    865c9d9f3b862c5dd02daed0bb320c176f8c1c5db092d72426fda38b26c52e3219f7620d16b58e10c59de6067d7e3dbf6b63a57658cb56f14e6a7f49794d530d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c60de82a615b6ca75114af214e48d1d0

    SHA1

    049d288accc5a79bbdd72feac9e01fdfd1d27116

    SHA256

    6148eb498efe412d972abd071db8c785ede73feb312622d5b5beda234968d5c8

    SHA512

    87070271233d384ea83afed59d44302cca77475631fcb6458d468843db4c7b55cbde10a0b2f23ddde59ef90ee341f157664a19517802323436ae4bd9554f7a9b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ef4b7121d10dda6104afb341b30160f2

    SHA1

    ec3c1ca710a4066f425953ae4087dc89bf50b927

    SHA256

    89d7e549a2a64694119dc4ada702faef175b91279a416dc370cb7e2490f61465

    SHA512

    7929782b70d0054445ab0eaf46b8fd86c4a5476bc9b5da4427c633723d750009aca41f0749a39b2ca72a772e160e86873c04cd6b7b4b2923f8a8e81b5203b11b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    36585f1984db2e51015216e9821b6339

    SHA1

    6eee9503814cf5bb63d12f5f2ea920ad549e6fc9

    SHA256

    7f637eadcd7e7321c1429f31e01880b6b5190db40ea81da4726a09f5f3387b37

    SHA512

    53f969703321ac39c6e02d51c56e9a4a7c5f0fba5fef8d8cb7da3604f97ea8b27fd38618face10974a5552ef56d6afccbe2a3dc1ccd3d82c0ff0728986be8dd7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8ebc45651c9e33bc6cfac50622e3f9ca

    SHA1

    a31eacbdfd2f224086be35ee5702a700841bbaf1

    SHA256

    fa7f5bf413bd4d60fe7bfbffb34666771ebc48002d4b04b80972c85d3e895ff6

    SHA512

    918a7f53b310f825ed3650d9ea301bf9919269b2395da9c244b58597a6299dfb9419f9d67b15edb1906d6b971b124acec677b423fc0d321bc55e823ef5cbc699

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    da28bc813b9097dd6b38f1f473ac184f

    SHA1

    24e22a01d40789fd540eb38685e8cf028bbb4c90

    SHA256

    ad0f5d9ad1aed6900371893ba564575d1749716ce0d28e1abb582e2bf8d96d03

    SHA512

    0113409bd645f2c86e40c4d0258d1e0f18e7867481c6053435118de42eb03c2f6c07fbf64f19c59c776a133333da0793cda032442a25a3c1575c77675e519f21

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    830eb457277a172f4845666656673d0e

    SHA1

    2ed75a61b4ec1ac18940cae8dc30fc150cb16932

    SHA256

    61e5eb89d6daffd7d9d4a7dbf5a76ef0e002fb22c220680b9e99698c1e53f33f

    SHA512

    0d0f0874052fb88da0cdd266d15cb30b40d06bf4127d208935c31c3f16398610ab0d807d0a6b18f24df07a9e8f8c2f10a6845e73ed3d9235387b6d0898f84a61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    168829676f6184095fa89eb1d33992f2

    SHA1

    a853fb96590a531deec1d33b22db05ffcbd9dfff

    SHA256

    cbbef2af3c02a703cacc5f3a6f63dac9b1ebc486be28752ea4d36b7528bcbc1d

    SHA512

    edd712f7689e1a64835a637f0b704e6c574d9e3e3ed6bc412a47db5ba070d3d291c9e38652c514c9b939812e269f1c93287dafded3bd1711074e691ce8a5257c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cc41f8b7021a2b17179bb1c72b306487

    SHA1

    d40eec37362ffe1bb7c7a01df924a9ffc6d025ff

    SHA256

    ce9152db6c25bc1ba8cfdbf3a86f0a7585c750eb494fe847aa2724071930c9f2

    SHA512

    02c4271bb382d769db7b858187e1456d8ef6152334bfd30de053c634f06f36024f7c9145d6c1040fbe880a2d61a6392cdbcff83f336616ceab8c874c7cfa2a06

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1605af506dbf14233de82d60f322c8d2

    SHA1

    eab726ff33a7345adf781d0e1faea5f33bfc1e89

    SHA256

    c7a4cea09c2274d12e789e1161415f7d00b00b9c85ba24d887c6a61649df772e

    SHA512

    d962099d8a372616bab4d079bcda69bf5b6d7e30a1881396ca4914ff044a3fbe17ba1c04cd9f352427671777efe547360adcb3b8fadeefe7a30c1a20535306ca

  • C:\Users\Admin\AppData\Local\Temp\Cab402F.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar4080.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a