Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    23-05-2024 08:04

General

  • Target

    6a48d3d6d55893802bac5ff04fafb41e_JaffaCakes118.html

  • Size

    77KB

  • MD5

    6a48d3d6d55893802bac5ff04fafb41e

  • SHA1

    22582595b740a6e832df45f1e15f5ebd57a7aebb

  • SHA256

    09cc1ace386f79b99e4d324eaf7ebea7e1e4176552f58b8ad3d420254746b992

  • SHA512

    e916b1286c1de3c104845edfa09ecbc9f2a2a023fdd260f722e96ceeb0ae410da2fef10b719655429270ab2f2493115a0e4ba133203873f38e74c559238d32ad

  • SSDEEP

    1536:oPi/D+bu/MMIke9ZSW8Z0axwQ9hiH2w2AbyJOGO/OBIx96tbtZM8WjBFElcXJsip:oq/D+bSVI54wQ9hiH2w2VhwrlSB58flr

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6a48d3d6d55893802bac5ff04fafb41e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2984 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2872

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    7c37dea395fab8a95a1a962c54962da0

    SHA1

    67c59debda2947ea5270bb9e30426ec412eb592b

    SHA256

    bdf5101b6531b7b00768ee65b93f2ccab180a49b4529d5074288c20c81fb93c7

    SHA512

    5a021f1b5d63c2ad3f4c6ae9bb375c803564ede5bed3d54639d47f2a1dc900693217b93cbc743aae55049fbe3f5024a13151ff63dcfbf32799ffb03ff9fea399

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d466b1b193eb433afee1dcbdbfa34724

    SHA1

    cff003a595f22fce22881406a61a58c1bc72b04d

    SHA256

    bb087dc4216aaa6ed8229ab67f1bf1d172113dd684ffbc39881489f4475a03fa

    SHA512

    4a557840623ad9cd2846de526a9ff6c9d85238f541af1f430cc5d64e86752673756d494846d40d3b19f796e32b4bf22c028272a59bb4b7386c25a64c9470e3a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a915f8537604d8156d5d0b73c3bba3e3

    SHA1

    a0b8e2939ea07676cf306a5ef6c2a4e8a507fac8

    SHA256

    32b0eaac13c351c912dafd55cd3d89e385d42c47bf6432e42794a543b4e02872

    SHA512

    647be0ddcd0ec45b5d7bbcbf869b5069a1f310c10ad3aa48c2b85e6a05293aa4c18af876bfbb54f16c652b874e6851a6e20313d32971586964fe2df142e7d02a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5f2d8fe721b166048304086254a7c7fb

    SHA1

    e4291964357183d9d79c0b73cad731337dabcb0d

    SHA256

    ae69e6afd32c5cb4222c100b847c7c37ff896dff308f694542308204e5a62342

    SHA512

    5efe2510b8a6b01bf99e9b18e632ca3429d045635e22c0808078cf38377dc77e2794310b60ccb2dfa6c4953cd202448196d7afcc66328609d07fcbb7f1baa61f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4512d665b21452821c506b5d857cc958

    SHA1

    e964d7bee536515b186dd868deb1de5edc7ff7ca

    SHA256

    b47af64c8acd6e92c2d39d871a5a1d50b1359b104ef25a6826d4f9252bb45eb2

    SHA512

    87d0010611abf6e3a3394b2ffb28b43e7f1e0cb5db765f6594f374b7ee433e202bd8829e72b283f236415413bdcc70f7ff7c97fcf9918d728154e19104bcd8d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d07baa5d046ac56529b5b9a727ef7450

    SHA1

    a656f4298a49937ab8fdf5bb58a793e68e6c040f

    SHA256

    5aa6f8ac6f7d3d6891cc8148efaeb5564e24dcede568fa93fc92ecfacac58eca

    SHA512

    0b5c9d81c8aa818d023fca2df6994f81d4b0ee4534b15bd06ef0d5fbda6227857842a5153af67770c5a3d14b0d730f8edc822d3126552066ddd81c33313c1521

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f8694368383ea583283362630fe9e521

    SHA1

    8aa0e194e95c588eb8f3fc49ec3e7594e83894d0

    SHA256

    7d5c4a1621e3b1ddac237322fcdbbd788aa3dc88c7a10441c73cd7a8195f1345

    SHA512

    31b707aaa1ddd9971183749a39c282df57621048b52770afdcfdd2c9972ba05c8572693eb89b8d79d03e425d37c3ac27ee1c4d8746aa684e427c87562a54fe6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    88fc39ccd04be1d7c7a6d3c8a370c216

    SHA1

    1777282bd8d43cd5e77b4af0693dc429b5129e12

    SHA256

    2273da130e9affdbdd806d06329a327e069c7d208037c16200a628e0c7f4e6b2

    SHA512

    5f91cdb2235451500d4f7a9abd81851d58694826bd0fac3e34675dc2a3457385c412fc7968b41e9947764a4efc479d4579804d9eab92037e78e646d835f229f2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    852552950618a9f110ed9d9f77570093

    SHA1

    063eaf2f8924a46fff48c1e3d9103676488d5dbb

    SHA256

    b5d452d2291d289a8bde24f4cb978227c54f9e29cca14a8f5daf6b37a3f5705c

    SHA512

    c5d27ba0d4f5dcf36435b1d112e59a088832951a0848643fffe72af5c8d75014f2eb218272ca4bcfa98041921039a8908acec83cd5e36eb966dab23ed804cef5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    41c5adfebb5530411c88af0ffea58f2e

    SHA1

    3001826a29f7d3e0755064329ddebb12947c7858

    SHA256

    b632cdfa1726d0d9222a521d5dadd9d94c3c8cb0623e2b46ed4ea62a10c3d31a

    SHA512

    8c7369228c762f7de765e79fbd698329e166b40546c1914c6c8cc655364ec4e9d13a5922da67436500e25710317ba5cdf6e87bfd9c833deca91502bca927e3fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e5b7c34933189741c07748006d82b771

    SHA1

    a5e79776a8b0ffa3d72e768e2efeeb5152925f4d

    SHA256

    fb372b3ea3ffe674a2eb0f21af2fb6b3ed228bb6f3d85fc473d7726e6982d765

    SHA512

    1242d794dd4738c5bccd022bcd2cca1d8d59b097155e4c872698037c8629972e1ec4f50e7916d41652695752794217047077b97584318d914f293dc6af3b0f4e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    db62aade9d9e46b3627750ca4e928bde

    SHA1

    709480d0f4cf081a215d866b8c5fdc89a926a51a

    SHA256

    fb037eae09fb24dc02aa51fbcd5b2b849ecbf39c8f191d9280af848ecd22657e

    SHA512

    521227bb0e6695d8ef99e9a077ad4013f71af9cf287b33d7e92123e4e851401e5cc20650f30bb63e854d8c956abd0e092a9e68513b3562d455cfb3673d05414f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b2c46f2da35977ecdfe7d56522f2e6a1

    SHA1

    4bf83147ddbf59017ddd317c3384f2214329393f

    SHA256

    58a6728789c367078d4a6c7cb8735894fc6e690cdac4ade424830c8df4b31efd

    SHA512

    7ddc408a7add0c3250f99ec8e4798736038788c278ab7c2603a95d430defafd02be9c1c82b36506901cdc8b56134d346f797725f8c30af7229780caf339c1955

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    fedc7b4015f9ca90aaeb7a0fc08ca943

    SHA1

    4bf822255a4b0f8f898368277c388f19eec46a89

    SHA256

    cb12d4371bf5c1caa6e4f6fda8dfad98cc1e6fd063e99f45b4325535a30d983c

    SHA512

    5546c892ee9da75089e8c7d972f1efc3bf200d36fe36d8c78faa39002fc3a9d877831d8c981d1ae05dc590fca5775bf774db3416166ffef621ad09cfc5c535eb

  • C:\Users\Admin\AppData\Local\Temp\Cab26F3.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab27E3.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar2735.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar2817.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a