Analysis

  • max time kernel
    146s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 22:06

General

  • Target

    a29e30bd4d38aaca3f5cacadd5fe70f3_JaffaCakes118.html

  • Size

    25KB

  • MD5

    a29e30bd4d38aaca3f5cacadd5fe70f3

  • SHA1

    6ddc1e7666277344bffd8ec071b03701a5316b3d

  • SHA256

    004a814fcfbe5d2778ad2e3fc59f26876cc740e472ce80f0572503b99abb01f9

  • SHA512

    b071779899e1033b8b5d0e3feba24c95f2a52e39db0b61b91cee64a3b24fed44b16aff9388f713425d45c7ad4b55b5945d141e2c18bf28795156dfafc1c67d2b

  • SSDEEP

    768:SLzdsFqvfudlQVV1C5m1CCCcmzm3C/CnCQGsLWz2:SPdsFqvfug1C5m1CCCcmzm3C/CnCQ3WC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a29e30bd4d38aaca3f5cacadd5fe70f3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2104
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2104 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2144

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    763fea7131d6a7b655461cff5095f76c

    SHA1

    b24771a30e4262c15bd92f1d9ad9d4df5824cc53

    SHA256

    94751c6a8895af1feade822d302123db58c74054dd29b94dcf839511ce89875c

    SHA512

    a8ff31d732e08e7165a3cbce8b0a18ec5733ae90bfae51133a26177284474ef2ca612bb8ca2807d538dff7c55e750c0e5f82b4fef2fc9dd3a3966049bdd4d9b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    047b77ca983617d81a1052510280f959

    SHA1

    5573e1ba888e6f0a4a9806fb2daa948db7d5861a

    SHA256

    2736d45b2bbad98ad74cc3e2e236ba09ecc73ff3b38789b8541f7ce7857b80b3

    SHA512

    fe4fda670a5c34c7fb988d6ea0360340734ff99e4dd3231eae1088d6169175677f164157412ebc1cf4a98abecb9f39b7db24d47bddf86ae0afd7036798165051

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63562be9df64f8b035accc5f69c3eb48

    SHA1

    1af7ec1588910d72602bf1862ec11b707e91862d

    SHA256

    9f70a7851bb326f2bf6ebf794f1ce99756b855e449f311b763b5572b9152f2f6

    SHA512

    e21acf533ec4a564be63c9767296ad2fca025c0481c75cc3631b465d7a4161f591794586f86593627b129db5584e401369b2d60005d7e2f2f2afc5ca8a231208

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8fddd7051dda535e08d68b0db1656270

    SHA1

    60ba9bcba3cc97682a901e889148d8d46d4eea23

    SHA256

    baf059cde40f627e62e21754f3b04de5ef462e865e94f1251d039b59863c28c1

    SHA512

    acdeb04cd1dd4d45090334dd6c2ad9671c860bca6526a31de522416d153493dcc271fa7a8ae3e05b32c64ca9cc576ccaa1869e09340b6d8c09418faf60284c8d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    48b8135da552842ba2878fed5f698175

    SHA1

    dad7dbc14a6591f0d622286b38e0ec8014de8ccd

    SHA256

    286ebe7c295058f55502f568574c71af198b299c594260eb2920a4176000372b

    SHA512

    05a4f6c832d043dba0b306d7ba69fad39ea5bef2ce389b399e843c3d9dcb4aacbf2eb92f3f0ec1deeecf97eaec9fada149706e4b7de26e02e6c11ede1be88eb0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e5c578d305ee97c9b38e666e0bc6bb78

    SHA1

    e711fd47bd9ed097667a50a61abfcd271f643783

    SHA256

    4173642286112538548c7c9227ef4503bc58ff4e8b28132b80e4d72dd54958e7

    SHA512

    b7885cd5af32e1a82ccec644fe2aa9650483aaeb2805c50582455cd3017e85a184800c77c081c3454e3b1b2893f8ae99f4ed5272f959022b228ab67993a081a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d78abb7c2c621708ea0976520464c45b

    SHA1

    ff2e145897350f5de435669575e81d1202b36443

    SHA256

    7a036878a75e2c3e81c57a28b7474ce8cbb96b735b66cb7791cb9c792accc0a9

    SHA512

    67bc6064fd374a1d57cbd7c96d24a817e0c5a9ef6e17a78883ac6f05543e5edd86e97f7be4cd017e18019802fe0eb473f3a354d33c1d6c5f5f32cbf36f6b546b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cc147ac5a61a45a7ee68ca95f37a031a

    SHA1

    07676ec27d8ca54fb32028ad9dbac0eef1c2e841

    SHA256

    31ad1a1aa95ea56c9f9315b4a478f89b39ea25e71e54aeb945dce83e76255b96

    SHA512

    a5f2d59ff5c187353aa76236c1a02e2066f534e24f24d58e6df773ae38b82ca292b3de74f32f20f0d4dbe0aeb6e8910b20d8d0ce0a917279a22de0a65002e6ea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f1906cec4d10165d09c3abcee82cea78

    SHA1

    083936d99453d43a24f11fcd5035142863f1b994

    SHA256

    35e00dea6fa35ad180e3240c18160d9342b29613ddd7c882c6afc50483f6e18f

    SHA512

    666e529bc85adad03c2655945db7be0d0e010e9ada9168ba7d57e488e436d2badcae5b6fda6233a3cd94799af9a1e5b066de3866b782e6a988a9c3787e7ab015

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5042a9e4493884600844896f197861e9

    SHA1

    cd2c607916d379dd141e15afb2710b210242ace5

    SHA256

    23ef8995aa7d13642bf9fb5aca15cd581fcfb1e5556ed234052969335345d795

    SHA512

    3aff11c5ce82d9b1f6e7c71df0627a86efaf596e50dfd8b516becdbbf9ae1be97c605f6a74a758b9cd63c04e7f99774b4928e0c1c2e1146330097e344e7b0cd2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    809a51a7fe0e58b63757c96d0ccb9129

    SHA1

    ff4ef9397a5a42ac9784999d97462a18bd2bb61b

    SHA256

    f9303287f314dd9a690bb208c88babe3cf57a4ee563768fc3126fdb1aea9cf08

    SHA512

    f7edf93068ad09bbe982b0c0d991e603e3baed2693be9cdcd5b0350b652419cf06bd5d3d73f0c6de424e79782c82111e79090db5aaa2afcf4ee9b3b5cc5af51d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ecdc2227e47df535e9f03867f8352cf9

    SHA1

    b7cce790988a414987235dd94cbc4b80c666ae3a

    SHA256

    9f5b8aa372aaced8f62e005c49f1d5427927c6d7a0654c686d836a49a165882a

    SHA512

    bd8c7cb632e73925300217548f5354d08ec7dc2b2416656c2d3d5cd572652efbd0b05328dc583069821cdab6db7e69d0dacc40739a43089bc99f9ef28803383d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c10494ddb2e8990ec9786240858f55f3

    SHA1

    74ea8af543d880aa725d2b853b624b90900b87d2

    SHA256

    be74bbef4daae14b6e0725def56408f30feb079b10b1ea214c6f82971d36bad8

    SHA512

    2d71cfb5efeb24abc80c41fd5eded30b9f3ac3802fbbde33a79ff119888dc8c5b2a3e27bd0c77eb5fb2f26c1bf02d0be3a9e172393718bfa2870841518582496

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    787ffb52d89ffa3f8f705cf8a71130f2

    SHA1

    3848c1b9b37fff0d114d9c88688cb7e3b465ea51

    SHA256

    03696d51fbecf8396df30d5fe5e231c6319ece71056d41553b40063d7dd22548

    SHA512

    829413c3b5aedce1612e47a2158aaafbba179f53d1108a73db2419dfcf2467d15cc8a91034c612a4babd1668f01349d5a648a0c3e5b894e7be7360274f3ef732

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b027a5247d9b033d7c8a068d69dc3d4e

    SHA1

    a6da5f31c354134d7c6fb0ca0e9c1807a9e2f68b

    SHA256

    3ef8db15d59999a85e21ef2de1fec84c823965958fce63258df3022f3005d8d1

    SHA512

    b90c09068efd9b09b39f15edfd82a9ae8e8b917e3fb5c26715ff36850d08d04faeec5793bae446a0730efca654ad23746e618e4fdc86fabf1df37d4d9de4db1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    90d9f7b813850a60021e3442cbc00d0d

    SHA1

    e6229b3263e6a0042746b17b16bda78cc024d962

    SHA256

    54e00d704f2eaecb6ba0e673298f203ff7a16a079d1b72c8290bf7952c57bf00

    SHA512

    ed344e1adfa2c9fa3ae60325d167637ce3cba288fa6a16eac9dd4dd4e3623022fb52848eafdc6fbe5794cb524b5172872aa6309a77abca70085cf7c01e431029

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fffef77bcd25d59bae7dc23ce0a378bf

    SHA1

    2e1515a441745252eb0b0a8d92776f3d698066b3

    SHA256

    c00068754cdc22e9f2915c80626c311161f0b05eff1e5235d32da5964ffa39b0

    SHA512

    a2c2aeaf2aaaaeff960947b4931e0003d9328c9246a4be5c5f33db63de184069cb942177f438308e1c0a39fd10a8ef7668dc59bf749dfebc1872423bc6af5d83

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9fdcda20ee2ea2e8e077b9cda0f1fbcd

    SHA1

    047a10914084e1b6487fa6f5b296d1950d798b21

    SHA256

    420010520ffc7e1b8244eeef2183b95b239dee8c708e57411388c0403d74a743

    SHA512

    6be3e854a54de25fccdb90e834015eeb1b6edff46ad4449be8c8ddc0fed3b517aeaf7f3c0d26845b67694e9475e8b3652c1053d2658a332205185812fe62a5f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    18f389de50b06804513f816c284eb23b

    SHA1

    b94fc4f34b059d60bfd6906b2c331f028c58660c

    SHA256

    312ff505d694e8de0d75fdbc87863618ef7e41e132fad4b9f8d6c2e74ed2e393

    SHA512

    51de7b61aecbcbe396bcde0331d062e183e1fd32f32adf7eda53b6b7d470c75c9fb857967939fb0aae1fdcdc0b939c368c247ef9321fa5efff81898f92675dcc

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8DU897P\superfish[1].htm

    Filesize

    122B

    MD5

    00d64a82ba2d055e5facd3a30efac924

    SHA1

    308e275068e3bec5effca608fe9df2008c979650

    SHA256

    aaa3feed097fda6687c7c27860c24980f3ff105b6f326d10c98854145e9afa6b

    SHA512

    1151e227086964ec19c11eb388ace411a56a6e1da96409b2bfdb5313fb5df75223add437a653decf3afdfbd2be2cde421c512f9de423ad74f2ebbaf81119d8fc

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z5LT06Y3\reset[1].htm

    Filesize

    114B

    MD5

    e89f75f918dbdcee28604d4e09dd71d7

    SHA1

    f9d9055e9878723a12063b47d4a1a5f58c3eb1e9

    SHA256

    6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023

    SHA512

    8df0ab2e3679b64a6174deff4259ae5680f88e3ae307e0ea2dfff88ec4ba14f3477c9fe3a5aa5da3a8e857601170a5108ed75f6d6975958ac7a314e4a336aed0

  • C:\Users\Admin\AppData\Local\Temp\Cab322A.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar322C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b