Analysis

  • max time kernel
    117s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 23:06

General

  • Target

    a2d8c3c70db0ce417f303385b65ec033_JaffaCakes118.html

  • Size

    460KB

  • MD5

    a2d8c3c70db0ce417f303385b65ec033

  • SHA1

    66d9c74cec29d5a76feb47fa4e9eae696869421d

  • SHA256

    566d4f8342647329df1c99bd572c59df53263ab1c27eb05b4766e9aa554de4fe

  • SHA512

    9bbe1351acef9020398fab74b304c9ae8d61d0b72e247c76ee2a03b1c283b24c3d3f2341f4cc518ab5d2a9c3bb79bfbe118994172a997816135427832982ae76

  • SSDEEP

    6144:SysMYod+X3oI+YnsMYod+X3oI+YwsMYod+X3oI+YLsMYod+X3oI+YQ:p5d+X3R5d+X3c5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a2d8c3c70db0ce417f303385b65ec033_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2196
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2196 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2552

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d241514d5731650382535afb7847c62

    SHA1

    f2e17f2a910e273ec26fed0dab2b3ed65beb3954

    SHA256

    ac2c1abacd56f04625e24f7903599dbe5b06d8c30d3f1dc663ae81786fdc671b

    SHA512

    fcc3e04aed447bf60bb6fb786b891cf52eab3a8ac100f7962fb09b143fa5c82bccfb4c487e0f619ea82d12f263ca013d8183015661458e3b25a1e752c10fca6f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2191a4757ffbdc317cf7a61d4d6112e1

    SHA1

    f24c6d8a774546b1ed0ca159ee38b9abbbf4eff5

    SHA256

    776729808c7d1b88c81dedc7032be69db4c5dfd3aed3fc9d9e8d4fba4ada5bae

    SHA512

    298cbcb665296c8dc7ae5229fd03a26a44b1465bda9f9d8477368d2980560e48feb97159dae640e2e07168fd91792199c41669eaa2d3f8319fc532e86dca9d59

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c6ab2e6fe0b799eda53a15174cb5b7e9

    SHA1

    d0385ab5b6049dc2c5dd4220aa8b1d98b12c641e

    SHA256

    4b2c1fe210574e5be82fbc727ed372a283582247ae97d24014cf2f8173e84742

    SHA512

    7cb0ee916b1fe9a3408afd6fc2d961946ed8a3a8ee2b6b4e88b23de33fcd94982ca542e216fd6c984fb3295af1891377ed283ada4702be3e46fdc6daa4a0a412

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2bfce96e05caac5d59b2294d9af9dfb3

    SHA1

    9b551d022549d02dcf1a4b343180ca1c3d598004

    SHA256

    f1f5d102fc395e47a31c26cd4434dab60d30de39d8673238edde8e146ce45459

    SHA512

    7ce594284e797b5ac20afb63e9e894c97fee093585c6107d1f47256404cb636c1a3c583f0ffbb5882688c45077285714473f4738ef35214ea9668f06e382bff6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6adcbf8b1766bc4b6a98bc5e0ba19bd7

    SHA1

    76aa83703dd8c846ef175cedf05d40062e3def33

    SHA256

    1d8fbf47b0aa20c7bc5b7084ebeae23ab2f65055d9515b62d0f8604e9fd24857

    SHA512

    db0eaf09e92393a14b41864ba9e9bf46c566bae60d5cd57872da5de278619d5cbbe6091d67eb151062f9e274943383e0b1fc9b67037bd93489a0a8502b740c1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c72e9c0e048f723c779a440e7c63a2c5

    SHA1

    7ad1369d137269891ba459a736ab45bbd8b3b0e0

    SHA256

    371aa1ddeeaca9b4f35fb23ac6db2ecdcbd59440ce8560d0abb6476b54c21fff

    SHA512

    7fbca0ac40551a76c1c2c38bdd2355b2dd648c24e486ee4fb2cef75137e73f3c7b0f43c9b5b76dd196f2a002176a27ff7727b0a7e9b8a20386d0becf153ca5b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    046dcded6a7a1e8fbafcb88a0fc40a25

    SHA1

    2ea5816310c9a2cd5601f521a0d0494014e6e865

    SHA256

    84047305c3e5f4d1b138915f0e50cfb8dcaa79795ef4e7c7d2105802c695f479

    SHA512

    d4053fa08d077ac5844b52e2506f5f5bb8e23fd8fe205e499c60caf206eb6424c7ebb06291fd03c4c78f3fa045d682b55a318b04aa0c5ed4c46dd51fee66769d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0d147529c5ee51b10a8022bd27fca57b

    SHA1

    84b6a2a7b2680d3df99cb6d67ab6966cd4e04e1c

    SHA256

    f005d5993050f68cf7a1ae7247cdd7f00d6e6161847f6018d42c4e406b8a835d

    SHA512

    e5c3bcc5c64a7331ed0d8984521c33aa1773360c62cd2975781c44c01c6e9e7dca975aebeba45bac6f1f715c837fb82ccc3e0cd6c662e5f6618e8970fb7caed6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    152e80cf102b8f5aae071bee3bf83a9c

    SHA1

    542360d6f25a1b275f824728d37caa3d9591b935

    SHA256

    e888ca2571d537a78ed615cb5676a393ccb7a71a2a965c0ccd732909bde1a268

    SHA512

    1a7af3d24f827e330e1cfe466be7347552f8c72debcc61a2bd61b8b458417bdf9daf803a6aa03b2369df908dd34e4f98051b234ad498aab65d159fa2134698b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    629060d7c0ea1128f880011f8a200b0d

    SHA1

    113067e24fc0f6f5d66c1ca5f5a0458a7a16f17e

    SHA256

    c820767c785b96889c53606b96fc0a4884808980ddd0f3eb0174ad191f2b793b

    SHA512

    333dfa970d9d17ba9714bc77b24237e24774bd3226a38d7117426713da833e63948317f07558c41d53b79b8d2659bd43057b28c6a6deb65bd64542f878b64e77

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ff0a081e52531d3db72d4ab2284c436a

    SHA1

    fd0677087229a8115525aeafa5c8df6e4be90533

    SHA256

    3c26e142b459f1badf209bb67141b364608e450a8aa57612ef1b706224d7e564

    SHA512

    e6a2a025f064a23c99a88946d5194087b27bf0b5d49f444ef152263b01e6e808f7c93de1ac8d934b7e25b197d733ad26a8aefef5202f2bc1d3298f363e592fd6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b9b870100b1c13714f56e93f498b02e

    SHA1

    953911db996b635a3f74c124703be67efd19068b

    SHA256

    ce825a5a8795e937446201d03902ef98908cf54cf72db3636046bd2b6df36de8

    SHA512

    1f9f474c6df6c5f899f5787be0d710561614c61187677fae8fc887beed5b2e1617a75ef4baed50ea492e581993a7b7d2fc609ea95f4347aecaf678167c9b56de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2e1ae28bbb26256143708452f72ba84d

    SHA1

    2ed64cc3c46ab94fe850fde6bd37691d17533019

    SHA256

    9fd9b1012d0dc4a7a2d1c066177f39be0fa990fdcaecd0f94bafb33bf7d189e0

    SHA512

    0685fb3197f34a1337b261d53edf57e4034f4d4cb9925936ed5540599341d643df5e590909d55f9ebf95344e49590a6687f85ad232408bee663401fbe9ee0e5f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4036a3dba2e5af29c0faf0b8deeb1ec7

    SHA1

    de14dd00a8a008e53f8dfe4a52adce025a5bc81a

    SHA256

    2c0b6c564fb70406d2ef88a12aa1981e111e84cf2f5ab6d5ffb6bb916898e394

    SHA512

    76805cd88332948a44404c262e2ea07d7c8c14fa8a6ab6ec2e8df7890565c535cdbca063044075c16df547567769fb6d0dac7755512e4a035b3421cbe15a4920

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    85bfe917d666ad9fb6694d70a570cce3

    SHA1

    c285aead6e6ff863ba96da133aee924c667050a3

    SHA256

    df2faa6a165bfb334e7b643a15a4a308d9d0ff3578d702b0ff0ffaaf0c759378

    SHA512

    6e21ef5e437b7bd59de395ae89b80b749121d62ef9f76f80935e64650e28a236c812a0fe9a70f86f1a363a39d6c44b0eaf1ac945794c6793e4324ad6e09c957a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f906d6886ad858ce9dc2b1ce8fc277e

    SHA1

    a30f4a684b60aba8f159c09541e6efc2eb007f01

    SHA256

    a91c985370f035f875105a42d91b69f3d3027b9131fde2a11abcdc779d541c87

    SHA512

    bfdbe39fa8f6573f9523e70706486f053010481c6c176001bcee7a4114d6b759df87510df02ac91b9fbb94d864f47c60e5069eee368cf94dd24546daf9b360fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fa97ad276627ebba36775ef1b8799b61

    SHA1

    38857bf086d4276d5f88b24a7121eefd4ceeb5d8

    SHA256

    3abc2f1b2da30b7655e2792392c37cc0cf6c20e874460186bc9f0dc6d821c60f

    SHA512

    b642429b0e5f67da603e865312d3669f674d528e9d592c7308791d0e52536a49e35b56a7e3c1fb06441b7c6f0f75f5a2c935c64e9aed97319b84931864fafac6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b3196c2d8780e1c25d22cc6222ca8630

    SHA1

    4a51df3612e7b1bcc99d492449a030c6b228b475

    SHA256

    db09069d62f44ccf6a5e31051115f4439a313e19c9d3c23148d604497ff025bf

    SHA512

    a86c0eb27dd2d8d9c396cac5616962ae596e1790342d9b6b65179ff2cca9d20b6fac3cd159bdf4796d2b36f01b6209a87f35c04510d0f26d5857821bef58d83d

  • C:\Users\Admin\AppData\Local\Temp\Cab50A1.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar51B3.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b