Analysis

  • max time kernel
    138s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 15:38

General

  • Target

    a12e0a630cd3081737f8670e04287186_JaffaCakes118.html

  • Size

    51KB

  • MD5

    a12e0a630cd3081737f8670e04287186

  • SHA1

    a6fe15ef57ffafe061922ecea559429d6c926290

  • SHA256

    edef00eeb573a90ba56bbf2ee36cc09b5189eada207109728160b5dcaa5efe08

  • SHA512

    fcf79d1461dfbc64a081edde2f0e30ae747e2df070a8a817382025b9f0f2e5c7140b1331dff94cfe74f70c1fba4211f3c85435d42f083ce58f1ad05c3fb01757

  • SSDEEP

    1536:SqQ+cOvU0+yHjc2HfeaiDktVzlUykccddmRyWfqDxRWR6RQLcRFLR7Ogq:SPROjXPMdwRyWfqDxRWR6RQQRFLR7Ogq

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a12e0a630cd3081737f8670e04287186_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1760
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1760 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1144

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4665895a8333e90713a6a0183f59f0f0

    SHA1

    cd719a7a98ad588e447af8f82e682bbb95ec544a

    SHA256

    3c33fb77a9ad0b8d573dc5e7360121d218a8e66839437adbc2a5fec6b06d633c

    SHA512

    3b27cad24afe74fd5f736f040bb0c0fb375a7e26293f4d7529f89249c982d2e5d8b12326053d146f1d7ccc5f8d8984340ede980a18c22052a64c5132bf47fcf0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ff129e946330d08984b7a04806c4c2b3

    SHA1

    e8973551820d86ba1a1ca2eaf9eb9ca8b1945c51

    SHA256

    de447ac86b4a9e1085b0eae68a25ae2db959a3e5bb3df25eccbac4c6b89d4d56

    SHA512

    c0c86d1012ec6600b3115a99de5de4a708ae3d2dd55a3d9256ca90397302e1960941584e554bd793d8b0d254dc6a6e9e3f5f84842a52c18062e6e515d505540e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba98d9381e81fdb0217d62ca5f65d035

    SHA1

    0fee1a9d8be1605cfe70b1cfe991150227ebc721

    SHA256

    56a4573f8a9f4fc6543f233cde75b099699131c8751046e476afff01ddb48824

    SHA512

    2439c7e28901ba2898d6877f4bbbc0df437a829781136618eb4a8d26dfcae2e3941205b15f929c9173cee7c56707a2e56b84190f568f8e35a0ec614ab99aaa29

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c027cfb0916c0c1d706b834754d8eb52

    SHA1

    c467035fb997d2a130e2122c809f56df749a80dc

    SHA256

    9eeaeb2d590a1077c0b570d53fdbfbebc3c17ac8f73f99fde7dd4a2a0ac4af34

    SHA512

    bce1cffaeb31a4d5ab6fffa6332f28d94cfa4b8e710186ef8ae9ac62ebb5bb01bf9d2be88fb4b0557fc762b0c668c0d6015e040278bb5c32110b9750db505113

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d4ce2f798efae9104c362e49aaecde2f

    SHA1

    f3e8d1f07be8007b1f754b02be5cc003ac240d63

    SHA256

    5b2d4c6412bd7d6d62518bc226e8365369d2e269866ef4345599b76b98988ce7

    SHA512

    d29c11ae28baac036eaf31641ad91d136ba7c06e0b965cfc477f4f5f51d3979dab7cabe74f11154e5e911d981b5c083de0a3bebf2ddb3129b6046e25325ba532

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ed30689d8a7cc77d7500e1165ca4ffe

    SHA1

    df5834cee8bfd9fc4575a0b102a17b5faffe7736

    SHA256

    b8754c2f6a383b80973da940a427e3674bf53259dd3c44c8497c037ddd2cdb7e

    SHA512

    bb166521722d8be1084ec7bfef16be44313d08642dc7bf0b3c6d8cf25a18c311de21922ae9fa21e43f27d5101f3abbc4e2304291415ed5047ea4b94854b1b49f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dff703043e0fdcd62a8494f8df37112e

    SHA1

    012c4b062c1955b0c6befbc100800a2558d620cb

    SHA256

    fba051e60e014ecd9c24bb34bc29e4b87602dff91fee77b1eb44b62d6edd3335

    SHA512

    5569dca2251c895fa96acf439be987ddfee958caff99a0bf5d5f3e5f7d34dd146f01da5823fdf8f5458c160e829a88f964d1a3b4f0971bc6bb1a6084c2e30725

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f462c0e47326291b8bbf8a21c395cd61

    SHA1

    eafff58e50baecc96d4f01dbba88fc8d79843370

    SHA256

    569107ac80241459f3b26cfb6e4ac10b5be4f83467d62cc10a9210bfa538573f

    SHA512

    ea1d1e051f67bb73b96a0631d4132e1acbaf5fa8d3c13fea23935cb285eeab67838ff36dd5e46fab4d582c34877a1c240928acdc5360b52fe0d94bd020b838b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    28eb3468b6551c94b6555ac6fca37393

    SHA1

    4b73093590aeba1fd53a7234bb9c2d9edd41a86d

    SHA256

    944ef7f09ee7453eaa69d9a24841950bb6ee703554840f553951dd7e32067aa9

    SHA512

    6b295e5934ac7de2a392a5aa2f12657e5ea3b1b6d04b5f7d04211cf64749231346e45de7bd22eae4af3367da22da91115520df1ad65326aa3c1e981368e89662

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    989b198b821963741d3c5ca9e7186f78

    SHA1

    e4a17e1bd1a84ecf0d01b49c5c932d87d26681a5

    SHA256

    228d24ccc25d99085ea697721542073ebe0bb6cb3edbacb837d298d25eafd403

    SHA512

    df5d89ab2a6835f1e73546214bf0c64a6bb8e0326d476fe686b72d159b71851bc4a37641c1a43e8c2b84bb2ab1eefaf421baebf4437feec308ee924c0d339d7a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    92877e40243c2b782169b0c088caea18

    SHA1

    075bd9f4649eb906f3e2be6dbdb60e03777d6d65

    SHA256

    5a35f1f77a2e5dd9d5715035fb5192b51a27e6b1f08f76cf10c29f1913461b45

    SHA512

    6df4775a2ba56d1244a38f2a87aabe107d380432f0b3b00168042635eda1fb5dcf354aafe2e88c71791ee972988c8346eba74887d6868aa4741e3a8640b68cc9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ff33fe32a774dbabc8771079e430336

    SHA1

    9fc3e0773600113132e0cb7adba59aa8731a4bc3

    SHA256

    4f764125948e8b165991f8ade98a4e7b17826b88e8ccd2c3e91a2b6c6db6b8d8

    SHA512

    029cb44a9e6b141af1b131ddcbd475f81f8015e86349147d93117c3208a333920458a5739d9747cd27673206fa1888bcc4f5559834f5f45e9972d7f5ac3c45bf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    701572efbb1a48f797abbe399b65ac3b

    SHA1

    6da59e0b1cf0600c89233cceaba5eaeb263a2e4c

    SHA256

    c1e3e0f6f9de9e8d623152310c4d31eb004992a9dcfd6eaf4ac7d5de98e7922c

    SHA512

    075bed4f5e235279ec00aa662ab7c408895eeb35096a031f4c702dccfb3b3e2814e57368d13fd8b52ac4b43b19972905a4c83ff4009683169ddaea2a4106eeb1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e92cc1cc14aeafed807bb2eaab5f7b61

    SHA1

    17878b4bbe39bd8cb54509924aacb869e19bc0d3

    SHA256

    68fa461cb081fa14cd924009880bd849feb49bc2212117379fb8b08e090553e2

    SHA512

    34b6e6e4ef28f00bbc58cbd4e2a38674a407d0e25ca99b2ed780a8884d03e2d43d2ba8f092b5bb9bf55db931f96a14844fc6b0647ec885808b21a8ce4d4d74fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3d86b4e05f06b2361e289fa78d8c53f

    SHA1

    2a12cea10a77783f0e83739e7849f174f303c654

    SHA256

    f25816cbec12920cf0ec671b7278220ac1ada241f626cf541751af61021cec0c

    SHA512

    aab261e5fd757de2212fa4fd8262eb2f732503d119177d12ec053d6ace777664994a86a5e5f6237ab9d85e3a66b25e5fe2131aa198cb00c34b2f3a6191dbe3a0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    60f6b34dae536d0fd9e3c3d4d30d9bd3

    SHA1

    708ecf04259bc6eff80eb91ad2d730391821662b

    SHA256

    6057a7f025f416d560de547bef4b83a4fb534970c60ca250f793fe9c8386acbc

    SHA512

    a0d0b9426f37686fd97e97913d7d89fd2d4f1125b2e0b96dee4ff0a3ae590145245cb981025ef6d09393e0c0b57de7158537594a17775742731d169bcdfa5cc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f25e10bc870630b9f282e9f2e0fe3307

    SHA1

    78392db6bb0b01d00a4c24ce36be64de7af55161

    SHA256

    c839e27679e149608594bfcd5b8310dc733fca10547c00be8d6a0d5134d6641f

    SHA512

    7700631fd355f6ee46f5625cc808eec5fd17519effde2a681d640fcdbb342b7171d2508900e305de1e4f7b40461b39cbf6ae1eea8f6922627bb74d93ff82d888

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8c814885f1f3cfa398e9cb4947edade8

    SHA1

    a0c75b639269fd401b45efbdee2e77e9195e9b0c

    SHA256

    12fcf6aaafde1caf9c7e65309d31da3916a0635c6d9f3f5273a263ed83e3b6df

    SHA512

    2e7449ed246c3313022c82e1262c204f060aa1637ed6a11d8b0aa07673b174e1b550d05c48fd6dd91a05472a6b67ce0129c90df4bc071f89e0c7cc1a22721899

  • C:\Users\Admin\AppData\Local\Temp\Cab5938.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar59D9.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b