Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 15:10

General

  • Target

    a11a9aadd5d88395dd53cd626a03f7a5_JaffaCakes118.html

  • Size

    463KB

  • MD5

    a11a9aadd5d88395dd53cd626a03f7a5

  • SHA1

    407dca72408df20776a8b4806492f1d785049951

  • SHA256

    34fac23d9b483dc82169b87de56ba95f77c9f2920c3547414862750ed6a86f6e

  • SHA512

    9d997e1f452e58ab3d441efcda649edaee7de3607db0b6fd9ca6dbc7c1dcb3ea842c3b5d1e3db3f6870286bad7c6104759b3957b67d7bf17f64451d2604819a5

  • SSDEEP

    6144:SJsMYod+X3oI+YysMYod+X3oI+Y0sMYod+X3oI+YLsMYod+X3oI+YQ:u5d+X365d+X385d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a11a9aadd5d88395dd53cd626a03f7a5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2132
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2132 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2668

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    efaf29135c4093b4babb8ac938b6fed4

    SHA1

    65f17f4bd8633ec53f5f6eddba3bf8577bf2d9ab

    SHA256

    08196f2281c1fe08c7c6b34048c645bef83fcb86f569298a268f70c330559df8

    SHA512

    01be01fcdbc6bcffd9619f411d5e719ad07985192c44d4a834ca423063e737eb641d0420fb8225d8c11585fc99b465bc3960fa4d53e29c73b61f9cafaf688346

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bb11e5b307aca3cc60691ec7f4e7d557

    SHA1

    f32257745b8deca318207684a751bc9523e93d87

    SHA256

    817fa1aeff466020200122bd647f56137a58987bfb094eed178f2c5829827171

    SHA512

    bde3cc4f768a4da029099c5300d28f522763ad7d62c9b92b538bf00891f32149f3113dcf18610d0a0ecf349189a6093895a9b3550e13955187600ad375b69668

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5a114a023c881894ee9566b65d25555

    SHA1

    bd670cb34cbbd2d169ba2bbb7e5ef3b014519ecf

    SHA256

    024ff6534f255ff59279fb167a6bd46ce0d7c4d2b269d8550c36ba92c86d7334

    SHA512

    b7dc02a955ca36ca19fe9c3bceeff595ebeb7c76004cdd6e71b5d76c52a6b0270c01c1e6b77cb8b049b7e32b4c941d5565675d683a3b46b3fc484bb96dc16fd3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    29049b67ff37ea38cbc25bdc426b34c6

    SHA1

    37b1c74c8fbcc18cd5df6aa3fec28cad40792963

    SHA256

    c96f267de105aa55b10fbcd1cccf8cb5c918daa7e1078a5e83d923344bfebdc0

    SHA512

    b2e2b18d3a377d147a6eb508d1ea559104f864cf9d49f6c3f6325c5f5805e79d812d64e32ded4a60477d558131b104ebdc2f1c6c2e0bb8eb5534322bf9fc0dcb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b60ba7bc7afc3e32687aef63dccb40a6

    SHA1

    2ca78a39cefdb9f2b8d028293ac23a51e72ac58a

    SHA256

    78c4495ed66f9404f09608ff984eaa7870179ea34ad1ec4b64e5535f035871c5

    SHA512

    916c9d5b76a4065a1c38b0aecd68d81fa425792568fa93f254cb89a876edd8a986602456a64fe2e06ced652b9ad0d20e83a0e2ee09e003e31279b40cf41e1d5f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    45a4a9f703b3a520fe411ce188600954

    SHA1

    e1ee562c458ad7f9e105cb5a21af469e5141a1cc

    SHA256

    266d8f2a0f36c4a9da9ea4b289a75c5615245c7b4ff8e6db3ec28f7b0fd6318a

    SHA512

    436b2739af2f3ee530d476b5a76729a08b5e4862210a5104bd9da7eb3b5fa2f6e4c422dba7c16e9956677f87655d3601996a572332241516cf4a2865872f7981

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f631ca2816566d82d9a3a32869a2c1ca

    SHA1

    e5c38e12879ce2b5f87eee9bbeb001afe5f9fc8a

    SHA256

    ccb4322dad7f43750675c0f108d4d675041d780a8d7aaeca458bc09255e6c9c0

    SHA512

    d07ff667c3c6b3dc55ada52b2cf944db79769b338095fb70236a209a03b46ed98b392b8c43ec7a49620fb61b974d9d73ec789068f977ceadd55dd8eec47cc2de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6bec8f562658ec7c4bf2215d2ce58deb

    SHA1

    98ff5f0d2ff962cbe583c57a24061c1d7d0ba1d2

    SHA256

    3c3f76a63efbd384f36847d929b2ed81e706f592b6d1d6c3239596741d2230f2

    SHA512

    4f157e3a5a8f5f85f3bd03767da813754050d69afc135323852b04ebcc81c9fd1e73d484c9ac64d10794c9ed136dcb2f58ed19f7b78ffe145057e44f0867eea4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    49d37303838439b275f583b08c796979

    SHA1

    1e3fc18838ed7ba24021fc828dc8b3cb13fa808f

    SHA256

    c2de224b0e324db4037982efed04ca4b2965ae0e3e1762dc8da0de4ff2dd6d35

    SHA512

    d663877e5cf8f171d2c34c1c721482b3c165a4f931739d1e105f2b7ca7712b06a34179c51f77948931fcdc532fcd72f482840df6bc6d8a0e82b651e47788efca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a4137e21f73d278d187749456b8dcaf5

    SHA1

    b3235a791b8f4ff06eb5949d88a6997d6bf74aa5

    SHA256

    8835ed7d0a095cbd5f772e5f3a64c7e526dc9cd716b7d18e65e5cc0339af4d45

    SHA512

    e224709e8d4075185e6ddd3c09cd41dd4353b6af0f5b982e070619a9f4ffbe54e9a598171eda53ec5e98a6509970c0b78b76e86bd40c7ab7710fa6eabc5fdaf1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f281ddbdb543172f91aaeb3f435a97fa

    SHA1

    45902356b187be47080c2988a1b538e195aedc67

    SHA256

    7a9b1fca3d8bd4beeb63847e5b920efec63ee1bb78e07e8b7032d523fc1f3243

    SHA512

    d1acd913ebbea09ca235c9cc0a886466838d7a541ab5ee0683bb6408431999425a2c9453669885df7273ab3bb45fbf6ee8e4de96a2e02126af61819ac12541a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1d7c9acd66c8d97a26a6a4bc91eef46b

    SHA1

    3b8f4be5d06748192b477834c828a52d4b53fbdd

    SHA256

    45e0ede1ef3050f09abbf5921d1b39f3607e548284b9005de864957969dff13a

    SHA512

    5ddd46b720dc1c0fda3836a865ff1ac16a10e9cf3e803fbff71c8dce243a3047c495090ea4b2519681e0d3bb1f215c0b2527be618ae6703de7b6a8897578450f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    30d0ad0fc12330965d0ba2a9f2a326e9

    SHA1

    1cbaf9c7c6cb14256f006ab81d17a8421d7b52bb

    SHA256

    5ed5f5019d2a99b75aa27685274d38f95e8d3c9fb203be01a5806ea35297cedf

    SHA512

    5650dd33ded738b8e9a523d5371c17ad9024ad17198491fba7559066469ba7e12b315412d4884db08b372c94cba673256b9440dfaa02d091f0c3bf1b04d68670

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6668cb6ce4192eb2967f28ba6c9ec75e

    SHA1

    a7163f83ca325ccd4bd01ccdedb784cf966acb19

    SHA256

    639083a6d5bd631388f5401331dff0c1ff091ff587465ed720d35c50696edfd8

    SHA512

    48cfef619db3ee8b6f968f11aec369d0946719a6ed29ba440638aa744fed0af75352e619ea6505d6b47ccf9cb6a8d782bb20f7de7fc3588b8a84042924924db2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dff08dece34de6c89c1a70bdcbe2ec45

    SHA1

    542afd721541a0de32a17c59a7d2abeccf0bb284

    SHA256

    a17250f92b5d929523a087c08584fc82ded9dbffbdb0ab11260cc72345e0c6f7

    SHA512

    e7e661997ecbf63f46c3de76d906f594c07c9a689d0291f8e7e1b1950419e3eff0d97953f356078f2fbabc018fd600c8bdfb898a216c1e692a65375a045ac983

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f9e1e54a8594dbc671c8e602e9b83373

    SHA1

    fe0714434eb6cfc08125c935b9fa2f79d8f8d6bb

    SHA256

    37a6a20db2937c9948102e5e4be30577ac18b292b1d7751da559a69ee19c0724

    SHA512

    e2a269cbe7c0c189840121e67838e6fd2a5bf6f47c27845a7c54d08d69416e9057d48db6768af8117c49aa7914ce04d8030a24fb6c50c613b9c36ee2427d48d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e30a200d13b7019c74fb7e001900b4ee

    SHA1

    eab5b00aa7a7b17ed8e7da842a3ae586c6482a7e

    SHA256

    b48a70e7c748462e41888e57e01b97d86af943d202dbd66084f36e1b7a8a764a

    SHA512

    abf7a020a76f2392761e0bb3d1d3b86b5cf098f9ba312e0635d553ac41a97bded1aa248b8c1efc6f8e9e72a04c52425445ffa657bf15a9162b232c4d20f42316

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    117cdb91bfa065547346c2503842bc73

    SHA1

    e7fbe2c650a03a3f1caed64620069fa32d3be4fc

    SHA256

    906ac5c66681becea36326c0f512cbf3ebd45378b9d2ac00f7ff1fe66f797b26

    SHA512

    ba919eb4f15713f7c5764b4d9b575bf6f1a0470d174c98b79db8b676aa205815b0570d8a04281cecb8979016985e289982b3ee13dea1fc82685ab90878d3c745

  • C:\Users\Admin\AppData\Local\Temp\Cab5582.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar56B2.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b