Analysis

  • max time kernel
    117s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 15:12

General

  • Target

    a11c3e52d144a9e6005e6173708fd322_JaffaCakes118.html

  • Size

    461KB

  • MD5

    a11c3e52d144a9e6005e6173708fd322

  • SHA1

    9489a4d14366f73694f1058f1e78ae62d9dca9c3

  • SHA256

    61cf8e7a57394be44a331ec994ce50c8509b25988eaa7e0a408e0948d66a5b68

  • SHA512

    62e572b4ead17d90c16ed411c76782649c7dfbbdda3f97381048bb824760f27ad1cf6ce1c2959c6479a8dcb125f740917a0e9dd29701194870b98e28184acdce

  • SSDEEP

    6144:SdsMYod+X3oI+Y1sMYod+X3oI+YmsMYod+X3oI+YLsMYod+X3oI+YQ:o5d+X335d+X3O5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a11c3e52d144a9e6005e6173708fd322_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2840
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2840 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2960

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1dd65f77a9d502e2749475b2c575d637

    SHA1

    a35e37c6363cc98f4eb13c272c1d371f1e676960

    SHA256

    4b3de782887a8a2d5852a2d39ab1e84c194fbae2e19d85ec6c44f50179c5e908

    SHA512

    98cfc4d1de378d575676c232d7aac01bd02acad07fca822cf01bc453b2b91c3468829589b7c6009392a9340966b3a79cf9596e306d3094195419882ef6d2011a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e5bba06ea6234ddc1db5be5c8500ace4

    SHA1

    33da85268aa82fffb33bb36d21b56dd119c057b0

    SHA256

    b1d2fd250d46213c06af5cc4725cfeb510e02b0c5d35092a8e5eb89a7450a60e

    SHA512

    8f0856cf271a2a2161ddc789c1b9b179fbd7065a60acc02e3b70abfdce2c091979494c028febbd4d7172f103cd91fd8dcad61a5be0748b2cfe9f3bb56a1fb005

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    329aa15caa0113d3e09f70fa699656e2

    SHA1

    8b7386aa3c0d3f949d69f9a19c1fc3e2416ca476

    SHA256

    cc33c757c441f443262b1be03bc4f31a3c700db2568ae7aa9e3420f72bb4bb85

    SHA512

    59d75a33c3837d57e8e17af71901e761550c7ac05139f5e951c7c6bf6c311c5be8430feeec75c7720047c834cf53a8fa0d7e9fa37627f25f8d9b3a59380b645f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f0015f7fec037988c010f3877a9ad38

    SHA1

    2adb9fca69429248b03930d9ad79656310399730

    SHA256

    8e97e65b36f89813f2696a4839f93e6f379162fe392332be66b93dabe9b4041b

    SHA512

    400188fcc601801ff53892d87602b170b86de7ed9749edf7c140c49219cd974dd03dcf92ac3f341e1d04b0e5d1d756e787482172092ee71ae4bb7101da89d202

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0c4d4671341e0b105677f22b93e20bd6

    SHA1

    1abf70491d4b1c03bd0373d0f8f1f355638c3500

    SHA256

    759233e351465cb44283be6f7647fbbf0a300db26e00ef58a1b91c86e566e6bd

    SHA512

    7d2f9be38766628b2a2174f237fa4dff45ceca458a930e8e25cefa720f5fdfe962a87b91cfbca3d7bbd45b5768b702ef30e53406f27b735116c50c47853aa62d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b98692ce0a214a8afb3ace0172f8751

    SHA1

    f3b60a84b0f907f5ade44e0713960cea374c971b

    SHA256

    1e6c669d9e72e7189fa6a004946a09538f3ccdf029cd9d272d0aba540c096912

    SHA512

    3ca6995c9c15d16abb01c9bfed671646bac9e0ab1f207afccf692a37aabdfddcc45b1e09511eec5e492af079f4e581c19a846a44307498ccd0495caa1cc6fbeb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    caf8c0447d622c8caacc74291e017dc9

    SHA1

    d8247e31a4a0a99d6c1f72492f0aa64062b8dc62

    SHA256

    e12eeed9af20905bfcd56c3e0fe9b3542204adc4571e2eecf143d478367ce70f

    SHA512

    9ea856dddff326af4af487f7c780f6fad87a68fb50e09778717704e696f552a487be657b6a630d899a90ef2077ff4dca97eff07895f569f10479006cf116e2a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    52ea8c94b2d677e8b4befb9520a67ed5

    SHA1

    bd1211fb23cd5aa717dcf5a8e044eccf32696c68

    SHA256

    84f5405f9b6d34521fe83cd644d68a860e10bfbe47fe37f9da2d410091c3fb9a

    SHA512

    57ff4a12add110ffe920db37a9c07940a19a562323dd85752ecdbe7b71e76ebbcf30af7add29e4e86f766d7751df069c43827d2b9051b43f206688aca7e6b082

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8596be3a493839a5ad69d0eb2ee74f9f

    SHA1

    4f3ec9250ead75b6c8224f58d4d6cee2e9064bd7

    SHA256

    14a12fe5532b37249970c648aaaafdb4365b0d824456dd0cb6841ff2d700c027

    SHA512

    d983a18afa21b751c5ec29bef68f3e8d688771cd8a1e53285dda8377b8995fc88d6e4ccb89a217e7ba65efba70fb1cdebd1dd2e0bbc0f1fbafb97aa3f000da3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    58deae0cc77a8d670fad8d5bba412749

    SHA1

    febd2c99f46699550df4383e38a66c2202465005

    SHA256

    86350faf75d3a28d1b4d3f597c8a27a8c67aef90ebc272964bea0dff09ec95c0

    SHA512

    91061bb87e38138231672a3706c24b8f4589c204651c7c7b303395eef6cf1d2d94c18a5ca8a636e6def5594ed24d9536956e7bdcaa29c5a9b37a9a1cff1d0e81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c85b724fbb9ae861900c7c0222d29e0a

    SHA1

    67812a7f4a6eee4c6a9618e78a5eb5a6050925c4

    SHA256

    cbd928d283cea0be443adaa221294704acca5a0ccd2bddc9c2817a74825cae4c

    SHA512

    53f5814f9d13396197615407e928829348f1a935d3e4c26581d27fd6c4e30dd0e45046386ff4bb61c4f3b422923b1e64f11e31b3e7e32a33d1162614236aa631

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c5824829123d41e37e85e47d0bf1551a

    SHA1

    7dfffb88eebda8a3f8220e5cef236ac5d6b92f2f

    SHA256

    bda4c7224145984ca9212517430bd2f2124f8f9748a8d96b6589bc9ac826d2c4

    SHA512

    11ba2bc8b2a3f9eeb617aeb741d8f988f24eb59d8fb7c6e2e56e57c7bf57a497be6692061e8df227efd44bcd03482a0f2c86e10c9671026cee29aedf1908fc8c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3bdba9806fd39a426956104f2288ba0c

    SHA1

    5c12931b45a93081b3c140af851b957cb8f1d20d

    SHA256

    3395bbbc2d8ac6e29ede5f5e80bb590a21e98c0ce20dc97bc3d3a40df128a721

    SHA512

    104cf8c5ae31354e4de5df15495c000825f538ce63d61f50631fdda18e6b130fe665df0f3c7a00ee1c679958ce05b9fbc8ed478daa0818ff8f9e950b3b450e54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e868ae1f33f803763cdea2483f9c5284

    SHA1

    401a785ec7ac6720a5277a4c7f37734a0db8dbe5

    SHA256

    b6949ffa109415a832c2712c59cb9f1959a60f045e0bd02e2e1cbbc1ae399bc8

    SHA512

    9b1fc684dbc02708546750b0edbb04da4c4485f2c3cf323ad896db4745c1b3c59b9f3f87c5eed6ec9c485b8f25f66096e97847a25fd6b13285d387f002c69d7f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1fa73ff5e99e4e879406d83a25d13fa7

    SHA1

    12a78f96fdda2bd4ddc5f48d39638156cfda7188

    SHA256

    e5ea5f49d9dbc3bd6d191bab19215ad9edf9fa3df315a99b1c8707c48ab70aa2

    SHA512

    0991c79f222e2acd53749ff37be2bdb1bcf82e758ee5d8e2cd933f5a326c2a7a223e92addbf838978b01c4aa8efc2a6f13534a36b7f91b1488534c10e72609ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    851b3fbbb34c56bb898fe519677ef97b

    SHA1

    8103d25f428ee6523df1f098374e4df1a99678c8

    SHA256

    6f57dec51accdfe7f198569eb6cf042f247d036bc1e3ad5b09c75ea93eb1ffd9

    SHA512

    e48f5d970551f94c8c24a4ff120d847147d4596cde5ba1ad0f38de396a5bc183f06a2391df91bc23aae4ffc7c0974c5e39e905e16f33d53b0b3545bb9bd23ad3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7cb29e9631f44519fa9704f37bec5ef3

    SHA1

    c73eea7c0da640756872755ad4cf8d982bf87f76

    SHA256

    9f95d87cb9167f01f6d9047102aae4919fec99ccb9eebe692fbb43b19a920c14

    SHA512

    9fc46bd3c26ce2959f0094e70c0e241b715c3a863d61b077d87ef37950a46ed1bfa7797f33f2a8f34ab1abab9ef1366362b4e495edfa25e2a17ec766db4e01a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf788fa991ee95b08c10f246a997feb7

    SHA1

    40f6c6b17aa00ba1fa0064a0562e20b68e4b6a5c

    SHA256

    6688535b6791bc74c39f0641e749750aa012e1ae1ea2b749a2e2bdd46ba62514

    SHA512

    4d24dc501d8e07f27931946fd2b9468c54c8ba554e666403a896db98b28b61704baf306ecf1b4dd1c0250f17bbe552ef614c115efc9c4658348ec25593d20b2d

  • C:\Users\Admin\AppData\Local\Temp\Cab408B.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar413B.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b