Analysis

  • max time kernel
    141s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 15:12

General

  • Target

    a11c560c18079a36e255a7bf5bf76fed_JaffaCakes118.html

  • Size

    57KB

  • MD5

    a11c560c18079a36e255a7bf5bf76fed

  • SHA1

    1c0805a9570b88dadd91a2b7c9e14c91b763da7e

  • SHA256

    4d7d5c3f1fe402d16b70b886cbd81597d3a31959d02a82e7a0627374d4d58dff

  • SHA512

    3cb67074eae0895f7f12498f863c6e6d1ebb5bc1ae0ffe51da47a660ae88ff983fbfd0c91992001bfee62cee9b257fec29d258d0bafc3bbc034fd3fd46cd0fbe

  • SSDEEP

    768:6LdpHvvCIool1jMQWkJEK7isaIawmx3LWqt/EAKzhgVb:6DHv7oa1jT5JEKWsaIrmx3pEAKI

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a11c560c18079a36e255a7bf5bf76fed_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2148
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2148 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3020

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    962debf6fda6f65f06a5df811f4a7407

    SHA1

    f6257069f9287554248fb2e067271b77ac9a7136

    SHA256

    d57f0a30d35d94a2697ba14ea6bb57f2ad52b4b612a8fa5f37ec31cf08e40e6a

    SHA512

    8bd8b1e5d0a3995ec7bbd1a69b01c0c97d9cb436d803ebc91f691d0a91cb3ba429edc588de9d33bf2d2dc5dc2a1ce27f572989f24cf378d58480bad856af0074

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DACC52A1882A05AED14688828CFAE295

    Filesize

    472B

    MD5

    a4c3e4b3f212ccf9719236eaa8f728be

    SHA1

    e017a18974a9969ca60ca2499ac54b464d91a2ef

    SHA256

    0641546fbe6a6bf201d918796cf5efa992632208053037f369a6173cc2afd39a

    SHA512

    c4c229eec604f4022ab0d439eb8b95bbdbb554d809d4571745957f0da5dc740e4ecb13757273b9dcf9f431a5b1ca40d53a539e2ccfaadbf7c161dba6b8b2734f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    724B

    MD5

    ac89a852c2aaa3d389b2d2dd312ad367

    SHA1

    8f421dd6493c61dbda6b839e2debb7b50a20c930

    SHA256

    0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

    SHA512

    c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    1192f2752cd5c7ed202f41073694f5ec

    SHA1

    8fad94d91e018b96736b05f9dd7e6ad8c941de4b

    SHA256

    0670244d6a75dc7c8032d4c0042764f5d4b275101c610c4bcbf2c8bda4391e9e

    SHA512

    a1e1b80635c6fae0a0d6ce722d5fa267161220b82f9722cc0c9216bd9d06cd3dee4e1da2d9509731097b88aafbd5ecae9be1e7dd2dc7f6239668aa7adda1154e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DACC52A1882A05AED14688828CFAE295

    Filesize

    402B

    MD5

    359d261d2dc12d22b9056dab5a0f9be5

    SHA1

    460dde3c1ddb416785bdfab2a8e6e8368eb3bd35

    SHA256

    7a9815122b6bb0b1310e893aa58db44aa90450909cfff0297a189cfda71afff1

    SHA512

    98630e8e645129329ab15dffd27fcf69297828899c79f6a0ceb6328222d7c34bf461f8a3f91cb84d1bccde6dccfdde558da64281410af673bc73421d617dadad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    29a6666dd2292214084691026efd5ecf

    SHA1

    d09b4a83f2a898a435b8c43d8ca2ef3018e34276

    SHA256

    e99f04c66e7a8116b2c0fd1731b2ea10820970c3162c9666c37c4fc769d83d01

    SHA512

    164ce32d79c83ec74f3822aa25db2d11f125d90aa39f2d5cc1faf8cabefc9dba4cc9ec9f7b1e2b2d21411405c27af46a689e90a1a7cf162740d1cfa0d7bceedc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b8f3f417b252ff1d77278f8f7264139c

    SHA1

    ee7a7c497e1ef03bb60a5b8e8ab3f3ebb0741437

    SHA256

    011d470cc79c33913837399c1f91e5ba2435aa81e54505b4976a96fa7874a489

    SHA512

    900cc274e7e3ca246a6a1e5706b44d05730a2bc69797f6299d27a26b5631eb32fe478474053bc1253cb69605f24bc54b7dda9634c2164a0c15cd68a968582913

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ccac80827e5cffb035d18d743ff82033

    SHA1

    020cc5ebe1acbc89e91bbf71e0e35d21279fc2d9

    SHA256

    8bdba92bc67d54881fef3c17684c595266f659fa46f2e00c0c039055b37557cf

    SHA512

    ff842e8ca0e127978730b232650c5d08564bf4aea629883f34eb49b1bd8374380b614e2d8e0e97d89dcff9ac33c2af1fd1fb941f4ebba0ea24af852464a5af8b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    97e4c34136937d5793789215ec34bb30

    SHA1

    d62e2da0732f91c2515cf5f13eb298a13a62e6a6

    SHA256

    97906daf51696c8ac76379f12f858b3a4c54e9e537448b5ff8dd16052ff2da7e

    SHA512

    86d05beb8202ae50679e06ed453c175909873c8743f07f7e6498df0ab3655bc01a581e1d7441453ac85cdb77091d58d8f6e7ff71ddd24214f77f1977cc03d95a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d2e36a6d6b5b9987d4759380ae0be4e0

    SHA1

    e586a5ba83b387833520453ac02acda614ed95ab

    SHA256

    878a19430129cc5e0d666749a2acec896df2e3c281065541d2d16bcdb890b5f0

    SHA512

    c4394cb53f9894479408c25cd69779242833367cb85d254ce6eed82460bb0d0608f38a743024fa4579e3c459b676ef8fe7d83dd1d7617ecb855c4a4d29e3dbb0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    668702a25d01d5b3eb6f70cdade09a6c

    SHA1

    09510302037431dff1efa15294b382309b47ab29

    SHA256

    fc1d4a2c1a7c50933163dcc8dfd2068fa8024dd420a98f549afb426e463f4235

    SHA512

    2c4c77e96cd24cd5cbd86038bf970bdd8b913e9014c70c665bf78242f355723be7e1ba74e3578c9bfe14a352c3f93154274033c63809ae499c66041e77cac2dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    01c5cef38bdbfe76ea0595315c255641

    SHA1

    eba4df57e584f8a41e4001262201cb6a2a05be61

    SHA256

    1d5eb0c40e0b5c6b9f94f78773e85f558f6959656400fcc83546dec68a5088de

    SHA512

    48c6abb2de7e99e7c1db72b1e2ea5639bd39c756b8d766e39e98eb756b699a3b829eefd2f4a70076f10ff4bfdaef984333351088c8310a2083a7551f4036ff78

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aa37a3a47e272c60c95d457c646f6a56

    SHA1

    2dbaaa26788fef56b19f341f6dbd2a2baca88fce

    SHA256

    2983196562219a181d73091ec3a6e3d9158987c3d2fb210f291fb1ad2776eb05

    SHA512

    a799f6ea12ea734f7d00868737c2a35fb95f0ec6e711a6184aeb6a8269abb90de57441d753423a44090e27c57efc39ae6f0389b13c1a798bbe6e4786c715544b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0bd0637493923f38e66d4f6553c97b5f

    SHA1

    1a437e56efe75f3a3e67417b3d20a59878ec37c1

    SHA256

    9787554b6e55c409f961d3327f3d0b449984122cbb1b9c1afa2336cb56db7f06

    SHA512

    0f5d5945512a430ff0df2f19d33ee56e63c83f4bd80ef7f8f7596d6d9aff2394c56ce788b397cee9c7a17a2dfc5a33637eedb8918ecc94c84c85855ac096aab4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2dd53c70ab1b9e83ab298a6a61e57f59

    SHA1

    482f2d6ef8fef93fd8a9bebe1ca981135cea2ea9

    SHA256

    bfb93258992362ca478e99a7a74fc866f6c43675d450775a0c40d071fa7429ce

    SHA512

    1a8f84b2dec7e5b00aa503dad00074276c5d310c9e0719c47360938f76a8c9d1b667fa71c3eecb42b7b81b77cbaf21c96f608db3405e0b96bcb54ebf8e211b90

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d78652d48ed484f6fd0125e941592ce3

    SHA1

    767a4ba41282d4d33d80fc2e39dbbe9adf34c5bd

    SHA256

    d58ca9e3a46d209cdccb7f1f2b3dbe2b55acc9370f73b1ab769cf3a5d41c0d6e

    SHA512

    41d9c51368525bf5f6e3030be1824ca78e2806045e9c41da6328811ac38d67eab6b3190bec1a0dfce8e63d5b1cbdc212aa2c61110bb3296d1ba8107762e2a2b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed004278677c923c92469978cd16d23c

    SHA1

    3dfb4a6e514eb52da499925fba9ff41fe897c294

    SHA256

    697e58af8235d9582ae8eaa0c40b52472413d5878c8a547150ad4760a6d163ee

    SHA512

    258e3f9ec4c152aec6671cb3cfba2174342b83cbb08e69a4777d9980b187ebd5dc971af9f09a5f02149ba93f9370b67d6374be5681a6b018d4ebc364095a6275

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    db7b0b93cd718eadd5b50027b6a4f18f

    SHA1

    62fa01ec8d470a48b2f9e2346a15c6127a96d3bd

    SHA256

    bf687514231b85bbb782db812e44fc44e2c8a50ae330c4dab84e158df5bc55e4

    SHA512

    94e0ef061e70c50b210bfa2a64b73445a8bb7e00eed1654a0367d4214ea94b8e435b6456589502ff8229b9767a5a7a7583fab81ea944a2ee53f156b08ac87bda

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9bb3ce3f422b740de855b77a7e3b822

    SHA1

    de7fbeb903571ec90a4f009e99f4d1bfe14a0c2f

    SHA256

    c59d90e46ceba75f3a42354364179046794382b2d7429c822b589be8bab5cbcd

    SHA512

    bc54aef3f2370bcdd41be96f78b5a062e5349a59af296db53d82779b8458676ba53f53efd1ab65cc4c588c7fdf5b2cfc105d20d11defc79196b5616e1ce6a3a3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    392B

    MD5

    bfd4460133e39e92d6c7c78d14e85e2a

    SHA1

    c3025766f233ac9f97bb25708e7eb256ca3eec1a

    SHA256

    2ed278d37a52afa7da701c1be15811f4b93e1ff08d9d06a67541aa1283f9ccea

    SHA512

    a67306b5b943f2ccc056718d5746a077bd14429eda656f7c148ad0540ad68914e9a5692739c5e00de69d4109f8e071e3053406de7f102baecb8aecf585207336

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DODQ7AEY\cb=gapi[3].js

    Filesize

    134KB

    MD5

    f9255a0dec7524a9a3e867a9f878a68b

    SHA1

    813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b

    SHA256

    d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d

    SHA512

    d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJARS8CM\platform_gapi.iframes.style.common[1].js

    Filesize

    54KB

    MD5

    682c26af19b240f98d2cb951721fa54d

    SHA1

    18e58b652c7f82a55ab4b1910693686049e25d62

    SHA256

    96428f0f585a874c185d560538ad83ebfad0365d760fcf9fcefe80add9e3c980

    SHA512

    078aeef086271b7f9cf0f6e3a1e7908d7e38465a1a7a4de6f2a785147e9130551a2995e80600824da9341d58e5425d4505518e90eea9ffe1c64f4f41825a9660

  • C:\Users\Admin\AppData\Local\Temp\Cab3821.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar38E0.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b