Analysis

  • max time kernel
    120s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 16:34

General

  • Target

    a159c98e3a052d7d23d9bf4e328d6c8e_JaffaCakes118.html

  • Size

    460KB

  • MD5

    a159c98e3a052d7d23d9bf4e328d6c8e

  • SHA1

    86b10013df8472caba603777b21a4ab9562d6b92

  • SHA256

    2b6b1df9b5abc7d31fe2b9b1054246715f1ccfeb4731e5616bded2ee9d46ff53

  • SHA512

    268eac0f3e1471757108b3a3f59a9a85fe78a9348569d1de56a75157cdcb5d681fe63d235c59fd1001a1035994bd110340baa781bd0afe4325a46648ff105115

  • SSDEEP

    6144:SisMYod+X3oI+Y7WQNsMYod+X3oI+YksMYod+X3oI+YLsMYod+X3oI+YQ:35d+X35v5d+X3Q5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a159c98e3a052d7d23d9bf4e328d6c8e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2192
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2192 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2732

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c13d81778de8d79c82cdb9a7d03cf0a4

    SHA1

    04d8c4c8b9f362b3d7ca7c8cd152d5f4d7ada678

    SHA256

    2316079ecb5aea97a477a5a3f8195b75629d174370c8bcdcda592461d5060aac

    SHA512

    afda9bc13b66720951db028cf36ee4a999286a83006ee8c587fb947aa091b007cf43df5cbcd4e0f39579d239d1b2836b73429d2483c88b5441659e4a0fa8bcb3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fd8bd6a58b5313c069b8126e04de27a5

    SHA1

    51ac2d6f8610616249a7fdf5c2f3eabf74d2a692

    SHA256

    98473c35e54aee382b7072b06635c51df8b5ac00bb2c7b940b4d2ffc71215e56

    SHA512

    f4747604fd4d3082516433dc47990a9938cc52fb1ebe91cf5f68a201a8e8bdd0c8649eb7a5d896c1bc08e39acfdb4ebe50011a487bd70412a5fdcdb75923f710

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dcf5383f653198ce67ef46a38b643e71

    SHA1

    63d1d6ddd4075a9c965da880731f69b6be50ea8d

    SHA256

    894d5c76ff3e9298d39cb3278a6ceabff62f2f9e01587431d1b50ac86c3cbd1c

    SHA512

    0bc4f66a47c0210804fd3912d7ffbca26833da8b49c733ac798f9079e04a64eb959efc2425e4731c95f23fc979b46487ebe55e7057fc0fa21dd5ea34cc7d2ecc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0084f170ea7aae58d83b8a8d71becbaf

    SHA1

    707c96c2871f6534f718982d1a19ef9989716eac

    SHA256

    cef66ee00bc204a2055b752762557d475890a5991f2afb5910f47f69b4253aca

    SHA512

    be4fb0b455d23ed2018b709e14dce2aec2c80d28c9d96f9fc721caeba0ca02cf4bcbd35f39b5de41be4c42316d28665a19cf779d7eeb133ad34cbb496dd2163e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    22bc20c8af99db127a0e06d983f2bb5a

    SHA1

    95cc229908532add9e6f706dfcdc51c31dff90eb

    SHA256

    79efd4ab7bf91cdd142984661e43939c403c347e43c2e8f7068a80021cf95a82

    SHA512

    1040e0b9230311c42446df14db839dcb28d1d1ff04223ac9cb9d020931bb6613acba1c32a851a5fe6b6e88bbce3c3fb8f615962098a2de48f791378c705b316b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8141a3802775c594dfa84ee015885911

    SHA1

    e17cf22801187354918c27ee1134d1ade9d522e7

    SHA256

    0424e170530a0e6f394e3b4893104bbf685c173c6b63a33a6c980575c20e8bd7

    SHA512

    7d2ad7f801338dd313ebf73c3e83de767a2d1bf971518b5df95ab449547e343f99f0c76b441505b5f0b91dacc0baa77a1255cfc35c1be8ab35af0980b4895787

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7fad2b50dbb5873fe7b0b532cb144a74

    SHA1

    bc0a8a399b7d56a70d38f14e87cd251528671a34

    SHA256

    27f49604abc343ecbd4da2383c1b1ae4a5d81ccad903fe0b8c998e041945e2ed

    SHA512

    5d89f67e26e7360dd1a1f58d12260c325b1e7f9e94297ada977b718342b61f4a1f5f5408c3af746389e7b5228536a27250500a2dc644248d115d4c67f4fed05f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f2250d62674d722d5efdf0733cce2144

    SHA1

    8206b842c5b8c702b28b9e5e68d9e1d7718f39cf

    SHA256

    d9cabe40373710308a6da645e64a30d8671a90f3e3247d40bfed98ad8c7dd37d

    SHA512

    0618116c58830408f9a7a6ce82dbd1a118b46d81ae8a5ddbd001e5e527cf05b5e2c29b17cf4fe11cf75345bb63ed35b5b52ff31026f22053c03e2d6c2fb7f800

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    98b055a0589408086ebb1d2f0570fc94

    SHA1

    1a344eab686959ef87b09ddc28f86524460735cf

    SHA256

    f10943543fbff233e0cf442d6055566868b3c76e3fbf619ab5e1c41954eb3b1c

    SHA512

    739d155b8e9cfba021ff32be050960ccfe72a7db84e3c1b66d089e06aaeace522374febd69e37cbdf95e5a778af6378f7f656c296a55481ee13b37b87d11914d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c6a20b41a022424297bbada65c0ac561

    SHA1

    d719c5a153edcf357d77c93612d1fe990d169a91

    SHA256

    a2c3c234fea6dcc1e4e089bad376c7b33e423881ba6c8c5611c7902b4eeeb31a

    SHA512

    da5f5f5e86db2c37a9ea55a33fe70bdbd14ec267ff943dbe5961c35235f8f35c5cf5fb6529dca3d1138d66093ed1b901321e39053b22a6510166f696fe299ad5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9735c2d90a4b36a66b610fd0428822a0

    SHA1

    19bed97ae2c327249c1f2212fc7047ead6d5bceb

    SHA256

    77a0f4fd0f7a00194829f031fe6db6370b97f0e68caabf861921527095d1fa81

    SHA512

    14e4d6071548ba6bbb4ee2f910397e35ec9ca01ad124028801063afbc64bdeb3601fc084bbf065ef10d0c888bdc428d47455f443f6d33e8541becb55dc62a1ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    07e56c5c66c50fe69c32bcfd9b829037

    SHA1

    595c791698f9c4ad3e077f75c3e49f95393bfdc1

    SHA256

    3c503468db557f73f7e842a52e7a77e090db750383cf20d87e448db7a6db06b6

    SHA512

    594df0d4902d5883cf804d9354b5a57c4212ed7c634058a50ddb28f5a41c1712479fc9c0a56a747d277462d266facd68fadc557231d199a3c652c13fbf7bc9a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b025ff8a948c58f8487dee17c4e02865

    SHA1

    3cf347f0e43528ae5b9a5ea2217a117ae7f16507

    SHA256

    574325d937a30989d2f9eead650f36a07dce731d66ac7faf6cb9feaf31506cf1

    SHA512

    d978c23fa07a90cf13e1fd42b86cf7ed5eed1d17b69282a142c621670fe59fc044167cee9d16e738a70c10247aa41ce22678ffbf7ffc8c1b2772862bb42064e2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    87193fade2abcb7754876d314278dbcf

    SHA1

    51f0546b53a446e3a2eeb252ba473ea7569cabb1

    SHA256

    f72a645f4dc0fa25b005751520d2932dc0ea9562d914b2df9fc052fe2ea69696

    SHA512

    414a9305593e1bfe827afeb820559886fa1f8ad5e8e5da8487a917d5f70b5107da66c3a06203869ee3d45c5840dd6125c84204a97c4dc2026d1a4f947f54ca3e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    01ffe86d0794e355d9188e709bfe467e

    SHA1

    cd899f88d6c490dc9f65867c5f6fd3a7b1009267

    SHA256

    e37feebfcd220ca54c3ab114b92147c99721b609ffe1c5ee33f1b05ad4cdd8cd

    SHA512

    474b0ee6c9558dc1b67e3cd5ded01323f4b4a57543a9116f797fc55f44610c17c0520363221f94595cf318a2922b62ccc0962d45d389be7b41ae4b6abbe4cae0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    66b5e2d318bb6fb300e466336ccbcdad

    SHA1

    24564a8855760d0a5491c17a778f55ade3539c35

    SHA256

    cf407cf5c3620a9cc4ae76b8cea3163a788c3aee99c8df321f7ac7c1941b7b13

    SHA512

    a02d65230ccf12a82e6b19c310e102db2ef64296fadcf2bbf5d038618184976141103e70150d2b8e4227034715bf8f709ed3c7caec17105af32b3e990ce03429

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bca023848a38aedae67eb1c21178e9b4

    SHA1

    14f8ea8f4cab5167105cd5ac87c136ed33ad762f

    SHA256

    341b6c47996930faa69bacf67c28bc4fda68f7b31181178b9c3eedbe13bf9074

    SHA512

    ffdbb63d2500a1157f1e70293c8f282db8a84cb62ada563d8b2f0093065ef72c71aae5170562a598060b16ff156706178c3328ba364655b31cdd9f4c91f87b9c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4ece70d5f8d0e6bc9510581d2eaaa394

    SHA1

    081908f2c9a946fa33514ac469cc06d4767f680d

    SHA256

    2f6f70803ff899063e52ea692413b9cf73ca8a54d2bc31b6b81f634479d0fbdb

    SHA512

    69784c5f2aec33c4db12faff4906c85ef1a414b9f060aea0ea4b0f2466fbf26cb5e035fef0d27263911ba9528afc95bc6c99c971c5937bc179250211fe8a6566

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e19f93157c6e49a889518cbbd3e237ff

    SHA1

    99d105abe626ce96c5f97b4f4278165d5c6ca2b0

    SHA256

    9e02eb8cbe2a20d6de47d6d142ee1d1551251d93a7edcf1331ed89832e1acd90

    SHA512

    8599a5904c2cded52b995a81a75ce6d1045f01341126b904d1cbeff96f58bd153fb212b8d8e0e97575ea2c8346e1f3b11a7c57aad955dbb6962190c07a8e75e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6ac71446f704be31c9b6b1f93a2a76c9

    SHA1

    9923b8aaf53334ff25c2ad34e2a1b2809eeba037

    SHA256

    b9dd4f18aa3873129fb3ec90e8f19446da06d9ebc17e1d0f64d9dd7ed36c2b7a

    SHA512

    b5dafb55d3cb841bd626bc00316d2c7962e628f53f52c5d5b3428b24ea62e8edbb5ace23664250d4df50fd7e560d4d90977f0a755d411ceab980ff7b7a0baa37

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b28a27129bdc8f3a54fa2c7eb119f7d9

    SHA1

    2eead6637eefaf60d8b2f4355d183dee2f007fc4

    SHA256

    18f30560f7cfc4f4b2422281a9cf57f607d5977789b44324ac2bc429a7888e98

    SHA512

    6bc97e96a30f4da9d4fc41aa2b50f2e066e2276a273e1961c858d0932fb9f7b0c81e091042cff26de14c10a13cb8b0badf87fab7a91b2dfc2c8c5af5706b1f77

  • C:\Users\Admin\AppData\Local\Temp\Cab5C63.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar5D56.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b