Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 18:28

General

  • Target

    a1be1a950e7ea0e21afab6fb7c374df2_JaffaCakes118.html

  • Size

    453KB

  • MD5

    a1be1a950e7ea0e21afab6fb7c374df2

  • SHA1

    9c216a2bb4b21a39ab7615090fac323e4805c279

  • SHA256

    3cd6296cc8c089bb2335971dae22f338d612b1d08e44c1f17b393ef91055d71f

  • SHA512

    bd7077db32ac47bd3b70849d356f51b595074dd6fa8d853f0742803d9408097c95abba1607168f9d68823c8727b44cb749dff011283e5d1da45ed7236c1585d0

  • SSDEEP

    6144:SBsMYod+X3oI+Y4sMYod+X3oI+YDsMYod+X3oI+YM4sMYod+X3oI+YQ:K5d+X3Q5d+X315d+X3r5d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1be1a950e7ea0e21afab6fb7c374df2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2192
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2192 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2908

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2387a97c44b7bfc67db78eb642029bca

    SHA1

    3794378d67de776cf0d5df284264685523f6a2e9

    SHA256

    3c0135e29b700a909425e6e2ad9fb839a675a10ffb3ad2a0aa905b20e5c71c8c

    SHA512

    acc09f56f55d7fa5784334d68ddfcf9ff6371f86bc7ebc313370b016a7617bca4665860e9ebc2de57f5f3957ef2d78fc99692deb44e116821ced9d823f908568

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f6093d537b7213a2a0bf319d9200cdb3

    SHA1

    54578f705edee053001b507b5fbaea54fa2b3c0d

    SHA256

    3977f1a37f6d81ded120238b7e84a78bc996cfa0d25c7bcce7a4f814c4d63ad5

    SHA512

    8b0fdc05c115f982401b9a9e016679bcff7999271f9dd990fc8ef636a4e73c84e2cef949cb9238c09321a55d9b31631802262edc8209fd7cf5aead1caf8b1e2f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a5e34450686ba1b5466779db3ea4cdf8

    SHA1

    a49a3daadcdd61d3b88eb41bb324aeec75231a0a

    SHA256

    f917a15a83fef4a9107e999d44064cfd6c84402d70effceb577bb04e0714281e

    SHA512

    0c1b2480d4b5d7c15c06a56b0252fa591b0d0478cecd874ff4bb5be7521e46d48a99b49422a7e411b30f13ce945040dd5b49f3001e4af4a1d575a50116710c85

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36d99698ec405aa1004bc051cb59e711

    SHA1

    706a9d82d968f161a767e6dfe48fd37f1ba27fdb

    SHA256

    766e454dd5d98b18ce406bd5c31e41271fade9ac769efc3f99e3a414b1cb3f14

    SHA512

    c391f927f4f39d65084c13fee7aa7d246cc151fc1d06c8767966599a2ba98c536ae35e4da7fd0abdad7503642778608469b7df1fd9c1bcb63b4c0150d209b96a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2c362d266c655d2761bda07782e139bf

    SHA1

    4ea494541f30fe770917a504eba08d2bede1faa7

    SHA256

    ba8e03506c72648f29ab676b434ea9fd787bde60b1cdb5bfb2605e520d42ed2d

    SHA512

    4118b2db3e2a329ce08f3c689ebf718ff5a445d06993a60428633e226af58e96dc395632b7fd47ec992596964be043d171772a77c0a4904f8e1967ff30a966a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3427e895203f3dcaa6d92abd8c1f33b7

    SHA1

    d142870c7fbd0f6a4cb11ce1b68a901a92759d34

    SHA256

    e8e9a6f438df476679ad55c7f4f09dda512975516923dbd598f2de5495a2f1ba

    SHA512

    6f9e0aa46ada166bd2f797ff3f66b958b70378cac3ecdb3096a25ac1db7061e0ade5498fd18746e0fb6e8adfe00c300bc31d1927aaad109576ac0c52a077c7e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a187b42373c73eb4e5381980127022f2

    SHA1

    b1990a81cc937d8206e855ecd00a9b2482e67885

    SHA256

    8c9f1b079a37e3d73149ccc5e88acdef106406da4bc69b368d863ac7cc293661

    SHA512

    d47fc80c945c6344335791e201f38d5ae1d3376400f4e60b22d0369bbb2c01b42758fd8eef27e0a7416451c094a0fdca8d48fe159ab8a6802a152f2330914bb8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7cfd706cca5608bad6cbafd46696217b

    SHA1

    2614e5c586dd20bad46224838036613e6e603bcd

    SHA256

    ef22e82cedd656556ad8ab4e573d66ccd374a73e751fee3406b01f220c85539c

    SHA512

    08125add180592bbc323b0ed4d5984af971fcbc8da8efcb47f760b8a778824754897e46ec382b7d4f109900b2d45586073728a2efa3bcafa8312375de6fe0ccf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b96269c97d4e8ff51cf3989173721e28

    SHA1

    ff6c7d3f636e6764fcaf6e6cc53006490bc7536d

    SHA256

    fb41d1b761b9c607ccdaa78abb9dd0c3b2311080e552d234b341c6329bbeab2d

    SHA512

    b47b5ad3999175ee5824b9f697a415712c9e4853dda1b9daf4b48f7041ceda55acdac294101687f2fb68b58e2858808ca3ee36c28ecf32c3c993515b91cd32a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aa35ed5243a655f58828accee4263856

    SHA1

    cb7510e69ad29f875631e0c718dcfb742a7e10db

    SHA256

    e924ccedd99ed4e823ac2c9b6aeaaf72861ee2edac7973d9ef767a85420f151f

    SHA512

    85186113d8403816508e0abe20c69ca15f02a340c78f0b08d0e5d2aeefcabf05f2c3d937dd02c93cfb60bd5e903e0fac00ebd86ccee4663cea3370e7f91a4d91

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    862eb8bb8c9cbf445a1a0bf9b162c683

    SHA1

    9825af8ede99a06fead9ebbf2f0322f3f8a8661a

    SHA256

    5df358bd0a780e5800038595badd261999acd7b395a893c98a962d4ff957f4c2

    SHA512

    73979ec5468d5bd5b3810b2d06f11ff152978dfa8231c4219d013b76c4d5cc260895e33e2cf9d408a9b23160864dc52a5ea2b7e17be3da1ee4261baabc416696

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bdb41b025f961454bb73b37d4cfd88d4

    SHA1

    820bb9ff36e3a5fcb344a13fbe727c2891fd5b5c

    SHA256

    024849b0e9f2fcb1b5d9be890d5a2127b93c6fd46d304e7daaf6cf5827a81403

    SHA512

    be12cac6c80b2ba5166f07296427c6c2097f7ad2966f8858102e585be4f3f9251eaf41c198528d1646fcb8d99bcca3e9f265d89b23e2222fd510d9eb93b1c6c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1388ecee3112e053ff93bfbbee0a70d3

    SHA1

    766679794d48aeadcea8e6b1e1f6af3083213f0d

    SHA256

    aab0436a3f44f4d49ea87809a220f4acdc8e8957689e552e83c48cc5accc3e43

    SHA512

    7e86cb0f4251efa42558ad9a0d4363e557b14cb4fbf7b493f90e5cb90b41c6d004dd6a279633d7e13b8750fd9bc28aaea9307f775b573fba6d3e10f48295397d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    679687d13784ed7d2c26e4e2f95b18b4

    SHA1

    684edf958bca927b9c9b9981626c2e022628214d

    SHA256

    af88d74433b53f101d71b001efd95b6f6e1e78ce0ef026988f930cd14976a603

    SHA512

    a35322d3c95df565feeeccf1c53c8de3a97023218a956ce3f8f17182287ffa845651cfffacf14145edde122515e82da7001f1e886661bd89d8c7dea0b2a53c13

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    039b3a2de5293a24eb17bacb8b5ec25a

    SHA1

    9ba6a240e2d78f25854f3e8b2e94cb2663688921

    SHA256

    d37a167c99284362e3a04a44229fac8b3bc0880b2d2626b92b3cfbc57e1bd248

    SHA512

    99604b6e4f0775a7208c9f6ffbc8f2621dde6d850b70dbc150ddc09640b86a0f48d16770ebd2674e90066e69572de5f3cfcfa838454d4a24bfb51a79ec4b622a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    42426433977fcda88ea09c4f5f495741

    SHA1

    fa332d1d3203dd24080706cd2195e04aedf5a918

    SHA256

    225aaa3e23310fbbd88e71d1f5d9cea9df44e16db703b3090b65684072ccc9e2

    SHA512

    cfde99776ce9d91747d555213d56908ce7b87c0cf9165c1b9e65a5b19c7a94424e66aa031d6bdb7962152c1e88be867e0588c1b36f8292839ea8434817f9603e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cedd90771d219b7345c2012904e76baa

    SHA1

    fef7f959eadff70e8c2b319a4559f2a1797a3dd4

    SHA256

    9298c6e9ca7d63f99ae7134b90dc99bb81468ff17e6f6d9390de576546f23ab9

    SHA512

    f3c7fdeadc3022100e4ac033fa9a0cfe8eadb6ba3714fcbec8c999ca8f28f7575fcac0b6a706a06da84e98f36f3947f303a447bd733496050ba173d0463c9ff6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba7b6bc2e7c3421daf5e99bea3d2b290

    SHA1

    8c54c985b07d46518c728e5eed52af7d11852095

    SHA256

    17401aeb3cb1ab2372cd08f9c7d2ca5d0f4c36d2d690d88cff8c4a95f63f2d2e

    SHA512

    b4fedcf67c5b3a3ed8b915c468d44fb1f3dda3aaeca84c03cb8d49c405ddfb7ef0fae540c2e666f6f06c8c8c7fb1a28f1daf9f61543c06164eb896eee5efd7e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3e32eb10a86cb8a2c1e1bfd570188824

    SHA1

    15e87743ca2fc4722edd9633805bd6c99cdf51bc

    SHA256

    391efe73803a99602afe84372bf872b2d4474eaf4a8bc0cfc62a85fffbaf9fa2

    SHA512

    45640cb6586034bc34baaf18dcba697ab1bb93de3b80198f5d87083b696ca26fced957c73893ebba40c19446d93449f696948ac2639948f637344a2d5037051f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c806fe5541c831fb814df3f0bb05d165

    SHA1

    f01f249f77952b6543dd8e3c3e71e0c4046670f1

    SHA256

    b49a94863e6c2ea99e4699a6f90da530f0a543f4492284d96e37f0d05e12fb41

    SHA512

    6efe8d952c495db1b2dd2650009db3e9d7fc02ca07e41e68f8b37d4f39d356bd3cf764a32691759fcd6f5d52b793cb06fcb8fd9936272ce652e4359def38c424

  • C:\Users\Admin\AppData\Local\Temp\CabD4FC.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarD4FF.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\TarD60E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b