Analysis

  • max time kernel
    141s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 18:29

General

  • Target

    a1be57e1bddf2bd6c3a67fa7fa034830_JaffaCakes118.html

  • Size

    139KB

  • MD5

    a1be57e1bddf2bd6c3a67fa7fa034830

  • SHA1

    2267894cd942e79c88c7749f9554c723bec8e01b

  • SHA256

    83751cd93a45c7e1027f489b3c6937c2d9e02ecaf5428cb90830582f7c276292

  • SHA512

    f8c7698f2ca7f5964ee94c3e812f4fc8a73ec2ed7846349298b0b4776f251794474a11abda1167ebb02febda5b09b4356e74790430b58184c043cf0bc0800025

  • SSDEEP

    1536:SrDQCOldyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBTOy+:SrmyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 43 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1be57e1bddf2bd6c3a67fa7fa034830_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2912
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2912 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3048

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    7d55982b36f51c750864390450f29407

    SHA1

    46fd6d7f7d276c52d9cca0b3c8099f3087b02013

    SHA256

    71f9b4f13a33997f5a7effe3a1cb26fae4daba86e1c4c85247b9ef21278dfea6

    SHA512

    0742602dd96525514ed0682d9723fc3bc74829b1627ae961ae2efe648c83478c83b65df1a38dd719d3b491775e312da13ffce96e6801ca4aa10045e4949e2bdd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6f495f02060b93b0503457484a4e246e

    SHA1

    06451ca154ded1b719384843533a00dded54717d

    SHA256

    ce7e0680cfc8be1cccd1b414751faea9bb819145a437cd466cc5cb023874437e

    SHA512

    7c96838b09bdf6ce3ad4b22d06c9f92231a86f872193be501132851b79fa804e8edbd91b2725313f2aa0efae8b4713083cafcb89748e340d5547978657bba699

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    324b457dd814d8c1e29be2d62a799101

    SHA1

    fab8ae511473f6591d3c5d47195c4de396e603c2

    SHA256

    4a3174e56e1f9f8bdd9238910618a50e07adcd4d5f79d8eb611174770beedef0

    SHA512

    481cd6d69ecc32020f4e39b2bc484f794ca0622eae4d4e9e530408ef639c7b7bb6743d8a525a91ec62c44ceb04d38796519a0620319ea32be63682e6c61a6be0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9a5b18c75779307326d212aa5eacd53c

    SHA1

    784a2c338f1d70afff3a81f8dc2763d580e54f03

    SHA256

    218c3972e238de0b2e05a5ae35da281e6eaf3dfdfeeacc089175f294bec111a8

    SHA512

    e3631f2dee79aecd18f3e31f4b52ffaac1a3a2918ae8b99435f576244e89138b9264a430fd8253ea9af5212e2ba84b2ad65a3fad8c5b48851a7db92f112f0140

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b6e8a6ecccfb5e2393d76f7f531ccb90

    SHA1

    18095f950ce0a88ea65d615263a3169734db1558

    SHA256

    b8f97d4ec399891c798defc13962a47750d27ec9fceb33aa96d237fd8a0e2730

    SHA512

    663521e527d8bd43aa7ec0f4d89e0de547890c1e386c41d24a5bb732c1cfade866dd4911f2f427a756410a6c45db7e05d19e5bdb623d20f68aad09c87af22d69

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    af3d3ac53ff1d8e9ca394e5d6f8fdb69

    SHA1

    78849b138651db489d2647869ba86014c156eda1

    SHA256

    798792a276e60c354ebb56e3a9f53e89daca630fff5afcc3daad7a280127b5c4

    SHA512

    ea5999f916cd3bb69c42335b455dcb883799bec815a686ca053383f1a91a9bd97c234c00b774bca55a2f9b239daf7ed22f04b9442b35f3946c9ffb30a2c966de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    40fe23dfabf26c61a2a2046b292aed7d

    SHA1

    a7cee35fa90b4c8e7c3ea1d704381df672d99475

    SHA256

    12c98ea73615a32d5bcfd07085bd5528f048ef87c52beaf88ded98ce2393d405

    SHA512

    0c2d8fbd1e319208983bd1f9f7cb070f1aaeecbe435500711fff2906b827f51cd1d05a0fe0d101e1de0bb60a5ad0ffdceb75fd370e509cae3a56644c65f08261

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67d62ba70275ed3869fc4c714c478175

    SHA1

    c4e1f38b2dbb4aa9624defe0f2d7f0c27b5f1791

    SHA256

    f8185ad0444c440a7c53d94362d346b542f37d828d5f0a5b8da252c3fe766574

    SHA512

    ac79ba0ceee8d71244b294696c67366a6f295544eea2a7c9ca2d9c92a204bdcdb8ed1dbc2b368e887e089b7a3f8bf467124fdf4a315e340f3b69d3c171bd9f72

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    159c70e7e0367dd3074bb42962bf5e22

    SHA1

    90e6e6d14d0b2cde69095f86179702c4205d6d88

    SHA256

    4cf1b4294f7424c6faeb81d79bfc18ee5f50d8f8f9bcb3c2f68b665d68d7c07e

    SHA512

    ef2046232291bb0274ce05340988d142c191adc971e4ab8049b96af2d6f83ae4ec1e0c1fbc1ee5cb26acb362611491c1445d1c86ea05348f02ed8a55c64bc245

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b48d6674dc4a91740fd1427cf975a335

    SHA1

    dbe03908ee5d09844981d74d37b301596287f178

    SHA256

    050b2277e37e407536f680e51a2c634f144221cb52cef11a230805724a7f18e8

    SHA512

    910104fa4cc711b30fce5c94e2041a9b899a45a6f49a87e15f28918ddb995844119823c0c429a442a944e9894f5ac049d6f32eb1176ba4f020479e6971853054

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c2dc6ed726ba2bd51e899e5fce45d4bb

    SHA1

    a5dfa0e16f34b3e519843d90a7efbf5bb4a59528

    SHA256

    6a889c01a6846dc6a7e464070b71e8f53fcc21f0dc191a8625a4231c7712bad9

    SHA512

    038b049263960e9d513c2467aeb2a9b255654e8ed3ebbc8450765c1774b9d17cbf3f15dc98285869751daeaf523d65d2ee19e1cf88035ed8185327d4d1d2e85d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    49d02b5f2df0c317c6165d60e248d5b3

    SHA1

    8e19d32407205adf66db95657f754e6eb6d85040

    SHA256

    4dcc6359c06e7a0c605641005908d356ee3815019058231a2adc01bad8cb34aa

    SHA512

    076c23878701fa5e18adfff9577a1738877c478ca9b6a1296d89801ecc24f9b1ac652a32efda2d19b3ce1722ab806f711fa6e078b65ee2cf140010002714849d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f226911fd8c933602d369c7990ad4dd

    SHA1

    4d186bf5d5ca94c326aa35694a1dba7122cfce64

    SHA256

    ee144dea778db464e7fd47d98b8e776008a34e941bc5e6ee0a16ec93b5991677

    SHA512

    129930a0a438ba79d8d6d14c93dff9152aad7c376c41094c9f2e160a53cdb21d389f82502c9fdc46c539fe9e420a4f77191bc617a642bebd7d80e611ccbe090e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    c5772321e9022544a50bf5a1e713e4b2

    SHA1

    89511b388b541dd2cf96e207fa8b0b0d3b994cbb

    SHA256

    944120d06d7fad7675b873d0f8636cccb06465aaf3133b7d6862ed8626147da7

    SHA512

    9027da8528da10329bccf62e5c9bdd42f6994c17766228f97cf4e9973e47b38990115e731d8b14c18b995cd03b5e982a2b67f8cd1cc723129e1764667475cc4d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Tar8BD.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b