Analysis

  • max time kernel
    145s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 18:17

General

  • Target

    a1b2d0e954acb7f1616d58be7a83d23e_JaffaCakes118.html

  • Size

    201KB

  • MD5

    a1b2d0e954acb7f1616d58be7a83d23e

  • SHA1

    1c2faad71aa584a8d60f6cdea3014a539f889a3a

  • SHA256

    fc5818f234bf20497950b6f623802093cddebeecd61c03eaeca64655476487d8

  • SHA512

    1be5e3dd49d84d0cbc06883ec27c952ea8138b5ba0252ecaa4869bd7aa2aef980d589c10b8909d3dfc7ee9739ce3dfce6bbbca69e9fb67ff4b9df10e5960812d

  • SSDEEP

    1536:ka6Mpsb+5BLTJfqv/iXvopfXIoOkO320O0VD692nI39GvM:d6dfXoZu

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1b2d0e954acb7f1616d58be7a83d23e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1116
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1116 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1344

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    688278057ee16c809ca98346c4a47a4e

    SHA1

    1e081a739f7ffd68806b3bf70c6ed3012aef6466

    SHA256

    8663f0b7fba7b09d1b09686918e5c62ffad92d1fdcb3d1c01c7541b45c4cfb3b

    SHA512

    5fcccc8468fd51142405f6f0856bd7c02eba9d2124a02d869d8b362c0809e338c79f49261a33a8ff5496a920201b4ac5360f41329d1bba65d18893b90dc0da6e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    20be78ecc506c006c8a73861235a3679

    SHA1

    7f55cd5ea5c9eceb7b7643a0d4742391f09b78e0

    SHA256

    80fc8e6d747592cce147c303ac9f97bda6be2a59ab3b77c028a8d52652f2aedb

    SHA512

    3fc1c95a26cc101f678b08d886973b5d47f817f5efd9d1d7fea4a85097e751f7b1a3ecb05dd82f0f2dbeb76d4f2380e971cd7d348cfab349360ef07d8202954e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b4ef5fed03fab346dd1321e9e942a6d7

    SHA1

    840d0a9fb100c5d97aa955b1558f12a0c5784011

    SHA256

    3745a2a6c5045b529c483b52a12e2c9568527e33e92f636acfc5b64380fc71c7

    SHA512

    41015e349aa5f719f7b758ba65a5e184c10f70e0f30c450d10ee6fcaf2c1de25faeb8bba650d1b85e7e1e5fc5c7dd54139315bcf1fd1f0bcd4d8fd09f34a14ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    21e0329c7feba235b56d9400ca9f4fcd

    SHA1

    2ac3a230439da9f94dea2454629e471de54a513b

    SHA256

    c7b252b036ac12e022398b4997aaa55da74ef38fde2e4c17ec0a662eec652917

    SHA512

    53bb5b782ef7d71ae35bf734e02ab231a2569ed38016448b703c87f3c77ce6f12279a47286fc3b2a4add721292129fb6421d97e93265c87b7ea926deba3d6ee0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2ad30fa38be37cc33b950ef069b4a5b1

    SHA1

    d4a7e61bd32de6c23f08cb55998b21ecb9539a09

    SHA256

    fe30836a9a32f194a174bd3bb397de3c954e3d17df77c90222a50b889aebf829

    SHA512

    e16ebfab8a1234408a117443244a9a5ae35364b21c8f1f961ecb5f824a849cb3f7baaed4faf7415f740641ad43f21cc65d83e119201db411b21ecdbae762d060

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    66ae70687a99c8764c7e6cc6ec76578c

    SHA1

    3df721d3b9da8ea5543b6b6f2c8fda3bef53d7f8

    SHA256

    f8969783d67bf2241ac57a0837ab2b2dd90dd99cd56977d42cad1e48222234b0

    SHA512

    1ce607d9deae1e511cf03d289ae87ad2b725e9f52f63243b82f616ad62e2bfe515c3db3027548b678a84528bd94978959fbab4a13529dd34572951dbf7e8cded

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cbc08ef40ab36ecb6859f6ecfe4afa80

    SHA1

    4709ca36df44a6fe7ad0a978ca294f5d47d7699c

    SHA256

    9c429daaa4d2e4611514f1616fd55dbee3ac34cfcab0bb42c8a0b7c293f6641d

    SHA512

    5a456d2f3394e55ef353b7daf7fd352b9bcced6596bb2d186b53774d6fbefb15c6f0d2682ec26e6b6d0399a5155321c6f59836e67b7473439f630c2e95ee484c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf67531226e358eaf1150a535d31a6ce

    SHA1

    49ef0697a29449bc3f54ae59388aa3d0271bcab0

    SHA256

    f1c47f580061ce11aad4befce10169bdeaedb43abd94c7cb624e5aa1b9f49c96

    SHA512

    cf4374f30373d149ddbfa1f6f486fe87c67b08f73219b4aacb2ed4d9e9e9a529384e182357a6e07b64537de6ca5f73b8143e7ff2c9d9c8079e4d1090628e9af0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0580d5b511c681e09fe51888cdd971ef

    SHA1

    62ece402d30e2c19d5efd6991f90b6aeadcfba10

    SHA256

    53513bc85b5d52136b1c8dbb9fd86630fec82a63c8921abd80ab0220c49aa999

    SHA512

    a0580e2d849dbb83cb1d15a0d3121557d5a5c312986344dec7005e78ee36fe66b9a0edd3b865cc392eb60aeb9ce69a07bdbd36199fe1c921437048dd77c9a2a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15fa06543be387d70208e363acb1f2f3

    SHA1

    88ef355bc67765890e0ea8bfcbede30c7f3f2137

    SHA256

    fadba14cc85fecc4d17150b427beff3674b612dcac742d2c2ebbf80ab1c23ff1

    SHA512

    1f4cf6c80bbddffd8db7a7a27dca6486847026d6b60d154c73fd2a6e958529a8547faef1c064eafdefbdf2890873dd0ecf8d0c210bb2bdc5e0c8309d777dcf85

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eb9a08328c180ed6c1e89aedcce69511

    SHA1

    978125f14fc66baa04038be3f777ef1aa28155e6

    SHA256

    88e091d1463ef75ffd0eaca33ff26774ceadb24e27f01faa5949759b58aecc96

    SHA512

    4df148f4c8c136a05ad7cbb80921fc073d04832082af078bbdc7cd98a4eee49f37520da5c4feb5b650a3a14c098d7eb34df76072571a82859fa252e208b639fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f0e7e5b69a7eaa2e4b30c82a6a90a25

    SHA1

    236dca449826a359e0a06c3365daaa7daa7677fb

    SHA256

    ea51ae8180a7005929ae965f5e042ba746234c98d5661661eeb73981fa26994f

    SHA512

    2dd3f459fb313d8b4bd8d73363baf993cf2e7a2941e4ee26c9d1c671f0abba62b2db14d28077e522769436dd2c06c36b9d22d529b2d8c46b2104e22b531729cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    247e7952a7d16f040474f46ef39ea9dc

    SHA1

    eed3869e18e5489ee3217a7db3aec10925eb3c57

    SHA256

    d010624c36803b3368a19c3f7fa6733d458f58f6c958fc33679380930aed2318

    SHA512

    40b704f572e73957116106150e152ffaa98830b02fcb6c213e28ba525ef7b75332802b299dd8e4df88bb1b9d869f0af5cddbe1cb97c2a18e14e1c0527a9aaca1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    48b1671d695377e5914055d9b210c79e

    SHA1

    3ad35909ccf0c4e3e0784df7fae9e8c90b5e9c0b

    SHA256

    476eddb5120c568d7e2223b292e12ef575e69bea2514436f09f57f8f34ed7f0a

    SHA512

    22ae98591bf0c90b8855c78a2d994a19a71cf614942adb8a2d1aeed9bd9a9e36994aa50a6b61ca8da7c5890a0cb703cc2a25c804b7f7bb6f065712cbe7cd1c36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    46efa8d8cb7475aae6504364cb3822c7

    SHA1

    f8965397db369e469ce251d4a985c9ba82b802bb

    SHA256

    e5d72d5dff2413840fbea20fe994e12589ece94524404c36a9143f7939da3a7a

    SHA512

    77e303e37852ee66f1fd0620b8f042c748787f252fe44099793ff654f8c224416c1051169699693aecb928fa35d6b388869f9ecb5215673a700b636ab5a85cc6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    75565c888de46734f9cb4a5735cf0b93

    SHA1

    117efb2bd89dbd8170905a36475ae9c5441d41ae

    SHA256

    73b1de98e250860470e26832514daaa6d534b8416258430734ab5676eb99a268

    SHA512

    f50613332ae2a62564bfa0069011c1ee9466e5cf5420f4704656f50460a1f17e459c48219fbe555d4d91fe1eedea83f4b22cb7f480f3cca5e25f4c5cc1644dfd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    69eb0aa3a4dfed8044599c1955f13c94

    SHA1

    c5c0b7b14af800b7c80c1fcf959343b5888aa472

    SHA256

    c346ecbf5f3cd3168d61dda74cfb78caa0270818911f1db10c8d69cc3ece1086

    SHA512

    4d5047462118fb83dfd4e96ecfbc71b49e3ae5b586b442753ca6068e8925820fe6c290807270172e6effae41c9873d459d710f245a65e5c1541a73d609daef61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8b7be458bea0ec0e1cab6c12fb4c341f

    SHA1

    948ba346a27d98a80fe515aa3c7013559d59532c

    SHA256

    5e545f358ad3338d4ee2dbba6c7bd306d8eecac70b02cf509b2becfc8b8b89b0

    SHA512

    7beaf2e204de2574a1cde4ae6b579b67e5dd851649ae6f82cab60935f4a0a724329d7711477e7f84d1739fb95b0a4a87f4fd1e593a896edf5ba5a9583c53b720

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f7c040952153b10f350ba25976aac974

    SHA1

    d122bac25e10554ae9cca4573f6c4a1727866e6c

    SHA256

    3839c3a8ddcd1878991831bfc8cb25678ad24072d0fb20f1730927053238a3be

    SHA512

    3d78b2360898cc549f842a37d4b39e696c12e1c658f4b151d3f65c7157b39d8495f7cc8ae1a228a7b764ebc6571aacdf21f63b9e187cf339a4562b855e16d280

  • C:\Users\Admin\AppData\Local\Temp\Cab7725.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar7757.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b