Analysis

  • max time kernel
    120s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 18:17

General

  • Target

    a1b30af17cfc53882d74eb30e993c193_JaffaCakes118.html

  • Size

    110KB

  • MD5

    a1b30af17cfc53882d74eb30e993c193

  • SHA1

    520fd2f5f3584be1beb0a3f451e5e7141e207027

  • SHA256

    5a8f12ab56b6350a47771b4ab54808330f10991a5eea5d7cea531e269b43e55b

  • SHA512

    876e43c7c7e6e920c0bd355447b534f4bd6d232eea1a4dc4cb66ebd8a3414308590ba4b0860f6010cb0e05f1eb6cc03a8d69424753b2b3430ce3209c52a66950

  • SSDEEP

    1536:ScyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBTOy9dGCsQy:ScyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1b30af17cfc53882d74eb30e993c193_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2356
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2356 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2212

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    e7928d76faa4255b0a91832b1f54810a

    SHA1

    a5b6390c4559c239999a8075e7f262640e9e0dae

    SHA256

    0e47812843aeb008f2bc9c8876916c78e7e4073cf017f95f0271246a462b3756

    SHA512

    c2ef40fa56776d80768b74c3421b62f10c1e590e2d1d31c728527d3f9368cad24fd33316a903c97697d90b826d7ebd0aafb1931bd8fa3b942bfc7fddb7fb058b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    35bc70154fd0649e60a1ccc234a665af

    SHA1

    8dd1dbf1c67f4a997a422cd5a5560004c1052976

    SHA256

    91efaaf90ee805f93f163f974d1f10197a9a8248b402aff5fb06a9f03cd1959b

    SHA512

    5101e84aac2c8afdbaec0ece56b0c25533cc9508829ccbd881595611eb754f1699af45e68166373d20a39a0f4269a94fe53f470f083bf299222e9c22e2f50478

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2a684a182606acc51f63671e55a2106d

    SHA1

    005631af740ed473d6deac748d7718aa5b7fd868

    SHA256

    c406d052ea68e189b8796af47d92ffd20bd9d3c98406a2a6b5436700bc63bb3e

    SHA512

    5b3f21ee627f73ae98a3c0ee6ecf5e18f1e04598178fa75f854a7d28f5c0371e02fccec81d2b9b7f06aedc51f187fb208a9f8706931f64e70733f5fc70cf40d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    db238b4d37e7d3129b17c2d8fd0ab29c

    SHA1

    87b7d3c13c18c40117ecc003b6ccc8902d54b9f3

    SHA256

    c180bffcb82cc123c8d90092e2e7dde096c9adc62ece4b6a72aee3e4c0f153e5

    SHA512

    9dcf4c7697240ce676baf00ecf293f54b08c1ccfbf679be9be047ddb4d6682c8f615966c5c78ccb64f67dafc6fda17a782c2e8760b06d9fa4f505fd881e8487c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    541a6cc65219358edff32aefff86b0cb

    SHA1

    e075dec8a1e096411b54413d77a4ae37f6c726f0

    SHA256

    4d4cc054738e38ff908b73f88aee4992208630e9bfc2e02aab70c9685773b30c

    SHA512

    9cb8108ba86783a2a1bf3f5f0d844519c3160fe780f3d204b721184bee26f53605585487dfa964e09b2c2b756203fc6f9bfcfd18549c1051f0621e084cabd5de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    24e90a9bed80594f6ff651350f344191

    SHA1

    477c32f8a6b69da547a50db67c9475091cf86a6e

    SHA256

    5a6d500be47e6f250001e38e5049067eb9d393565f7372265d006ae6f3505d76

    SHA512

    7c0eeb10a37572d2d8953f2688f1d11630d623651ce10a4ffce7280f9d19e544562a56e80e022a514eaf894abaca1f24d459bdf81e86ad17506c543af38e21a0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c33a61b712e7310398ef23b6f90de80

    SHA1

    666da403341e08ba51e2b377b5a033e6a795c8fa

    SHA256

    38e24e7b9cc3a445139ff51feea7ef7cebd8587d0d035df22060af535fb761c8

    SHA512

    98c366b4763bf83c2ffe76802d2056f5aa41a0987d185843efb62b0cc0d75f8d8b2bbbf649029221a45b90db99edfefea2fc0bd6f673a33bbf742f96e37a40ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3660db5470d764b6e6d8128c5f8556c8

    SHA1

    19312e0459e86d88ec93b607cf0fd86e8791379b

    SHA256

    9ef4e49b5825abc0d700ecc834465ac68f6cdefa6d8ccfbe8a44e375581a7dea

    SHA512

    51a4954f67e031b3b96a7a3557a94095fc10093dd33b8570642760186320db429e658bae85d31773dd2d55aded9f6e6303eed732fc56d742fb42b7fbd1e9d374

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    507410cac48c0ecf142291231f1dfdd8

    SHA1

    01ca420b378c3915e580e68c24487fe09bdcca23

    SHA256

    1b1e07956617d4de109d6a59675e606f05d3b509dc9b22087796853dedd2256c

    SHA512

    4871e2b27d33345ec811297185cc40cf4ec290e8b27d3d5f1ea71978e9f454b0f4fe85e1385d12604b1f081e4edba0f9849afc20db7c44788fc0adbc39114e58

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d249d3a2aa653589b012abf0cfd2bdec

    SHA1

    433def6a2cb996d66c3ccb08b958bde7e556c129

    SHA256

    66dee89291b059c43768135fc380752de80c178e8ace0ece3e2140940f31da2b

    SHA512

    429e8c214b9ee6e31b577439b793b964b60208c435c4e934a38cf4637c01b19b4c80ebc91d58b843e76873a24e24669cc55e4b2bc91475e514ec5c3adfbc22c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a7c1112ecb0a755c4f2f43fc5ff61c56

    SHA1

    5a2300ca4a633dd1db2e372736830e198d8101fc

    SHA256

    72b8c39c7bca12ba98410644767433a9240cfc2e8f9804b9608ea81596124033

    SHA512

    a41bc4b1ab9330167a52f796b8f7f5580fb10955843c8edb7053a05b1852d663670b7ef08266a8319d9ea5d06ab85605f0997470b7defd73e4e1badb442524f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    95446857506e2bb4d13162d9e7511a3f

    SHA1

    9dba0bb2fa192cbb8640a1c5186ead2f80a68fe3

    SHA256

    ddffd5431a1158e509ca393b09320eb76429ea9af712b7cd96aec23c09f87118

    SHA512

    617687bf7f7ec28908188f6ca8a5821b327145f151db2e9499e0dda856e90c8944250583aaba2e560e6545b8c6eb9217b6f8abb8df07182bb6ced33029959a85

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    51ae22367f4efe5f20109c3fd17f5e53

    SHA1

    06f758e92f6f2edb66c40c7b3adfbceb7f70029c

    SHA256

    5a043551af559a354131ef8607182884a482125b602db472ae6b0756cd61701a

    SHA512

    b2216b01eda792701573e6c4de5d2c1aad807e86e62e0ab6719cfcd5e445102fd3696dd6d63809743ccdc4369c8eb5ea7b6d45756ecf5786d0da2a4a06bf2324

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed75c40898301f8373d67f89efae68ad

    SHA1

    b396ac767f348a5bc612e04a523869dd734c4aa0

    SHA256

    2c79b6695acababb450099d2e4a9c1a9a0f7a47a0d27b9581efd0997d104a1b4

    SHA512

    f9c3e0dac72b82a8330fd11f04b04d5c98e8bacca3f3605e075410fa42479fd35431ddb257da5bddcc61c9e8b1abec8c54494ecc6e2a8fa5be22e97ac6e699b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    387d0138afd459dd28141e68ed27ccb8

    SHA1

    030fe97ea47cd347e375445b2b44bd02bf5b9863

    SHA256

    8ef3ba6d9a5183a32024c6cc50a7a3111cb3f2164b4ffd7b5567d417ba491442

    SHA512

    6b221c858ea7d0d84ef3af3424560787931fd4b9edfffebc2dab477d6dc7879c716b491c13cb3908447d75e21298e6d8a5361542acceca513426472e9203463a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    109c850e833146042e75e02ec1294b52

    SHA1

    b4e89d4b49ef60bcbd9622596b612b557f9b3ce6

    SHA256

    d38f20c6c5dec9400dfe3186fbe7a5db34ac5aedb59b339c58245086b259ea35

    SHA512

    e5bda2ec99a353a440c5541987e88ff8805f0438fd09530fcf3d24dcab7673dadd7a9f36f66366e27354852aeaab59a5a205877c9685ab8a9ba0e383859a653a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bee2d4e26269a9cf16f2f495937f8fd5

    SHA1

    d52f996181d62c540ae7ba88ac9ed9e589ce48fd

    SHA256

    4d3e9a59c097eb5c5ad8b498831c959776e0ca339ab9bb44d5d1a6e9a29ba348

    SHA512

    9f5ae85bc42d69a8cf19dc50fcb03d772afdfe5118ff087f8f9f9e004ca88953fe87289a8f8174a4c6109dc9e876ca09efaa124d3db5820274331c847f1f1966

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6dc9e25226d192850b1a9e1b8c7edc32

    SHA1

    287180e4184824eb01b911393334691ee037910b

    SHA256

    8f43a30649bd8c0cb3ff3db9f381d5dccc248d5ac0bd0ff89286278ec6a88454

    SHA512

    5b9469c2a866e31b5e9f5265d202057fb6e9a02d865b1bf2943495428458dbead5f43413035d284daeea6927e592054db53a72b18a95f82ddaa544cd978426d1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    0288e63406cbadf37d08524e003f974f

    SHA1

    f0f7bde554b4fbc3ad50759c2b328e2a1069ac38

    SHA256

    32a92f62238542aa4907afc42c96ecf6147ea09fe7037f595e166aede2a953be

    SHA512

    ff492043709bf9cc326236263d144826a219eed4bb1303058b9efa2d560d7c4ba092c24782c29ac461d56e73989613ccc9cec4bb75a8b7fa3d1bb2e7fd000098

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Cab1E89.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1FE6.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b