Analysis

  • max time kernel
    135s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 18:18

General

  • Target

    a1b319d7da978e3f2baaee9c11cd534c_JaffaCakes118.html

  • Size

    213KB

  • MD5

    a1b319d7da978e3f2baaee9c11cd534c

  • SHA1

    148cd61dcd8606ca46f67472cb0b3793d4fd2156

  • SHA256

    71192d1e9c6c97a3e05c3e0587fcf899d18de3e6884eb7e1d33fa7e3a1a823cd

  • SHA512

    2413b0952bed136d7ea31dd512dc8953917409c6433fee0e4eac43174e2edbe1d217fb1625ff811dcea9ba81ce582581f23e8ff5467bf1a65a21be641f33bf16

  • SSDEEP

    3072:SmtewwHK0eYyfkMY+BES09JXAnyrZalI+YQ:SmmgVsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1b319d7da978e3f2baaee9c11cd534c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1196
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1196 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    f8467a9b4788568705c074b8ba4746ab

    SHA1

    308d37c7361834faba01f64030f3c7406a9909af

    SHA256

    a8ed0c6374a3b8e94c879590aeb47eaeb08d51a218a90b1036a4c193ea56cd38

    SHA512

    84c1eb99d5178662e754ae5bbdd9aec870a66ad4af602360604f4c9bef7813d1e986080cd33ddd224bd6eebbde9f883d3fb3d9e56ef7027a97bf29dd6688cf31

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    d6ec293d2a7d5750c75927b37f26e2cb

    SHA1

    910f6d9c710dc51eb6f08e8514295bfc4bcc3177

    SHA256

    ffd251f3b917f8898ae6ef7ec141c4c2084d9adcfcc8e197b966e41b306fa7c8

    SHA512

    465a8567d0004b0dba7f68f8f18407a25ac583ba269f08b26cee999141ffa32a232cbe3b71c42d09dba00dc98f9a28dee066542ca77feaa2f8821c2d70226229

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    e4141fef9f4738a8390a2041400c54d2

    SHA1

    f250e7c573275306d5b89f59c9aa919cc4a9931d

    SHA256

    c73311fbebf14fd07ed685cb97792beec544a9c0e546b0cf5b65d0752a236c2b

    SHA512

    6f9bf75400601fa97d3cbfe74ce819f1bf4a6c5cd9b586ed4ceaf15f410cf95116e349147958b671bb7c144141a068ca91b0f47951cbe993ce22dd215f121704

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    15cb9b7e0c7f21532d155e6b42d3ccb1

    SHA1

    8df742dc37ac54e39521e8acd7e0b267cba2e190

    SHA256

    5614bf5d0be5dcca57850bce14fa02b0fe26812bb699947a8e8b8ef6c2e97977

    SHA512

    3a99eb09f38faa43c2ffbc81cd126bbda320ea6d5fe2018c6adc37341444fffc899c202d6c48f62c9f096ec17686e9b06fdb305dd66a5b9a6fc3655d9329da3a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    4a5581d9a4c04567fa5834a382e828c3

    SHA1

    31c9296941e88d642b7f9677a5b3b062b9f6ab8d

    SHA256

    835a0d14f64853db3b7b364ed116dd6e9b7977b1c3d5456d2ea128d74cf7fc55

    SHA512

    bd9c841e2d167daa2a41b75c4352f8830c04ca918976c09f18d9b3e01cacbdf1b40dff9b8a9e22a4c88deb5693b4453fcc268404b7e4c5b6b50b2e1d425cdcce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    b289b71a5d710c8677b40e6a825fb754

    SHA1

    ab67f16dedd2acda29d3d81e197d6f95bc35395d

    SHA256

    a397724467926df18131e2ad8c4c4e1c0e36a7eadefe62658f031e6fd95f30ec

    SHA512

    dccd7d02294435eb323463873c8c4654384a9cfca69d4ff0f9c3ef8d555215af4856e6bdcad55750bf07ffa8263aef5fcef583c499ce29ace747880e8a37f9b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    0a969db1272d2408f4b42a9b919aa4f7

    SHA1

    a3c7f0f29df5f1922f88260e6267dfed66c4f6ed

    SHA256

    524567bf345acbc4864a4788afbcb3b4e27e95cac4c5e35d7db6bf64613c1823

    SHA512

    b316089a4e8b587a6fa005c66eef6db2d227be98dc98b25bbb177b481a754f0b6767647da89ed1e19a9fdac93f9390f0b26fbb2c85eddb520137cbdbd2f6daba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    ac1ae835fe3969befeda1a5cfd609d47

    SHA1

    dd905fd4d975619c3b00ffdd12ff721002aa111b

    SHA256

    1f572091d9a0b7b66bf57c8103c63abbbc2970ebca2010178aa2e721e8259baa

    SHA512

    3626a33ff1c5a7c0a81b00ac3319db866467489b5e71a5b6ed0f21708d8b8d478b27299e9d484801ab7d844e3b045dadde4b782eb211b5bb53e5e4555383770d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    d424843f6cdd9e1904dcf5d027dec8f7

    SHA1

    13c79fcc5172007fc90286b55bd9135c7f4155f4

    SHA256

    2975b84a87119bb2f0bcf4b21b9315fdfefb25789db01856325106927c8039e9

    SHA512

    2bcc05724f8605580e894ddd9b503bf98a703a560eb706c138deaaa38bfe05fb7f9e33b2c25c560884feee205e2b3d03ee146738bc8bd3a0c10ba3b10339b7bf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    837ce6956ad4e08e962c69b6aa1fdd40

    SHA1

    418ff2e14de4014e2ac186379ae6001b16782f42

    SHA256

    34e72b6a8fad26f095a81d845811a6b4c67d11e1c90d620eb5255154660373e5

    SHA512

    b6f47077baee90c786b565ba1e47aa1cc4ba9517058da336894188a0c4690d33eb332ba2ab70a5db347a39fe1a67b50f81b661a1f5c1df063b74bd1420056ba5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    d751f298d0d58f7c5b7acb0f549a6cf4

    SHA1

    5a0cbd7de9c16a099b2ef05cb451377d8819a93c

    SHA256

    5fd76bb79a00891c02a02158418ffb4bcb82fa5c7667aa55f2baf8118ae0b455

    SHA512

    bdc0a08f02d8334d35eb3bfede9f586e23a62be5245a4fc3ba66c71458a47e4e15e6da49d6814a5654390b0f4da852cfa3c2de27fcc3377d0c2006a7ee4ec76e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    8caaa3600dc9893eda15aad78223df0f

    SHA1

    03bebee083ff58c058e5e3d64fff2aa264a542ba

    SHA256

    a901889a2d697d053c50f2c8464605e1335cd459d972ab742d5132f9e32d90fc

    SHA512

    39b648156ea88a2d79753d05c21d815b90afe0761b05aceb1432ea918002c17c06326dc37af4d6c09c7c1d2a658e91b1f9d0f6021b2205a74392c3d8f0733cff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    24e3c1a9a84102afa20bd628c25ed1d8

    SHA1

    5f170045cbd2d82ec868341e792bb0c841c3d615

    SHA256

    24573912bb21e75313d5ee523738560b9febdb9ca01367d7e62f23cc7101aa7a

    SHA512

    30364227cb30870153680b3b24a4cdbaa652adca268ae4db03c1a171274a87e947b5405c96bffea8a67d71060e21c2dbc4ed1ee147457cedf282342d76b003e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    b275d2ffee3ed7668afc9f3c4db47690

    SHA1

    97964f8ff3e19637cc83deaada4dd9a179725a69

    SHA256

    1149c23042f0f762e4b13bbc192dc817b511292ed273bfe4ff88403327a5fef8

    SHA512

    b2601170bbe578c8d366fa478d8d65b035881b27d0ac03947ced75fd659ad8f25759d4d6e8e8905e384ca2b4ac5441d663cdb6470c942bd5ff2894ad8070454f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    95fef775015a597bbf267db18311c9c6

    SHA1

    6190b0ce5f01c8fb2363980f2f24d52753f8f6b4

    SHA256

    8766cacdcf5e739eac1c47445ec639062f3840777e430b277537769a3ff7ec9b

    SHA512

    78eede78ba313810251b4ccb2bc0cdc168a7e01f246ac18ae6642ac76669bb885d8b827fe88504e5706d3f25cb7455a16ec0119bab62131b84dd9fd7f175fd22

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    62001f37b7da8109bacea24f921798e8

    SHA1

    07fab1913cf7254182857e13985d07aa1479fb27

    SHA256

    8f4c0c7ba60d3a7653356134cb6ba1235c3372f982e08bb349323aef9eb8c706

    SHA512

    3d30de1f2c33b62fdfb8da8d5e945193186ef090879db5ed2590dcd495588faa1ac52623edd3f82f6660012060093166c1974357c88b2a10bd16a9afa7b0ac6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    9c5fb9a0b2b6d08a8eb5b91af7fde215

    SHA1

    6c36d720ea66ebe551bcec45e9e493644551d6c0

    SHA256

    e73e880c90be674518c1b8483c42003f9f31315316d40c220f2ee008feed03e2

    SHA512

    0d668e264eb4f51f59f36de31e5713af33c6f118c345e1fbad0bd3a362be1345722f7b10e93f3c90be56ceec0b727c5b8f178ab55d7add9f5a6aeb24c0fd7cbd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    0a1a0b1bba1d1ca0b5cdfa4cf30b8255

    SHA1

    38862df2a847c7dc4e5cc029b0d4ff484fc66df5

    SHA256

    94552a3f33dd6be8e7d4880bf4ee6ae027dd90d3bcfd96a8a2264b5fc098b708

    SHA512

    c36976f0daf2ffde453b3d7f525c543cdfdb572c5b155b317a4a9640e39f16b410339e44fc179e94b0b787c1cd8f6ba0ca12dc269d571d15b33ca65d559609f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    392dd0883f43e94d9a1167d2d38e84fd

    SHA1

    18af127eef6f64f1878a113b8d946b268bfd72c8

    SHA256

    2f248092124fc0cb0e0cb816d9b69c4f5ecc22baf99f4dead71a1a3bb4d22f66

    SHA512

    9f3c5b5f818963125be40f9e96254fbac300339adb8be9cd9f1bcfb42aefb1243be4d8d81424e437f4716384568be187925e09f3bae37c967c2a807fbcf42ea1

  • C:\Users\Admin\AppData\Local\Temp\Cab19E9.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar1ACA.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b