Analysis

  • max time kernel
    136s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 18:19

General

  • Target

    a1b488ddb577ac076c1349ad8a0a027b_JaffaCakes118.html

  • Size

    349KB

  • MD5

    a1b488ddb577ac076c1349ad8a0a027b

  • SHA1

    ea228b3952afe56869283f558677b8312272362b

  • SHA256

    153d5d645498c80019342183e78f6a54d764d4de613b995d49718438edcd632a

  • SHA512

    b6a66dd213d924d962308c2f0eca332c281fc9cdc68eecef138358b6750c2b8a6f43171db29c0f5bbef3e6abcf9954ae618a7a7a6fe4734614e5cda40477c000

  • SSDEEP

    6144:SzsMYod+X3oI+Y0+HssMYod+X3oI+YAsMYod+X3oI+YQ:m5d+X3y5d+X3Y5d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1b488ddb577ac076c1349ad8a0a027b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2860
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2860 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2548

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    730db1131eccdfd04d17023536fb0e02

    SHA1

    d574cb001c9a1e5426d84addef9604b58f14fe03

    SHA256

    b5d9c7ac72c77030edf433065b66c2618640831d5eaaca17b473953b6ae360d1

    SHA512

    99216849f80fc727a02794992fc9d89adc75b8665121a4da5e303044ff319c153a963558e4cbe19642ae0d79a646fa4f718d44e17fabeb300759634c0385dd0d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8e4190d5de192419bdf933fc440f9e64

    SHA1

    82c4f98825b9ac15f8203938cb36cfd049a176b7

    SHA256

    3df193a185be6cb1595ab9595990d2445cf6c1a7c9d291ab8e4824a7cb55a511

    SHA512

    1d9adfc7070919baf5fc1cb3fd3b085949e7bb33352260f8ef1fc2d16f8cd4b6b0f09c75156dce9fe3f28dede18b08c3894ad32bfae933653ba23ef2d0b0ea9a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4ae7551f846d5ab15fc6b3564ed4fe18

    SHA1

    4da7d41b0341f8b0df795ddea8783beee8604931

    SHA256

    25be5b820ed7e7f4254b98fee48442b3d89ea3fb186892303cba4de251568adf

    SHA512

    aed665411488cfcacf95ece5b58b5c2b415255e33d912cbbee645c31517c0c7aea64dee324264e9b4ebf1c83340b258213a2940017abfcfad1775cf4769dd359

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b84d770c30d465be55e198eadbfcd86d

    SHA1

    ccd4a4310284fd667202c474bf4e76833bbb1f70

    SHA256

    c62307f5748c67fbee8c506a18a004ff6b3ac6ab293001e412b67862793be118

    SHA512

    ca848c54af6badcfba1b7e50abd84649974a4209bc381e1f975f55ad8b6c32e38d8a0d17d9a53a09deee5115e0f4bdeb67b837683d4eae89ebf96ae72e4e4205

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f9bac77206e0a9815b707b1377ac32f1

    SHA1

    001248a6b83196651ad66a946c27d3b95dfa784e

    SHA256

    d23bbeb5e721d3267759d41cbee6ff45c8d47ea62ead73fa3d03cfc4d7fdb6cf

    SHA512

    eca00a95a17b4368119760eb8acd1e11b2832fa2bd72ace6b0c7c0accf11e337ca75a610c9ced77ce0ef17cac59389b82d06966d068c16517d18af190ae91cca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    45f16c4b52bb95284a69427bdb30df14

    SHA1

    b1b920b6751951959705eb7d2fdfc224ae87f91e

    SHA256

    39ce1a1ae94ab293530b89b6c19ac09bfc9c60c36386db5bbd526dbdc16fd58a

    SHA512

    ea68939a006e19b43183071dfc735ec721f841b46c8ac92b69450e7be1c37c2a4106655cae26ca1200fe348753eff7da812f2644b4f87bbe3cb82252042fcf3b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    acccbce62436232077fdb2c02c7c34ed

    SHA1

    1e5d9c95da3d7170f3782029290b37b37aad91db

    SHA256

    62888d94d6223c5f1c6314af135b70c4df3a2721dbb11c738689f1ef805d9d79

    SHA512

    ebbb707389197ff4dcd057d238ffa3528aab7fccfa893ce2ea540ab42b05e8f76bc7bc6790bdbe883680fc13167d68487a1b64af064b1ed2e8f635994708a08a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7baadddcfa53554c9a51e819de6fcd95

    SHA1

    3f678ffe60e88c9f4d3b6e52771b0a683cf213fb

    SHA256

    d140ccd9d0caab99b88e5dc8ef9cc0eaced923ba386519f54e604feb2c946b59

    SHA512

    aab1d45588e5d384dd237410729cfd7bce00385b6e70344d8bb9d2aac0807d098b01ec44f15b4a2e28d65c594ce0bf2faf1bc4c59ef45bb89bda8544ab88e8a3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    97cd66cc957c7c87423adad27b260997

    SHA1

    f75bc8792400cd8d6d904b4dce0004827af9a1b0

    SHA256

    8f87191527fbb6243cbf67bc67d82f14ecbaa8a33e9f7350a18a7e026e7aab75

    SHA512

    73a469122f1311757e6e1fa6c804b379d3531e09fa00352dd637d821520f963bacb91c4cc7584b7e28bfae37615081cebe8b7b1c7b9901a8b558560681644168

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7e0f96e434a745acf40d505033f1504e

    SHA1

    ca2862ecf4c246bcec70c052706b4df09f17c0db

    SHA256

    bc73742f9b4767ec0bbd98228adf4c06f7ebd07d165489b57f8e1b6ee41b8c82

    SHA512

    81c0cafaeb5b7ac2dd5ceb1d1d41a70463a1b2349bfe8ceed9b0937472731bca19056fd0f8aae9dc049d301f8eb083b992c007d0fadf1ee6cadecdbd0bf6ffa0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ce078039983c35b4096899577be0cf66

    SHA1

    367a09767b90a09247b4e586b97712f5855b6433

    SHA256

    0d0d7615feea7fea9ec4b5601d01036b975436d0b0bbefd00420a09b905ccfa6

    SHA512

    ff05659e3c8fd69a1acaf9e040f615882949e544068d3b0eb25690b1d924223b06e85bfecadf052d1e9c41daa63d34bc87afe7c260967260fcf77adf35bb8177

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ad065614e2aa92bf5e40574c75833cc7

    SHA1

    89d6d11609886f85900700e1428e5e311cad25b5

    SHA256

    38d65eb7f6d0315420bcc4e8ff15dadb749cad9457a99ecefdd12419055b7780

    SHA512

    c74dba5cff0ad83f8263184785bc971ab5c9f5aae1739a8cab3c38313e5477a275adb50ee773ef9a20d23114ec96112eb52ed6b52c86bc86f6fb40d2f2552576

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fddc24ff7ee919b765db2a2bdca11b92

    SHA1

    83ca04237b7ef5ae368f4165559509f66cecda5f

    SHA256

    d64e4792ff110ce3d1eeee83465be8806a8eb70c5aa99f0b7ae86608ac3fc35d

    SHA512

    e048062dcaafa502690813f06049e2f3cecbfe78270f5c8aa06777f7d861f43f04fc0e970dc4623da5c0464acbb84b8c09c242379f01f45282a1cee80b3b6004

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2a352f5348d2511ea3a12ed56a300b68

    SHA1

    8706224b5f184fb37d7d01da77c84b322f9b1a8d

    SHA256

    a6a8f0fd9bc10e9743d0ad03db190686b275582ba52826aadd68549af61f0fc0

    SHA512

    439f3784e43ba2e4c2f381aab65ef262f169de01096c2180c24189ee738a364b299eaaee7d5fa2666534ae801e5082b3ca42da75a6784a26c0c50593a37025b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    54b9b37a8b8bcd26f54b66f30f2cf1b2

    SHA1

    8cf2e90535e982fcbd87a33a616cc9439fba58a8

    SHA256

    08bbacfc333ee11720d45b1eed54cb6476bc7bf863b7a33ca660beec0b2ce653

    SHA512

    7f9a7f275803c106a3daf7cf6e1fa2ebd5c93c1be376a61b2cf69761fb3cb33d9a62e81cff00ae5ee20e6b10c92d27cdd9ec0c1f84b3feb2bd9178265b2ad657

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    50f904be2154c24a35eb226e4b442de9

    SHA1

    ccc0e946a0a1ac278600c996d3c63436121309b8

    SHA256

    14b803872988d001b52d5e1fb7274bb967d3583ac4ed7fe137dd939c9fcf7738

    SHA512

    5edc7de46b5a3e3694aff8efb90f3db7c06a97352c3c8a2b3e0b783fc9913ab5bfd9c39f4ecc5cc2c6f987f715589560c45fe9ab12588788827da2731308db3c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0008e623e75d5de367ffbcc5646b07e6

    SHA1

    68b68b2b682ec64341cc71aec5bd778348431d63

    SHA256

    0d7cf46041e6eab0e67f2a99d2994c69e66e4a65a95e4694d3444cd5e9872251

    SHA512

    23912134ad03cb626bd22dfc781ca8f56036806c9eebc57f595984d047da10c6084e35acb6e95aed562a9236c0bb005c984fec367ad7b9b3592c5a5d4c6824b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ffca653c87cb5b14224ca2f2f760827d

    SHA1

    9f8ad860ef1904555422b87ba2b6432d348ae2f0

    SHA256

    ee3c1e091f559c6ea726af0f8d8fbab9ea3347fab1c07fcc750d55a2beec6952

    SHA512

    402a57878c22684db46afa91846cf6a16b886bf0ca4570367b14c79d6174ae936c4a5090946a168f4990bb54c641408c03bf69bd4618841712b510b27c1c3929

  • C:\Users\Admin\AppData\Local\Temp\Cab5A90.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar5B20.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b