Analysis

  • max time kernel
    141s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 18:19

General

  • Target

    a1b49aff311d0b8ced2485417e98edf7_JaffaCakes118.html

  • Size

    139KB

  • MD5

    a1b49aff311d0b8ced2485417e98edf7

  • SHA1

    b7ea03c4549fb90496e208905741e2ba9cba4e8e

  • SHA256

    8e503c264c95d858e29a2d86d36d6f9cc320e31b6bc5094b3705808a6e92211d

  • SHA512

    e46b04dfd6bd5b6347909ff20a9da828f4104e8ab445508182c32c784b36a6e424a7a3177fb5d761b78e7d4775473a18dedd24b2c6fe6f9c69569764872f0dbc

  • SSDEEP

    1536:SQv0evnlFyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBTOZ:SQ5LyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1b49aff311d0b8ced2485417e98edf7_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2012
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2012 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2500

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cf9b1e9ebf8a310d20179efaa48a2f7a

    SHA1

    a5a5161fd4eaa1b1ddf2072e637078c722ef6727

    SHA256

    c5f95924a060e304ab7f39d78ce4c95f7132b2e280c23f7efb0f0a586a8d004a

    SHA512

    8691e8758bd438ff10ee3c3ad3e46f543148db8c288f9615a8af436b927e3c4a99f9e3ff271b98851c07e20aebd541b16b855db7a6e657202020bf1317718d88

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5ec62bfe0c8c5e01083798e0828c780e

    SHA1

    c66584e7aaf8223abdba6b2a73026325beaf354a

    SHA256

    a2b62bd1d60462e935fa5bbb551b3469026b49524466c0366a3a8fe63d0f568e

    SHA512

    0e8582abd8d5ad2da7e3b8d29a98c5ad04ad68c37e05f522a4cde8c6987d8f9f09793507ecd421d3c01509a3f3c14c09e5589268004f8f0e5868b50d4867dab5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    16c1406a7bb9824f727a50e2ce615815

    SHA1

    f98f5030206f559b2f255ddeb5c371230c227be6

    SHA256

    ecc7a7b181d15e3f1a7b11da71a455476f72cdb419d9564fbf1e566a9122bc31

    SHA512

    1aa5cddb4b5ca5325e7620977906eccdf4705bc655cfd9c231e1451c3b41004cc1def15a333e98a9f047a33f6bbda6053eb97239f566664eb62bac07b6c11e29

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    74e54d2478e13f020672c627e2946050

    SHA1

    ddc566083067d4d4fab6b09b579a45d6fbefff5e

    SHA256

    659f4321ce0a5491ee955e197571ab144a093cc4a5d7f03aa68fa8a81b6643e2

    SHA512

    6e313edff0cacb1d99b7fb081bd678043091ff91fb676082ab62dea1f030c0ea823a84f46781a02a6df051d410fc16ba11422889dac4f1b898fa09486daf4e99

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ce0f4f38e987be48848b0c422b9a3571

    SHA1

    8b42e4a0d3c64a53c7cafcdddf46f0935dab1d22

    SHA256

    eae57c1256a2e22bb9aaf60abb56ac570c8cca736879d92c31a44975f70aff29

    SHA512

    ab6b713df7b5b54491c80fa7a7d0333022ec3c4f6f7bdc5edebc8726fe315a9d47dd056ad249498c5c4cb6237f9b288d78207a7fee0c44bda5051b817d8005bf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7e12d706c67c1e762ee9193dc537be53

    SHA1

    130201efa8f4ac38fecb0b9e0a96fc4f6f76985b

    SHA256

    20e221d3d4a43bb142c58d84e80eac1c9f52276317c30cee0f8914eeb4b1b8a9

    SHA512

    54c06194fead1f5aea3bbc74a50fa92ba5212906896abf3e0276d4ab677bc9e6b0da1af1ea833ed40e877b46f54126138959e21acc68b11ea909e0f72c237553

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    296f0c8b88c5ebb17cbd176a0a20ed99

    SHA1

    33d99385f8ffbd67674c277acb30c7563c471d7e

    SHA256

    117be32761c2e5878a8453c0ac8288f68eea4993bd9afaa37c1351f83f90d9d1

    SHA512

    6d357a61e4308b4ad938483ac8e607867e83e543cd129483aff871331dbc15d7b514e57a77d2a6e0d9fedb1f1928192ecaa2e0b042d01b76aaec52093268584f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    23b3de2420299ef9f5cc8573692c3855

    SHA1

    95372ab4d9ce5b430e99d87bd3f61a7d4b05ed28

    SHA256

    9ead78c17e2f431d795e8797ded1dd5455a4d1741ef5bdbc5155cc6bc8be9281

    SHA512

    bea6a74d7e2b411abf74c69cab998c6500e99887efed99217b2959ea50b83d82c9d8d3ff3f2baf2eabddc29b05a2026050230bdaa582122342cfff7290996928

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    62f719545737a86cf1f553af68426ed0

    SHA1

    2dbfce195057935e0aae23d7f8b6437f848dd77b

    SHA256

    c161c9db30bf7a40bbeefb6a34db4dff846f0aeaf5b60bab6a280ea192904828

    SHA512

    ea1e70e016d296c0afdd820b7d28da49aaae83ef0df82b42c3f66346b218f46ce068a8329a6aa214e78d6d1ee08d8a2b2414574a00050d7cac25de37da06161d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f2922f6217585fa4d54b1680c300bee8

    SHA1

    09aa9f91f4200245bcaebbf4924f6eb83e19367a

    SHA256

    a1412edb4df2ee5e64bf8e5f07c2dac12931c2251a0e4d0f94c2227c39028847

    SHA512

    ae70fd2eaec36cf831c3fa84092ec26558292a3bb20bd3e41042d05e5ab8424599b10f7f6014c9618a7af0c90de6001735800fca1d3286ea12bf85898d18c88f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d9c0f407581ed28ce5989f4155ae7ede

    SHA1

    23d3087bccaac85150e8c5b8b441e4579c14961d

    SHA256

    54256575c1ce8a762cee4a4b53036c5b09327144e3780386512c4c195d461664

    SHA512

    880c3736d68a06774f55349bc63346e840cff4fb06c8d73607f28520314189bc5950393c2c25d83054beb96d0e28133cfcc51091b2f6490b970684426b6f9a49

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    46384c8bd5bddbdb5563a96028fd5efd

    SHA1

    0e78f2c8b1696a3aa41dfb80ae0bc3776f826c4a

    SHA256

    732c75a251ba31776853ad22273bf15d9358a8a2b750f0a9081892d691c12e6f

    SHA512

    2e8fd7796d4937bedd2720d205713da7b880f7e8e0528bdbf225ea4f0fd1a19968cbab74120ce133884bf7116d0ac9b5cdc9cdc1093b32e68284281b95ee10ef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    789421ee73ac7cf3d0d09744c80c093b

    SHA1

    c0fb48620330c25dfdc27ab31c400c78d99ef19b

    SHA256

    b85809bbb0382cce892501cdf0d6ce9960235a05b2ce34ecbb126416b9bd4e0f

    SHA512

    7d85a3d00783556a541df640e8bda69819d16a2560d28c8bc3963fea105e7cbcc3bf3f3b46603fce47f953088b292a0cfe0fd472c1f7bc7773c0905f322c66be

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    19c4ccc43e84bea866aaab8175ede8a5

    SHA1

    72d1c590b40e93bf0ee28ed3a9241454a8602077

    SHA256

    59c565afdd1c89522462c7f58555a8b2b6276d47a104f0a10f49d7619e76209c

    SHA512

    895787471c5d9a101fcb018f61b1f1b8d36a5ca94d35509dccd2229e86122601ad1e181195d062c10713418708da7db14ce7df3111abc902b832e5e280dbd617

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e0bf8df0b28906b3e27106a32bafe49d

    SHA1

    53c0b27946b32a00126cddbdfb940dc9d00be1e0

    SHA256

    444f2d4d6996f5998ab96d867fe13d5ab048f4ab56a748a683cfdb940b035199

    SHA512

    83645b229148bd45f8bdf4f1677365aa7537ababd77e95c7a707a19f916b674f32ae91130391eedb845ec41e25a51fbb271e07d5eee8ba70b77dd8a7c44bcdb8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e2780a585d9b702a6183e1aa1cc27c8

    SHA1

    0299aab3e41dac1b5df31aa45d017bdb094a6faf

    SHA256

    63b38b7957b5116fa56a392ac30c278a58914aed1f6b28d4b2ee52a34f6455bd

    SHA512

    38d3909bd738a73549eaf22ace6e951dc1b0a6b7af6a6429a415f2d840ad2768c71bb4e2dd5579eda866eb545786034e9a5398ae2f61d4e205a4a89f60ea184e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    de77d70356512c28475aba9931358cdc

    SHA1

    a090606464a01aaeb9c5e5d5091ff3a11ff18e73

    SHA256

    bc9f77f3d6333710ce4e17d2c0050e7eb0b01bf2d329be83ae724b81bfc8c3dc

    SHA512

    499724a748e272b544d2792fd07a00f97662c840a85c2c8a9a688bd92e695eb5b9f0e26cd73899fd8e450640398b0047340eb19e2c601eb22448f1622c79a910

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    657ff7f964327b3eba09d312a77fd882

    SHA1

    4bfaa8f16bfdd06c10b47fa289e57c91902736ba

    SHA256

    1751321738ae0203d89942500224afa1cc4e5f94263414dc8fa3ee1874fb6fb7

    SHA512

    979edce7eea26f71b40afe2ef6c43133fa4e3e7d15508ae9543be8006af43fdab75a00a4e7630fd76cb5493fae6893741cc6ecff1a82168424ba49656fe45f7a

  • C:\Users\Admin\AppData\Local\Temp\CabC81.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarD73.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b