Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 18:42

General

  • Target

    a1cc13048886426ba613cad47d71cd83_JaffaCakes118.html

  • Size

    460KB

  • MD5

    a1cc13048886426ba613cad47d71cd83

  • SHA1

    47f1cec0ccbc9ca0dff19e5fa6fc028464dc334b

  • SHA256

    5ce3fa670a2908f580b163c4b1e80a5664862f0464ae6925f4bc22266184f231

  • SHA512

    2e250e5b597474887c118ea1b66a581412682d347d675a857af3dd4829a2f7c9fd15899a9cc99b6990706466990d180fd7fe80327dc7b79cc6273923b72386c6

  • SSDEEP

    6144:SosMYod+X3oI+YxsMYod+X3oI+YwsMYod+X3oI+YLsMYod+X3oI+YQ:H5d+X3X5d+X305d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1cc13048886426ba613cad47d71cd83_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:856
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:856 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2748

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    627274b85e57e208c136372a9605ef65

    SHA1

    ba4d37311a72a21a90e9da3e7b5e8b02bb7cecce

    SHA256

    8ffd5567d1bfc613d7f96a2da92e9b750b14584b8a7fed28ca2b2a10b4fafc44

    SHA512

    4101ba6b76b02b1872d2c63f6ca6253d9179b9aed927ffa39ff42145171b261dbc50f05438fbe86589cde0884a029bcd2af1b700cdd4707ea7cc50af48a657f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f5c99db42faaed1205aedaf1e937088

    SHA1

    c4210e943479194beafa7dd631eaf4c357b03f4d

    SHA256

    b529af5f65d99395e698c1ce41417756bb3d6d8239129b3b3661f22320a9d79a

    SHA512

    3aaef80b7163245bdaaf01a2231f4575740a7cb40786a3528c1e3c3ab828495f2baf8a1e1a330a937b8412d5f5193183a46f17cb790277bedb6aa291000c74a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67bee9063d1b85ae1087be0b9bd624c7

    SHA1

    3c9fc5c87dbd0fa571a64d9661bfa10e6b90e1b6

    SHA256

    831b949ec9912ee3bb087fc038b1fd43ba166e69cbf3ca838d905af45ee27862

    SHA512

    0e9f1f63b5657f9551a0981cb42d668e43c4ea961f86a18d03f196bb3ec6aa25dfa0379154a9747edfb2e0bf0f6c60b9f575789a26c1e1cecea42c940a447845

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    37e5152658b901ec369ecb46fab620ff

    SHA1

    ce9979030555ce1f34106b36abc4ac594c454936

    SHA256

    9ade2eb630e0bb951b4abedb4f24e9c035faa21c3d47fac5bd82ede7192f5131

    SHA512

    6ccebdcfd9134b2c5cb0a2446293ee556b81bf28c487efdfaf4cf8c46d429855c227c3dfdbab4f646e41a38ab2e76c46de90218a27bf23f46dc5d51bd2835adb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f7280107d6913d3b0afca76ec71aa87c

    SHA1

    f7dacdfe559749bdc02cca1ebc47a2f39bb4fa2e

    SHA256

    a5739be76713698b081912790331991595eaaff1cad7c20151679c0e13250eb6

    SHA512

    755e905c77da0ede6b1fad86d674f8164cc41b1b32ac97d7409c8083a5e8d65c0af45e97d4d1101d9958b4b6637345d40701de393eb641cdc4651c7d891a90b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0b206ac22f1a1de79d769506680de7a2

    SHA1

    cb5da7ff0cdadb5a30f8c0ed684b9f2cd1578289

    SHA256

    e33df27628b6464738620150ea7ca6f263e2b2920765d2c7fd59ca82bea8c825

    SHA512

    05232ad3db201e2ea6ea65ec77e655d1dc12c5d5f70306b6f6ba639085fe8c00c1ebff1fac2e8b0a0723550706377a043b3e8e375c19118a8459070bfbc67f48

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dd51b158e77f9384f5f49d0f002f1602

    SHA1

    87bb65e6320e7ed70d0a86496cf52b5ce05b2617

    SHA256

    8b3fd8cc271f25152b2dcef690e53bf1953e507c853bfdf991e2e2e618ccc9ae

    SHA512

    86a6c9c836358ad1462d156a7afadb7ae817c32506afc6023c099544d1e59d554c9b80eaa2d43fe8ef4932814674ae75b9c69d4cc8c5aa2711db7f0bf7d18715

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    996c85fcc629e8e016c59d71c3836d86

    SHA1

    7f525cc03913135ed48e0d4b7b3719d844489f08

    SHA256

    94c00aacdaced57d87a9fd4772ed7407332e892847b621a8636e4678dda835c8

    SHA512

    85ac38863646b5e470131333aa3564b9e3a93807f91ab129789e2ce10d75c10ac9c14a08ba00729c90499b313b2014da2d1942a0ce47d8a37bc767070b4f71f8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    68e6205b0a27371f24796e630742935f

    SHA1

    4f310abbaf7b3cd797fca06c4d033accb6b755d3

    SHA256

    8c94b31a2bb4b0dea6b0faadd4be9e68bc2bdd2b5fc1d98d2b8f99180fded6d0

    SHA512

    a448c85345030c59878e4d9c2c30beb6efd5abec17be705c4633141ebb701c81d2c65d864e86a7e73af3e6943fc8e445ae95bd06fcb2645c29662af15b729163

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1bf37a5355aa32b643e21a85a32ed3e6

    SHA1

    e3d8909dce3fbe9faeafe098dd8ed6e3abfd2d63

    SHA256

    f9ef64c67a0792b4e9d645a1ab0af4c86b4f1aced2a759a9ed2848efe4ff61bd

    SHA512

    0e5986d5ed3427710f3df53558a21836c0748cefdf93af42c3ed13093b2edfe808fadea20ec24e243305aa06cba2e08ac6230048a3c426777c10e1b932c5805a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fdd1a86f4b5a305c557bd41b288a89f2

    SHA1

    ef44bf9750c179fc101e83af0aa8d3d1973afaf9

    SHA256

    c0b96fd3fbe0aba5bbf3c72ab4933b2004cbd1ff168ce587be85a4e68dde7043

    SHA512

    0612eb1ca898ca760e1cb062e6bb9db3ad011980190f883ba87692ee98e661ce636b3e9db6d1398998686e1518703650e885e1ed0ba37e3e7dc0fd8e1fc1e7bf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f84ed1827756626b5729789c57d9aac3

    SHA1

    d89ed89102475813b106821156e25d8ebcfd70cb

    SHA256

    8174d3c5bc60b70d10d6607ebaf2c49ae138e4c4aee4692b25320ef23001913a

    SHA512

    5c423bb3ee6a0f3af62f5a50d0b2e20982307ccc24d78a6eee0dad1744c03aa121ed36e59759ee75310785e7f7967eca5794358593a244e1d6879f88415458b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7c066e4c1b058f5b121533c2c352767f

    SHA1

    6586588b8546aec0c4f74299a0e6b90f2151ac8a

    SHA256

    3e6a83f51279db65ea1c956253d869fe7de87f504ae72711e0b00365fea2608c

    SHA512

    509ad695ff55c3498ef0e078a59f300958b13be87b94b8d78d92eb64bc4d17c1b0b5238cd8a5a1d50eafee48df56b8c30a9ec4d81e23682296bd40e89a6c3e4a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bded84ad5cadeeeb5e7ca229b64d6756

    SHA1

    b13589aa31369fe7a5b586668ad655ca741663b9

    SHA256

    ffd582d69668c013e23aa8da86c8dcd4fdff2c12defbc4b835d25fae56277983

    SHA512

    5ad981267eb59a65b16e7cd01cdb3401f196e8af1e78df064ff0c61687ea023812cfe537944a9b9f07bcb0f7bdda45d2c0c802e048f7032a878823393de04443

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    053b7f9a6c24d75111ef39d4f4e82f96

    SHA1

    512217538a8c69f5aa0e2087aa86f1197b411dfd

    SHA256

    397097f876b32c96a84f7fa6468e4066ba4e7e8e296a36e36324c7b0655ace87

    SHA512

    25bd3d8a299cf9fb11823cc3e3da07a74d7a83b87f4bfe769b71b77b2df0f548e9a60ef94e1fafd182ba376fc9630f4aec2c50b5838d145bb428a1e072fcf647

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c8f4fe9325bcdaed2e1d5e5eceedc349

    SHA1

    c9c53a89577dc9f147521fa12444272482f6b8a9

    SHA256

    4df1e2d45efb54114f63bc70c9b0e72ee53bf65ce283c2220d3f9893fee7cc4a

    SHA512

    45e55c76d59caa350cfc96dc96a6a37c517ee656f06215965bdb6b09f39af8b05a998fe9e11834ec6fa1db18cc8e817f30c04b02a5511e5663eb7b13fd28c33e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8f444ce9c932022ccec6dc156a48ee94

    SHA1

    0898978860f5784cdf54e6c6f00c010800daaae5

    SHA256

    feca80f15f7a1983a5e45654fda2de56fbbd5baf3025ef37fd8ffa210dcc844d

    SHA512

    e1b85e791eaf7fad9e76ba086a1a578dc16a3f384b78b8da2f4283b29056a00f93d31ab92386258317e889659b265a6f966a55973322eed6a362714ebb1b4540

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4f85fe606de607937f422e68bb49149a

    SHA1

    7aacb65718f661e90b4b46ec255e93f54338ca35

    SHA256

    97c47bbaf11ed6fb2d80563615b5b3078d92befda4be6c4db03080b0b0719728

    SHA512

    5c6a1b98bc57502510bbb7b4c6ee5e605a88e080504c92bd117524da7fcf0b58cce395525dfade0ff110c1a8374a5e22c1e3cb869605508f7df464e7f916822e

  • C:\Users\Admin\AppData\Local\Temp\Cab433B.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab4417.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar442C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b