Analysis

  • max time kernel
    132s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 20:20

General

  • Target

    a22dc2e05ccd630a903da8ebcd2f2e03_JaffaCakes118.html

  • Size

    232KB

  • MD5

    a22dc2e05ccd630a903da8ebcd2f2e03

  • SHA1

    4f312d7318882947187d1a36791021ee34ebdb3e

  • SHA256

    1fb3df3d18b1c63a832880ecf0ca04571755435283da2ce91e29763469cca504

  • SHA512

    e670d5ebd7fcd75381e4d77cd6b712717513da7481b98d5ade11a11c322a5f8f3b4d87aff85a29e370fb609f2a1debc571b4ebce8b1ab7c66cea6b217c3f5e5c

  • SSDEEP

    3072:S9qyfkMY+BES09JXAnyrZalI+YuyfkMY+BES09JXAnyrZalI+YQ:S9PsMYod+X3oI+YLsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a22dc2e05ccd630a903da8ebcd2f2e03_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1992
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1992 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2116

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    935840ae8475b3abdbecf8a10fa3d405

    SHA1

    231f51b11343400444cc3f77759926033b4a17a3

    SHA256

    3e3674adb507345bfe08deb940294ea6d109760bfd749db0d6cd4df2f6e4ca91

    SHA512

    89a53d98d67bcc96c626f0bed62c4a21b5e9e6a0ea9482993593d2bdacf2f31212ff13cf9f3aad2d58ab61bb4bdb608899540d826af5fb76d41fd4296816b228

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d5a646903423615000675f6aa5b45001

    SHA1

    e4cb7be60ad9e995f157446a701ba7aa950ab68f

    SHA256

    aa52e281b9ba61a0e8113816cec242baf6b71600e0cb037eaf54d40664b16f29

    SHA512

    fc0c4e663e457cfb003547219344f0aba60b8051364168d625431dc2059ab4fde655e6dea3130bf1b38bdcdb4d37e4923fd457ef0e0b429b7449fb92e4c7f04d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fdc45fab33b98d580c67e86aefb8faa3

    SHA1

    597a4c5becbb9430ebd6986a25d78fa26e137c70

    SHA256

    037cabe4bf7985cd538b1f5d9a5b4b146a3588565aaac7c3d4fcff8dd7c7cba2

    SHA512

    0eca0263e155a2b38e721694d7edc78ed2569d07fc96b9e733b2793069a01d3b1fef697819c8f2c9e70c9f7bc521a7e8bf57a3ada0aff6b6a117d3c2a67f5b9a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    51feaa89f361f3955f86fd54cb297406

    SHA1

    5e617b3639ac8d03a5067abc8ed92aeb09d0b388

    SHA256

    957d3810ef7ff2ef3e81e01d1d6e28469003a6e2b944a0e638e267419e50aab5

    SHA512

    970d4420d17a8f3868bf74571d3de7714e471aa263c6a45b142fc9e1c9061fac881d4989d9abf7f0f7e8813135cf0f40aa25a8aae9b6db59cae7416d8f0048c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    726ffaf4f2aa06236a5e789be113b966

    SHA1

    0af70115b075bb9a4fc904b1da386acd14a4962e

    SHA256

    fa7974c839bf0f4e042d817b528ad15f8921b48d5d467e405b61b1da1c478aa1

    SHA512

    99dcb8b88127584067319da38a159bf934bc290e79c15e9306ac741497833208818a94f31ac4377ca42a344f157a7dacd26bbfc75629ca04435bb2fddd891faa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    80569543b422d7a8ea8c5cff0244b2e6

    SHA1

    225ab19c0aff22d8cb0359e7d2ed015607b54371

    SHA256

    775a9039d9c0c935bea7c90341646e7e1df3b57bcfdbc7b003c2f5c048100695

    SHA512

    4354307e752b9df1bce6abe195c3b68a13ea66b1938c9bbfa606abc3f539f95e79f386de2dc91a06ac59492630961a7361d0a6b510e88a0ba6f106d448159aba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c28a6a39832d38054f6ddde3b5125c27

    SHA1

    bc3ef12e6c065bea59f4f93bedaf1db41beb5615

    SHA256

    bb8f37119622ffc3913c937fb33d5a8eae17d9cfcffb4dab18968a349893586f

    SHA512

    aab252bae496d775d709698192dabd1dedaa1d9376fd207a859074583e36d5ffee3c250087d1965527507d5a9d66308f66ade389e14ea4167d88f03ac1f51d70

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    79509fb406c2e06f3e70ea478a41e3b3

    SHA1

    a1098cf124173fb651bc2964057a96bd5e5ea0ea

    SHA256

    ca9a60e47435455650b18d779532ca75d5112d230b4a78b1e4a9e6eb3cd5649a

    SHA512

    6d7ec395b09cfae363295a352f1260e40f6fbee180a420e25bdd79205bf351ee9f250a2962b594872e2fcc9727d8e8accb23a1318dcacb60505200b5d604e960

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ea55a40ca002a0f381d816abe20958b7

    SHA1

    e937fc99443283e79df0eae48c86499387388602

    SHA256

    42847671383d03970837b8fd925a7c04a46c7da387c6ed28e459150128c644ef

    SHA512

    8201f8c50e03da5713400be0c94906ebd91e148a29cc09cbac6ecf25aa2a9fe5f8df30420758142ec89546f3ebdc8458bfe52d78de2f6fcff9d5c0038591155a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    47e60b49eaca14b113d2732c8db7bc7c

    SHA1

    a96204f3e94ef30ff655c578cb4b51a2799e2a05

    SHA256

    e84de4e37ad145209a4d08f992f3f88eb2d76b2aaf30007f566201f533923ae9

    SHA512

    2b843c4e788d0a8420e77e94a4d595b64665f45ce41c1981645e66d88b94a4eb874a2edf77075feb110b057e6439e01d0fccb2d42836dc6e14b1ca75cdb2682a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d2270a82fcb0a0edf32a15036a4ede86

    SHA1

    cead062b5259305cd88e566b7efd389980c9d1f6

    SHA256

    109916d1fc792f40ca7132ba259e98f7b787a197bccc572ec581c6e2e393c0d8

    SHA512

    1fe7550898ec7fc5387fbf527d6fec1be2f46ba6e469ad361aa3e587bbd621ec79b938c778beca16bae9c910e25d371dcc2a992a3866f98356309b1f624a9ca4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5cc4fe3c1890adf0615b25a20d41fed1

    SHA1

    78a58f91c0934599f6a74d13852e6705ce9172c5

    SHA256

    05f4e65895e90c332511a49e7f6debff4d7d49958a4d6cc7e93f6be71321b839

    SHA512

    b55431e3abc6f946ee16080a1e42d390fb5e3f32654ef8cdd94eb298516ecc13f1b1152d06e3ba07f785ef5cb63b0a34a4679e35378ce8243d4c3e7799208ad3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    537ca9a1ed8985f5b127abac934fb0c1

    SHA1

    7c65906ceab56eb6260734f219004694334d37e7

    SHA256

    949f4654207e0888e200045e95e862496ae16827971dc75ac33bf1a4525151a8

    SHA512

    1fb86aecf61877b26b628254409036d3019c8fc99dca0b6704ecefd272f2aa189b78d57410a3aecf276351ecac5d8bb97b8f875631423f3ec229942498176b72

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ce78765f62ff5da4519974c726220b40

    SHA1

    d493519430a2135a0ae38a4cb1ce218bfd41d95f

    SHA256

    1729ca69c0653ba93cbb7c642cbf3fc92d83eded8abff0a237e2d4d7613e9f02

    SHA512

    56258a99f5675e1802c6c6034d6ef087f6fcb294e37f85f7be7b27415fe33d3fd749429efd58bc0220cba3b8a339734d2dc28acb2aa3cbed9f1a66b934d30baa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    888b24fca1790576655afa1a9c253434

    SHA1

    659b5d41669c1686cbd55ca9c0339a40d17f7bcc

    SHA256

    d7f9add06566edc20172b704b459d960266e3585721e7c435dbce969c86df955

    SHA512

    6825bc39f8db674b699eb37880df9b991949596c20606d422b9715b23aa7d36b2c8c50a44340e5c89ac25e5cde45249887043acc09f0f564e03a9d87bbeec5ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    39dbd99e40661d58ef89bb3f244ce647

    SHA1

    22810da48fe694021a55cefd711264a23650370e

    SHA256

    86b430aa5206124b8bda20823f8432a9389cec526ab3b4f19de82525748709d6

    SHA512

    7f5934d0385118e8f4072add07c239cb8b858df41bc00113b7a1c06dfae47cdd133669fc1d15d19473e493a75a0f41748d1b9e2e5c0585b536ec64c3fcaa7477

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1d210a55bff53921d07cba064ac6e21c

    SHA1

    ec40a00a08a9efcef7d522b24a97ce2d6362fe3f

    SHA256

    e2b3905d44b79b47ebfdff486986fe597a5cd04c7ae0f186f7ec9528b4aa3594

    SHA512

    8ff6c25e457d6836f70a7e29e859c7fec84c7e5fb1b5999a594d78f4bce7ee1ca016705e5d5461c2f7322451571fbf63183eabb8c8ec96271e5e7b28ceb94503

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    84f419e41b1ceacaa9695626c562f221

    SHA1

    d271a7192b1583f530d6b456a7ec529910d8af57

    SHA256

    c8397ae025e248d9295109ede140cee18ac45115c993e2c32069bad173f7da51

    SHA512

    6c46c3032d11a49caf0149426b0acef034f708752ba3479ec752748bae3fdf603600cb86d4f53bc5fa1fd7d050a6bc5eff287bedc198fe4015eb0de288bdc964

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b5e75bd623ead85e2ee9919570f7c14

    SHA1

    757f8c241a5c21d8d95d599566ef6cda870f05de

    SHA256

    61c870d6992f5989874c31b311e9980a9df364b68e7c75515dc7f0537bb86156

    SHA512

    a687d6329d7176310224d0f842010599428cb3e81f404894a34a3e4b932ec1d07fdc2f992bb83d5ce234d56eda51a302e749963cd09b08f0ee5744b1c7853317

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d149d6e0b160d6d34d299b45f4eec56c

    SHA1

    c180ecf3dd12a75c2221e7a25cdc01f7e0afc062

    SHA256

    05e56c596b1e34a6d3651bccfc227a6fab47f8774fbcefaa750714c375d80df0

    SHA512

    96743ca20b5dc17b7348b4e8048e7be82843794752cd26035348a0053f39d95e20b8b3dd4c32105004198f233e45d576b7b01150c6536f905118741f85fef69d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4026ae3f2dbd078ebf93bbd852be7ca3

    SHA1

    ee920bfd768afff3ca4d3c614199ce3553fb8d02

    SHA256

    405e4f8cadfb5e7f985d8a468dff6162a448f6cee2ad8d20c26dbef9d9e27070

    SHA512

    33e14b4ad2f7a050a1cc99cc95808fd01f77a75e2b45f4106860b9afc601e604bad54c2b444971e315eefeb45038a459faf1116959f3d04dba13945395af64ec

  • C:\Users\Admin\AppData\Local\Temp\Cab1893.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar1993.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b