Analysis

  • max time kernel
    122s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 21:31

General

  • Target

    a6a81ee3514611287f617b6d1bd5f231_JaffaCakes118.html

  • Size

    460KB

  • MD5

    a6a81ee3514611287f617b6d1bd5f231

  • SHA1

    0e2937c1908535a5431b399b0fe5c1dc8c178eb7

  • SHA256

    d6caea1f1a03bb275e670be3b56e5d908febb85d67b83f29e5939442e1ffcce8

  • SHA512

    838d1933c664c9104589c0d97f96d8315d2a6a3aab494b3942611f23f51de1f572f97e35a01f6431815cf007e46c92b0b124abd3bf4d0c69e1c4db70db7c41cf

  • SSDEEP

    6144:SBsMYod+X3oI+YSsMYod+X3oI+YDsMYod+X3oI+YLsMYod+X3oI+YQ:C5d+X365d+X3l5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a6a81ee3514611287f617b6d1bd5f231_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1808
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1808 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2784

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d91c74b13a2953643dce397c119ddad6

    SHA1

    724034469529c4e801dedb58d7a95c02be821306

    SHA256

    3c802b448905eb6d407031cbd768e29cd766a421d9ef6a234e5f94b6195a07fc

    SHA512

    92cb4553e1f97074dbec3d9ec01e828d49e4e200d78d5d9184d241ac5f24378e8bfdd97bcac246b21bcc15d6c8534d813eee5b653f5c8b6c7a408d69e28b8585

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    683dea4eb8a96d7d6abbe445bcf74210

    SHA1

    02ae844c502c5a7d8bae2bf1be835708e23ec477

    SHA256

    210ed33273102ada6f7e1161c1465d2c423fc22f1b5a5c3de00b7c9de4d15835

    SHA512

    e04b26f0b37a3f49c7008ab9a0943f0d862bc97979301f971cd45696571822e2850e48f61ca5753fd9961eb4495fea054c788bd48fbb0e2309b938739109ccc4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2067253a9845dfd1c88efaf472bfffc5

    SHA1

    8ac881897fbb896ab85ea6400d19196bcb519061

    SHA256

    240abca15dfbf5601bebc71747688f1654f625b4e328292a86373224671321b7

    SHA512

    07ed1ec80793b75bd45bc08dc2193042199e4ad56b47e61443db931102a9ce59b091cc1cbb382fed70c5cdd9c680ce0dbe7423fd46fb8683f534e93a8b51bbc6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    72238670a7468450de9898a44b66a1a1

    SHA1

    64887ef3710246098133b634c9affe09bf52e7db

    SHA256

    39003b827354d7fd305ef944b142da2ef2c928a0faf947689a1499427b67b6d5

    SHA512

    b33ac01a8014974df0ecd84b82a0ae4e8b1b1861ed88e1338b7b415cd690219c96bbb65a43870d8c2114a2e8366c80eaa3de5a2ac35b6a22b46e1a79b324b9fc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3750587a094f700a0004c262067b368

    SHA1

    51c32052ab25dd3409eda29b5eacb85625b22463

    SHA256

    9fab7cee9cc4085e8206d2284848c20123f71c8f9951d0d06edf3c1229c131b9

    SHA512

    948808d6fd573b532bc613d3b045f5ce629ac41baaee0fd9322ef8553d5d99f349a76887ae53b259946482c53bce355aff58c82edb6d99149feebb3fba5aa27e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e6f000cc168b94cadb973bf61403e86b

    SHA1

    0ff69fd8d2b605e7b4c02fe53148ff9067957a12

    SHA256

    f2e8130b20d600f4559c483bd75fb20bfe9193c3e1a119206b57f82dc5367646

    SHA512

    8593253b8508f0c0d671477c10f284e55b849b7472316a6245c02bb658a9222bb0f66dc7d0fe9877ba62c32164295a03fc3c719d0bc1668d35bce5bf6b48742e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd5de310968385dfe8ab1907a06a50f7

    SHA1

    683503ac661512e4865fa15ea3dd5719647306d3

    SHA256

    670d6f3b3f6cc65861be4bfffc53aff6341fe74d81b791a35c2d52e77b6c3d78

    SHA512

    f5c98b28478a7b5e81aafbe56e3f4c679f0e089be8bca008222a052d4805a25131cf76fd7015bc99af3afaf499f7d2618fd516a0e320565cdd43f11208db7b6b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2acb1dce8de85d2b9ee04cfdd2dfc16c

    SHA1

    ded2ace036d67a3241e916eb8116a3bd1803770f

    SHA256

    94e1fa8b9afc712b1bb92984b6717fe8651557183e8d174d8a91984fff2a6a1a

    SHA512

    1f8db78c8dc45cf6baedfa44206da1dc23e7e5452ab16f2b7adddfff436bc51be048a52a8cc945cc2f1fb55cd837c80f0b1506485154867736e2f86b41cbef95

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a13826608a10217ed0336bf9faae065c

    SHA1

    21daeb9d71956d6149f3a95c7be0280bd04c9667

    SHA256

    2bbd221a3d9411fb63dfd6d42b08ea5f517ab09c14ed79b99234532f4a485eac

    SHA512

    4aae69b4627d8808165998bc5b6552eac08339551c5a3604b8a48dd32f9454b43b579d3617fb67826f624f00dc0f561ad29f43086e219a4ca15f2ce3adf566bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3a8d879eca96ffa90761c823e86153bb

    SHA1

    419320e2c58a3a6a96de59f5605a5db7f647f78a

    SHA256

    c63ce36de7cb58847b4d22fe69ec57d8493c3a3f2b10a36f11a0e0d80b384734

    SHA512

    a11cbb030d7bfedd81f9caf571287f02a4d9aca36b6c8ce58a7222119664335e61993daba2d236111b14a3d8deea213fc0e57ee7fee20167161af2a1bd6aba7c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    01a171e85aa25e4ecfa5eb7da9132399

    SHA1

    c77ec3c06df7d4bd4de919de8286c8ad59b08274

    SHA256

    f2c3d88cc6de7e5cd9207b744b5f9de831315076f93cc2329899fc6635718801

    SHA512

    2eb9533a55895ccf3487ee18da32f9d91265892e55f1844e2c02af109f75418cf0f9851ad3bbb69dbbc7a7c4c6447880e3b0594ec863816a73c085c237af65b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ad6ef51733d4b2f660ffc23c2c705d42

    SHA1

    d02b85aea231e2e4480a58659c93cb33084dfa6a

    SHA256

    0ac798614d090e4f61495d56d5531c2bd32696b83cf7e4c8449dc87582b46304

    SHA512

    a628d8d90d392654ca1d35c8177d0a7114abce2de09829e5b8cad0be5233a360d4bb1696e6226f2cda2c7c305809da0d2a8d1885e57443bde454c385eec229f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    74c16e0659635eac97e5a72683adf50d

    SHA1

    d865ded742ad272cef75ac11fc0c140e4245b45f

    SHA256

    40c27cac335ff8683d7154a590d377d67609dd39e36dcb2388ec37d25cc6b660

    SHA512

    571381a4cc13e630c63a6aa40b1013cc4ef9f53403eab7d84e5e4ea0c7e9faddcb1c848fac1f78c4af1e9c19495345f03c1db90911a8a5415525866fa1a8d813

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    54232f2dc856cd581d3637020658a92f

    SHA1

    5e563d4ff65b87e80ee3b3ce6ddcccfbc54ab0a4

    SHA256

    2261285cf6e36ed7c924a6aa50a1343cd041805a558f11e047b5e3572124b5af

    SHA512

    677ca925dd06ce2c18454194f47ef1deaa6c7e209f84dfdc919c1999fe774657af10ac73473499bb2ec8946698a108a4ac3bccbd61d86527661ae9ef0ec0b23d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7c9144fcec3883611492a209b4b7d6e9

    SHA1

    738ced34811d201547475b0d983937ec6ffce302

    SHA256

    44e3b458debe7b093617230f6d56df3be64483a905250c616924e9ed9840b1df

    SHA512

    8fb52016e540ba1ffdb538dbc0c6854b30ebf4e1c0780ebc3b5bfe462f117dca1bbe0180c3401968f2facb5cedd7747e55652fbcb34bc4605eec032d38211fdd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1bffea1149e69fc060f43e0b42e359e3

    SHA1

    019ec6f56975b4038089be1b3c7365f434ba87da

    SHA256

    802f6d59102b9c99a3f56eb280a4da0251c9be56d3c7bb32629870fb3e849bac

    SHA512

    c19414dcce3392a22634c62d2fb4b5d6137fd6c771b24cb48cd3406b954eb2c69cf922be9c75dc1ba4c274bfd22f4f9722cd7d32448c4bcd09626914ef0bde46

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c6eb81f9d7ee7a6bd3fe40b29d60889

    SHA1

    df93a63f8b2b81bdcf4d8cc10d7e46c8dd051290

    SHA256

    f92d03ec17e6af2bca78792dceabe3991390187aec3d699be2b9f80ccacaeffd

    SHA512

    c629558ed0d3088cf7a059580593cb8b39df0e0d9ddde108826455feac645f77b11e41fb6f53833fe7a05379d2837608cac90f206817f496b9cc369778ea00bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    54439bc67d4007ab745e7d1319e6b93c

    SHA1

    6061c0a376b50dea73914e8757dd862a329ee2b8

    SHA256

    42dab99bb09cff05b6b61c3826a64e26060c496d9b660f26ed807b3070e96c58

    SHA512

    4ed16065fad24645858fd69667acec1cd9f96877a5be25114dcd0634048bf4d9328d723220807e77b7b02ee0505f723110855bb77f40ecf4493fbea80f50f8b2

  • C:\Users\Admin\AppData\Local\Temp\CabA4E8.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarA5D7.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b