Analysis

  • max time kernel
    121s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 21:32

General

  • Target

    a6aa17ffdb6acf73eebac79bcde1e030_JaffaCakes118.html

  • Size

    13KB

  • MD5

    a6aa17ffdb6acf73eebac79bcde1e030

  • SHA1

    d4265cf4c5a9f93a3f1b6b9a4affd2a3f7ddb059

  • SHA256

    4656f0aa576bd77a36faaa4770260b4f81eb17de6a88b78c2525e9a2ecef5e7c

  • SHA512

    2ef7e4736e51626a6eea71cd3b4bc12537f399afcb9dd13a2718fc6b0e04649d2d3d35fb0a3db5670fcfb64ed8369d6fe997d2cb4bca7b193f49e7094409393c

  • SSDEEP

    192:SI846Cvov+Qkiz6C9G72T7SEvhdzFz1p6QQ6FF6EZ2eMXcfI5OvHU:SIZ5A2Q5vPB1pdQGF7Z2p8HU

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a6aa17ffdb6acf73eebac79bcde1e030_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3000
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3000 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2200

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9f75008214ac5229eeb5c2488a609cda

    SHA1

    9fd84c3b492607778e0d10c80f71e607fefc7abb

    SHA256

    14bbb53a4e82393c186c3a68daaa98bacf4dcddc1797e5ed8bbf092e5ca30f22

    SHA512

    c5f30b6e1d4bfe7b2a74da5e4c87143307e1bccb07dcee3ea09ca73852564dcc69f0f3dcc6fe5dd485d03de03c8919aca6db2db81e9ffadff9a8297e53da45a1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6637939c64eaee9bd6fccc80b932fdd0

    SHA1

    63ef437a9218caa1cf80b4353398e0090a5c19b0

    SHA256

    e73ddd4caafff1d46682c159313554bd07e8e6e22ebdae4d83062caff66fa297

    SHA512

    9196b2d293bee73e0f67b28bc6f1f9797eb52ce034319e9dbc49cc5c40454869f5568de9c7a2202ed83ab1dfa1ae36f586f8a4d8dc28037390c66140375b188b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d08d251b9ab06b0ccf2655963a0f08f6

    SHA1

    09bebd099fd801fa36e2b1ee93420850544b2218

    SHA256

    81802dfa646988e6d827576e98b32298bbd8a5cca26d266573174ac3261a16c9

    SHA512

    1b2b1b50ecd666dbc6a7ba1ee7a0e68363536bd1805019adee052ba2df5963cebefffcadaa9ca8eba0766fca0292fadcecba6c14757a3293bdb651fc9a505a80

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1eda592a663675f74d46faecdb7a5d77

    SHA1

    6a0a2f13bc75d4c46cf60f66877b4af395021334

    SHA256

    8094b828748381805c087faac1857230c303cb71eb614479adb7cdc052ff1344

    SHA512

    5898213dec2e7d3c2af93c79f05c18d326eef6a4c76d57451377b3d4a41a7fb7cb4877819c981d0f1af3235d4128cb6dc6fd74e7d911367fae5d64f00da46db2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    203b84a23fe43f265597fcf3ee7effb4

    SHA1

    c02ed3d39928730b4a97587d08be8b3ea39e0582

    SHA256

    502a7009299c20f999bc9839b410da7f4cd08d119c948d4362bf546810d9aa8d

    SHA512

    f65261f6b5c1b501e68941a5891a330c5ff0ed5a9e2cb586d5478dd828bf816f12b131fdedce5696c9c08c2b11894229ab59732b2105618494a96e49ef3adece

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    65c2e194990a67ed0d8e5ab2086e4048

    SHA1

    863e37013bdd8409c6c6e07c5f73da7a2bb0fc50

    SHA256

    d76ec3fcc061e6972abf96e5923b65beababe91927c2d2b0641c3941eed67a1d

    SHA512

    6635b74560c1cacdc4064ac77797bfa8fd1fcfe53394c86dec57ebb8d9d836bc03444f39ded269633a9fa150a60776dbdbe10e46ae0cb1b9f26d9972ef6395ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1a0a028599a6cf7c1b3e32c815e7755d

    SHA1

    9f5c6765f0af3a9d5be7c709fa11ecd7f804ec62

    SHA256

    f56b029fdfa426a9bded6f498baa1a6ae72cb4ccada1981b2a353ce4a623daae

    SHA512

    3196097fc658a33e6dff3eb597c28cddc4de5318308e89f779175548062e1ef37fee1fce30439d7197e7bd2a190186b81f162211a59849b2173e3cb6c037a3b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    52d769c1b6f8b51a0d6bd61d954ea5d7

    SHA1

    f79121d087b4c073fd551ddfc2e10b2e87672a5d

    SHA256

    fb932fa7169ade1866ee0f8d158b19174381e51eea14b0860fd8ad341863a6db

    SHA512

    cd00507288e9027704339983d8d1839f0f602a74c8984cc67b611c4479cb7e088bb8cd6ab2f582f1a2ae248e9aef0c8c0bbfa134fa733392d420d0e64f1e2922

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d3b7e51a4784f946819326d3d9bb4b4

    SHA1

    7933c72e187e352ffdea6062451a55308f8df685

    SHA256

    b7f8659179d4beddcbe1231025e4004a3189827846f36051dc2e593b088f130b

    SHA512

    7b57b4c02d20dfbf1dd144c203a5d1a7cda7d682b09a6a1e8090f5e670ddde88f7b443c08de97ec0d7e059559e9335689194aa5fba165002fb4a1fa14e6b3731

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    20aa2c1182bc3383116819d301ebc5e1

    SHA1

    801618ebd123e5149559803f75826f56a3d4b5e4

    SHA256

    25d5c29c012bceecc11055b147e843e645eef55e6461c0cd6018791a1d7274ec

    SHA512

    7a4b433f2c324de708fc37080875ae7140a9370aca6e6ff2dffb3178a8368208d9fd5c74ac05e7a264f86cd788f42147f2f4b63dee9768599730868976acbf35

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c4edc524139cdad8c7c2ff91d7ceb16

    SHA1

    83c6fe14638d1f868cca5c02408eb81e5e33270e

    SHA256

    0bc05f9799a456a417269d8704af76bc68113acd3eb1acc881538379921cadfb

    SHA512

    67ead097043fdf2708f09b8c0674afa95357d825160f37cbc6dabb20812cd285e80ad48c9dc2488d00d6ac100722abc44be39b31415e7fd4b9ea0f1e2e67f40f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    50f9c2700c2e5f939fc2098dcdd23716

    SHA1

    1d909c949ffad826a5d31b88555ee8c19985776c

    SHA256

    0d2b84eea6e47d010c15cf95f670ce17f3515f063088bd0a0d30b4b425a8f232

    SHA512

    087ff6fb23cd549e274acde0f72ff6210df2327079b13427fd8fb12ec34645fcecacc708b3bfc8a9f5426650ca6a86c6618f7b0ac438a3af52c9e875a54e7ffb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    284ce561deb24f1626da4cec64c1ed14

    SHA1

    14d685b0f8821745bce00fedfa4900cf56635b47

    SHA256

    70686257438abe9b2b1da45546ef2647f5a2528534ce79e2058deef0b33480ec

    SHA512

    7c53abe810b6d8663ebfa738b46c3f9b48cc7920f35172d4e28408b05e19f5459e43ab422723f2f3198e75957ef46bd48856421b5a17a2a7e226fd76d084cc69

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0003f2e2a868aac05d58993e45f08ad4

    SHA1

    677eb0a3a3752c221fc1d54dbfbc94166506d182

    SHA256

    519b817086639f542236858ed33ae795b2387fae83576ec4c27b963cb2fd62a9

    SHA512

    a5258d5861dd35c52115c56c3ac19ba13747a4f2a4445e7bdc830b2d86a52ef10564cddf3cb4dca8103883cf3d8f70a0089a19b7af7ef6541ffcc7f33620d388

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    897369a22672eb5171ed08e815e43973

    SHA1

    bd0df5c5040499e5d66bd9a2d31e443c2d35beb2

    SHA256

    05e6904d673163d010ef80a9c1df076fcc8bc01ff155f442df39a0c9bdc86d8a

    SHA512

    84f7088f84bc664628d685187833cdb31f6ac5bcf4a58bed10ef4c6c8af8f24a969eab604e0036a2801176def6e31357514519653e5c370f260ab80056f0a519

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a804acf7b1cc7d890799327898036a7c

    SHA1

    57069fcd43053a537e39b8f820ccb369246ed2d5

    SHA256

    8f2823d1c60c6735fda0f347e4b927d3afd1fd845b70b5235f24d6a6154085c3

    SHA512

    9d06c16cb2050f3fbeb07801801cf51871041d0a19bba4bfe807bd05893d289487527c5f530cbc5ab24fabe76be9ffe9c49d05fd6bcaefab6dfd216488a59ac0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fdbf4c9a2fcddcb705e3a42c6be57a90

    SHA1

    11ff2d9890ea62d6707d516dcc52cd095ef8a7cb

    SHA256

    755d7a3c08f27e9a60dd685d27773d306202d5d5022de8d1d05bfba681412cb2

    SHA512

    84f6f33bc949af419903a69601c168000e7defa3077ab2daf6a6f79a014a5221997c2b37ada3c3bd1628865e083d8b5101fe9a9a8eae88e7f92f213932a3dbf7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fdd4795c0f313884d4a709bfb2aeaa7e

    SHA1

    e02bf6130c5f6910354ae2a3c9f1c4efdc2e3e7c

    SHA256

    d457806ce08af14f1c1e2df855e2868973debb1bcf25ba8b7b9bc4099f734236

    SHA512

    237d6e930ed6123ebd93d9977d296c4f9ac09e6087b5fe2bb043f35039175bac7f77f29e3ec9a36ede27931777a14f2c3254ab0ef3df6547ebfb079d46ae1d7e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9845d9eda85d6e6a9225d50db5138027

    SHA1

    ed17b2a6edeaa6ae180503a81b2ba17160a090c1

    SHA256

    0ca9848241030deff459704382e5b114ca19774cdd171428be7b7f139a8cf29f

    SHA512

    0e39422d9907f31ba12a319a10157185a38fecc69e191376b038a9ebaf042b8971f0d4cf0bd316b40b93805fc2b3069ddf4dfc1a40011d314a4bb9eba8ceffd0

  • C:\Users\Admin\AppData\Local\Temp\CabDECD.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarDFDE.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b