Analysis

  • max time kernel
    120s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 21:33

General

  • Target

    a6aa97dec2da85ee7b2124282b77fa51_JaffaCakes118.html

  • Size

    28KB

  • MD5

    a6aa97dec2da85ee7b2124282b77fa51

  • SHA1

    db4e2ccc8c06f0c7facecc42d675ae03ad2f64d3

  • SHA256

    5f9d9fc1712a28d00544ac4060733ede94be7e4b1d312fb3cf82c60a326ff5ad

  • SHA512

    a6d64a15755dccdc8221bbef4c69085e494924b35063d5dab8e59166d80d587259dded207144562cfb5fb1bc3a2560e6505404c9e20352fca63e860154dde665

  • SSDEEP

    768:QLw293ejRxrnvrdIJr8DltcxsqBoNpGvIC:QLw293WRxrnvrdIJr8DltcxsqBoNovIC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a6aa97dec2da85ee7b2124282b77fa51_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2440
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2440 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2748

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cef909fd6fcb88a74efc49259f53e9af

    SHA1

    d7db1f4b9853d3e01b72b002e56a277b069ddb71

    SHA256

    a76f3359ac1dbd7969af70794a25d284bbbb7acfde9f28800ce5e3810d884e85

    SHA512

    208b2c6f1b7a68bc2efaf68dc7d9f5f85dad13df1cd7bd8ead01ddaf1b9fa8205f04ca5e80483312bf58ad6377f617c5c4948d611d740da5909a61a8d8281423

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d3de47cdc538421536b8c53f822c391

    SHA1

    d305e554bb5cc29da73732a53a3cfc1ed9192b56

    SHA256

    bd558bd13c24747b998c488489a4cbe727920c8ff0d6c75092e2ea79fdef72f4

    SHA512

    bce7c361146d4c9f861e402a379cfc9fee6eaa09534a3fc488a6896aefc5335e3c47ee38a473e9a9f88a98f00b2ac28a6e9c271ea163c5c31f5209e3483aaf19

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c877ed14d2fad98ae75405bbb4f2e0e

    SHA1

    22a10522dad69b91d2b70530eff4acc33c2f5095

    SHA256

    2c27e2a1a27d3f3929a3b0e22a45cdd606393e201109f132dde87a3685413dcf

    SHA512

    a12edf9c4c87523382ea95453d2be0976e26e9987a8bfd98b731f3bada27aa64adf2e78e29e17be48887d073934f2a0fa72acc58e19fe4b7077c307882838348

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a2f7182581985cce4c1ea16e60ca5a17

    SHA1

    97583acf1e282b4036eb44e51b79ec64d5c19558

    SHA256

    ee7a6d7f1262ea14d87a351f9fc06922bf55efc618636d28fc882b9d6fa61939

    SHA512

    35bcbbf1b2a940bf1391e78cdb53e0c526f383d8193adbad0fc70107d0771ab6d4cebfb8728f4139f994dc9d35756f2a5f61fcb2f7746937fe9f4948f7679f69

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    33d55204c9d7b1bf211e7ebd498ddf4e

    SHA1

    73af7666a5090a5cd4c127237f80e6e749a06c1b

    SHA256

    fbe5daac4da40d0cf3980678a11be3ba982128b692af4d4229017a559c97c410

    SHA512

    63673dd51172f54d3a3b02bc650b0f460a720d97cda4f0efff833664072509ae748945ad28fc08233905fdc6d2b87a7d630f3990503fe1df2c28a4fcfb64a865

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5c625b313d96322ad4171c9436264daa

    SHA1

    61b98a6da4d1119d981128ac1929f8e99e0c376c

    SHA256

    b8fe5b7ac4c6d15e11b35d50c86a0bcbb6b980bda901fbab15de1356db1bb2b0

    SHA512

    9525a6c4b1554279a3ba4c4fb19fd0236509cf7515dc736e25d30c2803cb47854e65fd601493af35b0e2e6181d901cd9756dcee35ffdba246f862f1a58e6ee1e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e70751f121f1f375175d5e40db6e7fb2

    SHA1

    b8b3e2ad1d6254ccc65d07d300f39d20a2d2eeab

    SHA256

    90c23cae7fc2053e4ab666bd754bb9174542644a13be1c1b59cb99822fe589a2

    SHA512

    900eb0c3d77dec08f658898df6716575290ff3cd1305e65b0765fb8fa71dc176247298e32e88f3bcd94052d19f102673f8b53753fcc0678c5679b2a2f41e50f8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e4af4bba79d4e8fdafe262a52ab57cdf

    SHA1

    47e5e500d09e720164ecfc685b14d73f23532aa7

    SHA256

    07b0fa2b6a394011a19c31b4f5eae12fd67ac08255c991ef70ffc844c4d0a075

    SHA512

    c7c37ee53f961867a4ccd1b33560a55f08410e01f7fdb9c52674b7914bb8db65d44252e7f37cd03ca5dc9190c52c5d3cc048a3489d0faee5600a84a899a32d49

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f3794d2f442193156c771300188bc9c0

    SHA1

    83c4741c1a44ecfc167d70acc21fbfcad102f7db

    SHA256

    9477808df0c798898b19edf49338a073cd3ad0d7a987333edb54355391bfeddb

    SHA512

    c6614a007cd3550c3bf87ab6372b1914820d5bf6ef097eaf9bd6c034b3bd1599649bd7699f3847f3dffd06337d28ab21dce54d6633f302cc76ab21ec754fd3b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fb2f4965b6053b31da4f637b037bc1aa

    SHA1

    c47205364a409ee34a6ae9d0bbfae326138b5e99

    SHA256

    e51fc916dfc05ba0dba8a295c677ae291b0c690514dfc8492e4f007b2506e07d

    SHA512

    45c2768df766791b81f67c9e57d0fafcecea6b0d1e534c626d126fae93f2c432f61dac99bb0862f471307868e68019f868c528d4061aba6f48474b853a42093b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b425f3c2609c16f8d92a43360cac1b93

    SHA1

    a75dc28ea161b4242f22d18f4024e1ea9edaab42

    SHA256

    b0a9703857d47b1249c926941eca06397bde446edf2a80e26e754a7055ccc248

    SHA512

    28661a7d38565499e565f10afc1a2846f35edb3b136f9c2fbe20402bbc8b22caa994c2c80d3dd8ec034b63c59b1be7b7217a7ce71e0e88fdac6813a03bc77d0f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    96dac8baf7ea3f799ec5c02ff262d318

    SHA1

    496fb1922ca4656c45b24480980f93260f5ae327

    SHA256

    c94e383385bb4d3fa3d0554a7759585e68a9a969f2b8cb1265ca00ab7cf7f1b2

    SHA512

    8f888f5898bf3bd09faa76496b17e600767519419a0de649d9c21e02eb1074524c1bcadf69e95e6273238e9b69394dd5d1ca1e6fd0b426728711c4d7f5125a37

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    610fc4889ba1ae9d6e1d5fb49cc8f818

    SHA1

    9f8d5bd38066092efff5a776169b546ffb4e5c30

    SHA256

    4620093259cace100874634a2c330845396a34631ab46a449d02cb5f68cc0879

    SHA512

    f7fd8264206878f9f7c9d385ebcebc8a8349741ba1474780ad0daf9ec3a3e6657ce3e4cf3ec5a027f574abf979a79627d11ccc6e8f962349a9c329ca71c49cde

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    75cd8a1a96ca5494a458d3d1b674bf8d

    SHA1

    a00eeb6cd5f158e2b087d49daa7bef21512a8f7f

    SHA256

    a140c7e60b407461bcb5ae0788deeb940e78aab74fb715a2b2b95a7107bfef3d

    SHA512

    bfecc0082dd0f5438fffca9ca29d7e924d3f7d9021608dc99a327e953354cea100bd63e1cd891fde2488577d09df2ae236a472ebde6fea50b8acb8eeff07d64d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    87e3fef268fc7a25266230be9c5e555c

    SHA1

    99fe652d50f1210895bd54c7153e02caa14b7835

    SHA256

    4abdddf1b347c680fac67d6a91fd39ad51107fe9cf7c5cfe85521c090c657b80

    SHA512

    3a68b1a55e233c243567f1d4aac81f7e24479bc318895d7ba988f53d48befe76152045c3ba52d4a54bb5bffd05b0c0853d8280571da34fc21973af6779e15797

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e218e31f6a179fe0bd7e5b77ced024cf

    SHA1

    9ffd6c4fae5ea4ea351cdb1976eae9be012e1710

    SHA256

    f8caa6d5c420cab3992a41485cd194d5ae93ba77df3c1fbab4ec62a54ed51325

    SHA512

    f14be9f2ca1deac7970cb37073f8c42eda90ae047a2043d6f14403b2fcaf16d750e01fb1cdc9d93e141ab2dc5e918382349fb508a5f51184b19a0cf057f2565a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7f7272a52a7e42bdbfbdcbf26d7952e8

    SHA1

    886919b0464b724242cf17f110ad2bcb16a6508b

    SHA256

    4d5c7a8fb2375002d1a6cdccced6d3ff10e470be0e6a1655ce921de42c5b5bfc

    SHA512

    7e61f81c026c46b935908363130d253676e50e46265c41ffd45e254a73fb35353e6286cbf73846adab8a0dc07d1555b984d60bec9abe31f50c979340d1edb984

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    23bd50b1ed2e4f54a0727100404b35d7

    SHA1

    c5d5773b2741b91cd75dee35068b497ed2012cc3

    SHA256

    46422888de5470605ae8a5164fb3dac8879dd7db01bdbbbbeb46033e6bc9914d

    SHA512

    1ab66db033b4e52a5e0eaf1a93b71edbcafafde18aa1d5ea096b60e0c2268f089fd4c5270c6379db15e87b1736525696328ffa68294342f3f17bc26187c9f95a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    04deb7b0e05fe4722e236403612ea323

    SHA1

    03ae843d7ddd1010933183ec9873b697245c41d1

    SHA256

    b83a019846826d377a7ab626104b46d65b44703be99e892ff208bca345d4557a

    SHA512

    dc27f43183b602f3a7ee4a13e50936c9b713893c87ad2386f729c229c253d8d56bf67495602bd180bd862ffb95b6d217db5191d2139de1ce326a0662ea82dab8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2ab7b3395617c25fcae823d6c1b66b2d

    SHA1

    3d08b0f1e12025c8c09b636e29d7a1e8d2065479

    SHA256

    1980acdc357029ed4634644e4987aef5df0e3db0ad3d9c03cc444a66f5890771

    SHA512

    57ffe05932652a18d210316b51fee5a058330a9e1515c01a75550203b945b5ddb0324ff272d9c2370a23641c3b30bbdb9b63d3de1808343f8fc1bac055eb2bf6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    392B

    MD5

    fdddc3c5c5e59a4333990b78c75f61a1

    SHA1

    e3f72ce05d60843921e5ee35a27cba4c7b6e5283

    SHA256

    914df0e46d0007d0933d8a56a6181a6263b01dc205aa80bdbc0044ac72c9b6a0

    SHA512

    672339062fb94324a7392ce4c1a3c74414c4c09d17d1c03c700b9d17143d3a4cfa31986cd702651e543a61b5291a02cb8420323674f06b9033de7b7506dbb739

  • C:\Users\Admin\AppData\Local\Temp\CabB7CD.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarB7CE.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b