Analysis

  • max time kernel
    117s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 21:31

General

  • Target

    a6a8e49034667b7d58a4f5a5708e13aa_JaffaCakes118.html

  • Size

    20KB

  • MD5

    a6a8e49034667b7d58a4f5a5708e13aa

  • SHA1

    8bb41ecccc37b7dd5de8e215e630a1f099dfbe72

  • SHA256

    e064a9ebb1e3d51bd2f121eb171a0e9100b4c89c8044a2c6f670d1f90090c6d4

  • SHA512

    28996a0004407b7fe988fc4c77164d46798e59ef6ddeb8388edc4e11bcb5ddeaf9028ca679cec646f34a808fd4599edbde3b21c9ff62e6007a09a00ef9719669

  • SSDEEP

    384:Slghs8Fvur0/e4HBWXFWIKmofWVWIOW2Bdgp:SOrFvc024hWXFW1PWVWlW2BdE

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a6a8e49034667b7d58a4f5a5708e13aa_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1728
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1728 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2548

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e1b239ecff65f68cc4c488517951037

    SHA1

    722f1fa32a31ec080113d73b8f73ece3e48bb3d1

    SHA256

    9c39745842042f569fb49c4ecc36c58aa13b72083813a533809b9809a1ba3542

    SHA512

    00a096ca0dd242e7dbd2836fcb070e89873c839c047971f2a7280ecb2feee7578ae1ada6dae303ba8c368699258eeb47426f1fa52063e6217e76e556496b6636

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a73f75f96528817ab286f5f168bee204

    SHA1

    56db18313cb7c49e76375269bc3602332a7a8e20

    SHA256

    16cbac547e237b017cc1ff52fd85849166089fcbefdec658f8dc9eef9d615958

    SHA512

    bbe1fa856cb12cc15d8462fa88719677c7c9427012d4d07f995b9a501e61a12d36b8470d3c732b843da3ac21a2937f252f99581f8706316062eae851a5bccefa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6ee2510304088f4b43258783427f417a

    SHA1

    68488c0fc1b64a27a82835d7144d11f55be5683c

    SHA256

    60c6edab78f87584f1d1ce3056d79bb647ee8074b191248b4bf28a1e2b16d782

    SHA512

    2a8c8a7bc62f3ad126f16880b3344fbf3b2ac1505f394368cb85d85e17dda72878225ed60f9b4abaec06b0115153e1fd9e08e03c335c9e02d38abc3e021a260c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c2bcd377d016254caa4dd0f1bfd20c78

    SHA1

    a9194823c08708013d4a6a56dc6db4d8606acc50

    SHA256

    22c21f8b0b85402b6a29fe73cb9cd27399ad6abb0a05f8d2eb5c39a56b47aafe

    SHA512

    a3bf5e559af12cabeb567a1632c834c3b0a6b6a75e3ec20911dfd66207e0001a02c1984dc60a9eb2f434d44dbba9ce27b7a2b9ffac55300241224bca0685b778

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fce5806017e1458ad9e858f7b5ed8fb3

    SHA1

    b81c8eafa018ceac1a79bfdb3cca22cf94fe4003

    SHA256

    7ea6e1a1ddba73254fc8706668ef92a224d1826d75f571532dfe1b91ddf6fce3

    SHA512

    a18f886d91abff79f3558722d7e7a4cfe6d84e56e5bdeacddbe19c8efd3aaee6bbeb580da0a1b4aa8746703eeed53397f7f7c404f1a2efd91de6dd6e8d724779

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c0b72e29d53bdac863dcbe3ec94d5977

    SHA1

    6cd7b239d98d267c5dade22c9534777431332ed4

    SHA256

    e4537b466f5d6ab5ff7bbb99d116dde1f11f52edac3af351bdbbabc997262a5f

    SHA512

    00e32ad140f621cc759f30fc362949f2ab6a7f56d14cacacd980fec656b19a17f12aff230f7d1619d29535695897e3ec464bbea0102f366dd6f055e068ec11ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    00e4d9307fcfa3e65e84b76202060629

    SHA1

    357adb538ecb675cb7286258531e8ee4f725bd6a

    SHA256

    ed98f6b4c91259b755bb47b44257e73ad6fc44448a4a5b0678ce8241a885a614

    SHA512

    fac49ec163f07d70104b88557adc9edc9004925080e746bb63ae8c2da37a4680ca99aff0624effcffa07445663f64a8d3d4efb4995be318e0c3af325cd812a30

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    579e62a2a0ca12ffaf131575f4eb925e

    SHA1

    e46013a734f4b4337e87c157872b9cbbe58e2581

    SHA256

    671bfe3fa7f886da3d27297b7081fea4f44bf0e8e16ad9b3c6b735752f599648

    SHA512

    af9dace7671ea470b1a64010101c945bdf50cf9a39c0e004f533a67a740cadfa927aa38c0aa639accd337744f523ecacdee064f971e66059cbf41d1e15937396

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    863a77605c772f223a71f13d185ec721

    SHA1

    8b797ea447e046624fd09dd870d58d9a4bedb924

    SHA256

    ddd28e8fc24dccd0424b72753b79f084f0767699a5b4fd0770b1d17c2134b866

    SHA512

    bc1d204a9c1447559822cd418c72a8971dd1b0d7b1b4aa760ad5873eda329794d8f6152662ee8908411f391a9c78ee07e647afd86e89adf25a1ff5e441086593

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    941f5c6e876ab72535f892b97bef16de

    SHA1

    49e287c87ce336787d9be930dcd526afb91c7247

    SHA256

    504397b44c6e7d3f046104f1d683be0755a386f15335c73a8ad756eec8776447

    SHA512

    c82545bb079ca10edc516a9f449b634a4f44849bc7aaf44bd3f29fc61c87531e2df3a9921614b7da7a3e99a2f71256cb5b43856cd62e3cb2a80c316283ddbb96

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8618d68fad2d254ec175400232d65e20

    SHA1

    d7a866f8e2e757718e9fdae67ec072f30ebcf24f

    SHA256

    460c1865a755b78fa221bde99640aaeda676b899d5779242f2183d215cb4490f

    SHA512

    b6752e355ee7074c3e7d00f30e6e56cd5ea3751da320fc24f6a70aaad2554854e36a40266c37db83099d73c7ad9bf7761bdca8edb1c6c85821be7209aedd59ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    857b754002ebddaffe64cdbd28823ece

    SHA1

    d14835a9cd4021cbe8251001472e2e1e10bc711e

    SHA256

    5bdd166945320db348222a88bd4dc708b4cdebb8505d32ed183772d045d37da6

    SHA512

    2d8c3bb06ab2cfaccb3f9ee24f446fb865f78c090c4cdbe9d1eed49389e44857d3691436f298496596f318a0e17c7c4c453c7c2e8408dc356b24ff729c8ec61f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    58be22cd1a1e4c62bb50abdee1b08228

    SHA1

    f7fb65e14ce70aaeae4a4d144eb40212b405841a

    SHA256

    07ef617baff424f038af735e5b609548a68b9feeead5f5ad6e6e7ac85597566b

    SHA512

    fcee06824a16d53c829a30f1415eccf53b99214adb0842602a718156d61087f0fe2ec967b69a30da86dbd52f8f96c051e54015f014cd5c018e3991f9773e1426

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c0ca801c2d35ca617adb1c55f3103f05

    SHA1

    9e06d66845cffbdf23a64c76bc08c360958c5b9f

    SHA256

    8a9027fd392e4e228878d98a6bebfe249b5a10c876a271d51a239cb3b774e5ab

    SHA512

    c001d322ec1f63d54f9f9c85447c534b308453d9053f1d78573883a28fb540f58e6a563bfa5e26a8f5d4d9c73ec10a1dd3839db45d7359fdd365b31a81ec0389

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    55b51df9bb591f9bdfc463f002f3ff5a

    SHA1

    1cb67c325f9dbae5f099c8b0aa129596c2d0f45c

    SHA256

    aa7f2e8194bb1914bf305e702258c3df18bfd566b566433a2b2c40b738da2ed1

    SHA512

    0188060ca3586e93c582f22d4943e87e81aad3d3c564652a0cebd44cfa218c6ab2a93151320f35a46b60deab6c382bf7f29e696d6baeced8e43841c16779c717

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    32df7aac2f312500fed34b3f9bda45cc

    SHA1

    7f5f060f0d5dbb30ad769064722c63a53afe577e

    SHA256

    048ab24adcd6786fc517cb7a026495e83f218d94198bed4a4533e415fee512ec

    SHA512

    b43194c0259897e74e68921a73aa83cb4fce777ff8cae848ea8831af6d737cc0751622001c6394dd058045211beed90dd8e087e79cb29c35eab7de0312e1535e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0d99d3622d96e73ce85173a0eb108234

    SHA1

    281c1829c169e73313fbd4b332bfb2429ca2f3c7

    SHA256

    13bc5d5484d541dc7c6c7d255a5d7462cf3a26f7c28e04cd3f2424055f304b86

    SHA512

    f1802db7d6402548e6040ae4a9a5b3b40958018a710911f855851139b26c825e10fbcba5c883a6cd9edc7fc811fc532ec8760d5ebd5f0810d7e238e71561f1b3

  • C:\Users\Admin\AppData\Local\Temp\Cab47BD.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar48CD.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b