Analysis

  • max time kernel
    137s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 21:32

General

  • Target

    a6a9f20b8d15db0641a8cc7ade951bd3_JaffaCakes118.html

  • Size

    121KB

  • MD5

    a6a9f20b8d15db0641a8cc7ade951bd3

  • SHA1

    2e943f8db53490a1d22b53290908f41c26985ebb

  • SHA256

    ce26bdff2198f2ea4f816c390d8d5d201c165973e2fc9ff715fbe934b9b3fde8

  • SHA512

    e0768eb48342b5f8c989af59f08d48d2fa372af624dd8ddd87ef34b4380eba33b3aaef7e2dd94c7495d59371c73556209608084d0f4bb7f8c931b976b50c00d1

  • SSDEEP

    1536:T2dW/bMaQOuhCysyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJA:UMoAyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a6a9f20b8d15db0641a8cc7ade951bd3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2012
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2012 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3040

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b5264804d69ed21a76418407b054a88e

    SHA1

    9ba11c8051fb4692bab32b2f0d1927ef75f55c27

    SHA256

    e751707b06456ddd633c9b11b1f03cb022f9cd90adf342435caab9f44ffa53e9

    SHA512

    3ea04842f589790fe54542db102f79fafc4feb1813974eef5d491f864fc5d2e07776644f6938a0ad8a6c2135f268dbb3dcb78bcfcc6eb2f5ef60ca11dbf912d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    30fa84390f7848ac8b49432d064e034c

    SHA1

    165255ad0e4a66f1aadcbecd0fec6fb9e3546419

    SHA256

    2de843f6d43e0e78ae02ad9082e3c1abaefb705edb52099c0e872ecd30fc98ce

    SHA512

    6d52ecaa8a8f6d820a860da8a6ea3271ca1abf7a5e9b7f08025348259e884fdf14520f937e48e8651b76ea8c57b0212fba3b04b38d15668d44b5abaa7fb28405

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a9070f6479533374d929e457ebe83046

    SHA1

    6398066ced02223e156d4014a5a5b129c04e8077

    SHA256

    00f900ec02c472ab46a84c97562434ecf970dab5c24192884999e83a576a4c64

    SHA512

    bf24f9cbd8321ba99e0924fdde91bb63723e80baf629d10f43e9b37171274bed999cfd2d44e89349767a9f4b2dea19f20a45bb203263696cadaa658c62a67cd0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e2289cc94c609e54a4220ea7f31c6c97

    SHA1

    354389a2915c7f3ddaf555b5aaa146c7ac2227a0

    SHA256

    2bc6c003c79b4d081d31c2d5c518c26c1e6a1f3b06712b50cff2a828b364859e

    SHA512

    82c3ec53fa28965fd40587e05ddd04608a67610e5131d529933ae9e37506debac99dc97dee7e87478a6ee798910a1384e2bf78d209095aaee31f30ee1696bf36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    69ca2f5fbee0f5e379c950047c959dce

    SHA1

    57e46c9ba34138eab4fccdf8934cc432680c8471

    SHA256

    c39f5c755cb2cdbdfb813b6fa7e5edf9f551c99fb1d8f4e11fe457fb87701a26

    SHA512

    8e9fbac25ba8d340984ade36be9a32aea251fec83df135a8dbdb825b8738b2617ca618c3635451ccdbf5b86b3e559815fb3ef9f2816012ed860dae203f8c23f2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    812905a8d0435249a36f444b2574a8e9

    SHA1

    ed93e9ca046d72a2966844423e9166d1e0c7f70c

    SHA256

    4638bce4619a16b2e1ca39be60c73eb9dda279e9cfc271087aef995629a4feb9

    SHA512

    89023b84fad799c0bfd451a586995459fb5f3716acb196c8ba838bdcf4d69af543a72d4fff13401349101f82b3933a140c91eaff87de8340d56db886627ce242

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0d1359e5a437fd99fc4d356525d00ec5

    SHA1

    f0649295b8df4ccba2b384fc9fe356bc7c8b54c6

    SHA256

    d6f8497b28243feb23aeabdb4c5a7e46badb7678c8f780ff6aeedb3d5d85c608

    SHA512

    2721a1a5ef8b971b77771e0667e508e23c02d441942ac9c287528955bcb0f543a9ef7c873ea9e58859b0b5d8f4c1f39c504905837e28c21c7d4a0680eee57908

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a51612254171be9c12ebbd980d3a8fc1

    SHA1

    376ac5d7a34793186f23c549aa4845f4ddb5acfc

    SHA256

    ab3defe8db5098baea38d63748b5bf11890f8c3c3a7093a53a74f1c3f65e81a2

    SHA512

    39ede53645f6fae90a2b08e87de1db43a1870fc58946b30a52d6d6a353cbebb880539c5367ed82b02936b13d83915ef4f6759603971ce5a1ea82e1c8d720a8e2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1e75d9ba1497ce1709b93292c74ba023

    SHA1

    84649ccc7caf6df0383807fe49f70ca21a768862

    SHA256

    5377a183b5e0190908ec06f5d322047b7fba31cee00faf262ea064d40c071fa8

    SHA512

    44227a658bc01540db0cab1828fd11101a787b3ea965600e0ae704f18e4dfd483b6591c3efafb68aa8494443e29c4f4fe588170a1ba8ca261ce5053d86cd9c4c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec5c2897da3754a56fa9e1ba93107b21

    SHA1

    e0c726d894be0dba8c0fec7ce06d98fce9cde75a

    SHA256

    4be2baa9303d32d00d5b4a6dd0eaca5b5d76afe15ae9634283603815857661db

    SHA512

    bf6935eecb59dbacebe2dec5780afc07e3356facfaa635d3ae6be78622f236b4f03a184ec5501f5a690842091f2cc0cbf4bae84265f36958675719e29697fb44

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    896b56be141af9b62f6ad7d4e6c1deb4

    SHA1

    c415f22250a9f2744cce1c271950b2602347d0de

    SHA256

    cd83929dd78f9da0af7e17344064be09fc252bb542ed1db0dc3528fffa63112a

    SHA512

    7d63c07196de8a8b13d767ce5f65cd6a49c0c228d9a706cc1690fe64af70ed469990e5b7be65cafb1ff4f25f52e829e029ec6c908ad5d7992258b49c1b59367f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    86980b08afb26c9607fe8deb0d0e526e

    SHA1

    2da3d233970e5278a84d7152f95cef795901da1f

    SHA256

    8aad4c09fda9d6b51f5d8178f8e94b58f453270f0a86fbcd23815d5c601887d0

    SHA512

    f928bf3346b6d424e01badafce97227e296c8119f2b0a78298c4e156233487b50f040b366d415d731ef1aee9388d466969583b3706bcd4bcf1eed59d8bd5f17d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8e5138ddf14101eef1d16299d8ee20d8

    SHA1

    c000598a0d3607ad68e04cfb21e4ce65cbda9a83

    SHA256

    d38cd27b809fa6ec7083d5df4cbda6ecbe4088d875a33871c04d496af6154582

    SHA512

    2c08892ec399bd86c14703f0a059a6b78d72a1e106d5b6c47b2d59b0ea15d32aac348d27115242d1862b72c36ba72a8560ee88d3ec737e4310d0fecad3511910

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3b1d07e5ad27bfabb85b41472cb0cc29

    SHA1

    640cbfa493c1f36005220b4dad583a821fe1a807

    SHA256

    16ad01eb961b1a19a5cd98f42ddb8f6326c5708ea360ddc84d022070655be979

    SHA512

    979071ca832034bdea288bab88f104c5dea0e37746978156a635f147cb61f2a56f8e4c48ee349c0ed931161eae6bdd1ee1ee9cc310106e20a03c17c669d61ea9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    970211ddace9953cfabddc5bd1988162

    SHA1

    fc2abde250afcd99aa4ac3bfc360e82c06deb439

    SHA256

    089c9c0459fa5bb3d436677a9f69e8572e2f85850e7db9418c92e40def3fb3f2

    SHA512

    22101708c4b35056e9028fe22f2da804a9114e0e79c4054f8187e89e6cf8aa4a7810372e262a56caf8a532265190431d753974c8791f770b78a7f558feaa339d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cee533b101b2cb92bb35b678ab7020d8

    SHA1

    7232f4ffbf0469beb5179b7ab6d39759dbe013f5

    SHA256

    4e408af49ca6951939544e3026f80d517774cd0f1e76bdb6388640dea9d14e71

    SHA512

    133c4a959cd2376e83b5e71a7fc4e15bb289bbc97dd149f72915bf867a8ff57cc90724d001cb373e26ddad0fd4b4805c7888add7c311e71a6c9c8e0d2beae6a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    843ba2ad002f48b5cc5488e921722eb2

    SHA1

    b79b383a1388949bcb3a419f5e7d9a3664d49a73

    SHA256

    a3f495266268ba02f871c6bd97896e5f75e15b5ac2f9bf2cf4de57326b11b31c

    SHA512

    5b7dc13a23b861e8f7f52a35de86344600ac4ed18a81f5b6d9985315c3b8e248a2461a4cefdfafcb7d47d8163638d26ad6f9a286e88c82af863bfa8934d19f56

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d2c26cd9d900902d0c4e2ecd5b9d814c

    SHA1

    4fff34cdd3e32c696df1c53a38ffbdb2b7fcca10

    SHA256

    71585b2b95bd34262248c733a52dda17e366e54ad1ceefb3e03fb894479e136c

    SHA512

    a44dee3ceda4da28a9b358105fb1e5c32a482218eb73cadb3823b39dde0614e24890667fc7e8b26152241074dcc26f77f7607bfc53f814ecdc72b2bb05bc7eb4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1414ad02064ae1722c86d7c6e069d3d7

    SHA1

    bbbf1ad5f6faafb0c6b3c8dc5235c1871bd90385

    SHA256

    baa59d181816ee6d3f6893c8688dc662f3bfdda8f46f8055543a8bb0fd9ea847

    SHA512

    cbb0ca5914438f8d622512d47ca305918996dbaa5e0003642849f7a411139329c050c0eb965b01c9ee2f8e30381d3ad6ee81a40f2d991f19c680726814b0ae25

  • C:\Users\Admin\AppData\Local\Temp\Cab5957.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar5969.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b