Analysis

  • max time kernel
    139s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 21:34

General

  • Target

    a6aba91686d353a88ec0f4807b2625b1_JaffaCakes118.html

  • Size

    67KB

  • MD5

    a6aba91686d353a88ec0f4807b2625b1

  • SHA1

    9d57e8116f1efd52d6908eaf2b33e406b657029c

  • SHA256

    9203f83f053f3772dff5e4451eaae1d7400f38b0f805eaabb827bb29f04f056d

  • SHA512

    64cacf61073953fbb521c69708b05716597770b5bf7242f64c76c5c2f4e8aa3f6d1028ca3ac1ed8bebd6c7effa246a50a8bcf7b88d54a90c5624431ade48c7bf

  • SSDEEP

    768:Ji/gcMiR3sI2PDDnX0g6Zi6JpHhoTyXqwCZkoTyMdtbBnfBgN8/lboi2hcpQFVGo:Jd652T04en0tbrga94hcuNnQC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a6aba91686d353a88ec0f4807b2625b1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2172
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2172 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3008

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67eb4efdc0f4f0323cef79bda63b2337

    SHA1

    d2f0b97558c45add1a5b080582ef08b6ee38e3e5

    SHA256

    85d93f4608daa118f6c494a7a1369595e9daa6ab59d0230147b8c0d892f0c97c

    SHA512

    32741fc4bf7e8ecbb6b69151f5f8dd1997fd5f43b9b462ef9dde589cce1b507274e0325082acf9d515b7960a6d8044b2459c099ed3adc1d7d9498f00367b1477

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8e812fab7fb1b17a79381f1ad8255802

    SHA1

    0eda42544b3a4ea936ee1b3f8f364291ebb4f598

    SHA256

    880b8218ed45a8dddad1fa54c0c62d55fc96326e9e639f988a88745a5d431c65

    SHA512

    59a496f6d4fa626b1fd581d2ca67a12070e0be174e5f52f2d2647270903ed112100607a98675676060368fff048277f6ef3ad60a76c232759ba38fb5af2b52cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e2bed2fc5c138fbd4b0483a7ffde2895

    SHA1

    04ef828a719b532520a14f705316fdfe69654179

    SHA256

    0c09a35e14a2210c4a0b1b0e48d9c4b71216a0b8d0e2ecebd4e531c1c0a1ad90

    SHA512

    f3b1ad514266d8238241e25958580d68cc3f3562f5f249cd1227845e1b2169ac5147db4cb21c292c5f14cfa6bfb8e64ad70813b545e20ecd9cf7e8e9a1af0e00

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a760d97c71e5d1ecf47717e5b0cf2183

    SHA1

    aeb1b559790589cadd710ebc8f323e57b045e08f

    SHA256

    72909445e28c706463269cf26f7228ad7c80beaea46da77618b29897126ea18c

    SHA512

    5ce8f4f86654f4570da835cf4cd5c195e59742ccc5224d749e3127a9f3e923205aa46be68b815fd664c40433ae7d91b349e4956c407f6f4da99666252fed9cc2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b943ca2f3237119ed76e67b7929d5f76

    SHA1

    796e14370631c59e3799e80da7a8998f59ccf4ee

    SHA256

    469f96d9f58039e26d77ea15aa9f42a1c53b5df02dd281a5f15e5c4db3627c6c

    SHA512

    35b9ca8604cf69e789c5678d9b63ba550ccde0b96054af9a6fce82885fef3fe50ab77af064da525fa730fa8981f7d1f4194d5e886e4237810d6c3ab478f58e03

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5fb95e12b93a0768700471a9beddd6ce

    SHA1

    5788f12fd9f8b6333b5c9c09fbd5f03166538359

    SHA256

    7f0d6493dc2c1f169e4e43bf04263ed257e97079da20e989569944d07e99a515

    SHA512

    fd49b0acd6e943497c17f9ab94b322464b7ce335a25bccd5ac58a9769ad52bd09778afd0c0a11df70cae034665a032741b0fc2145aca8a6da82a1eade7eb74bf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    74ea1a4df0659e7556ca356d09ab18e5

    SHA1

    99b3f27acbba18757d1786865f466923fc78d839

    SHA256

    7f75347ac5c9171520c1443ba9420b2889d5b60a5dfe32606de1edae902517e7

    SHA512

    4f698f69608a0f8682fe50810ffc288064adcf7a1d8fd1bade398f2f827af9fef9ebaf87d622af5afcc852c912168340b9dfa80b053c8da307ff40bdd68a882b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d04ca72c2d560cf6b7a62392bb3411d4

    SHA1

    572e7f94eb1e6b57a91dc79af8bb2a5c9c487a57

    SHA256

    0cb4e20e2aeb17c5e7259a3f27789c1386197fd9ce617869c8b96c2dd8be6ec5

    SHA512

    58a7044c2ccff94e052df304e4e517453709f809f266c7baae78f1aa5adaccb762915e18547f1e6e251e0dd8aa6ff68a5b0e3aaf7bd904d70965b8a3a519f7ea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7be77512a21c0cd30a6bfbbedfe5fada

    SHA1

    7956b37e75949b0a9710f17726abf3b164a33044

    SHA256

    8a1ce64493a723f17c37c1387840528f75061668b3e40eb26333ce89cb0337f4

    SHA512

    977328799241d6adfa9982dcaac97990c3840e7f7b7016367e0cc3d3fe39256dfdeb5061edefec11cad3da2e8a8600c6ea07403e67ec020a052e25bbd85820ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    22b3c79584d599910c8185eefd3b0acf

    SHA1

    a352695fc03a72e82dda3303c0759145f99a4570

    SHA256

    63d6f19f04481d31f0983a58958646fa099aa8b4508f23ed82982cbd17a07172

    SHA512

    052edbc4c975c38b983ad589218846b392a7aca41d5eb6459d8235dd9d414148456148bfcc831e5e4f3dd7074b24aaa8c8bbd9dd6f2112808602e3087dab25b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    74cc13770ab0f9700f151921d657be1f

    SHA1

    e21c7189b1d57bae79d6de20f106097157314893

    SHA256

    5eda31b1621d2f218c7a7420acfb0a12c9789cfd122e700db5a63d49ee5627b2

    SHA512

    33850671c4c72fb1b70dfb4b702e702212455053f1e17284d111f401db1062fa95aa67f2e2981266c239dc08cd7fe37209afb3fe5a5ee71558657b84987368aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c3260d688f9db97bf66f8b8c43ca37a

    SHA1

    3fd4f7f95d06c62c911de02839d9cc704eeb0cfb

    SHA256

    ece4656b516f26f5304165750851620ea3c729a8f0ff28ce13d32d1811d7593f

    SHA512

    e90f766a2d03f74aa40ef67e032995dd46cb7dff89a337da9b4fac4ed655e55dfe61c0d1a9395baf2e63d0428126bbd24dfbd543e11e888d543d98edc1bf126e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5fa1c4a6b52557c1e63a6304e3cf9a69

    SHA1

    038af67146940426cc20968bcea6217a2041f9de

    SHA256

    b438633ffc0a5e939227b5a83456f48b1751b0b74c3fea0d676ba95fb3a2e45b

    SHA512

    d700ddeeebce8d1a59de1b85ec267400f54639bce56b101db59da2c5c874759e32dfecd8b7963eb55d749e26562f8df663359f596e75b9998d317c16837fd53e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cbe3cc1ccca311d20f6c34de427e5e63

    SHA1

    783c860fe73c3c311f8bb0b75c40fd9895c4cba5

    SHA256

    b7c1ae58dbfccf466d24e4ca02f7d16afcde1c7fa35becfa71497d6abf3b1a9f

    SHA512

    c1a8e1e293debb7f2df9251090ab30c10d16a2ce4f710a50621dd467444525fa290193f2f5ec4fdff95ff31afee1e2bf5cef65a1e664f80c6085696cc16ff622

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8e589e0393e47b533cfa9cee64337a45

    SHA1

    9e7fc1765e4cc10cb9eeb7a0ff0ae38b89770369

    SHA256

    b85523d7cc62886c7e30f81cd584f2bda6299f769929b60dbe571abba71a5c8b

    SHA512

    77c0393eb2841b917c83293011189e4736f1cf8d2be74e7ac4d1b2562086b8a6074ccc5fb1bad8913b9996c71cc41319457dad7d1b5e2aa99bbd157c56a09674

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a5a38c9f2fc6be09243c1097059f1c65

    SHA1

    525c58f8672862df6b95e65135e5a9ca8dffabbe

    SHA256

    158924d85b7be37d1739728ef1fa54d9907ac8d988e15c510764015e9b2e23a3

    SHA512

    579683cd6b50e38f7c607996e6bfb988a40ffa5722fdce7e37e51d8f52f0b7728daf2e727bb287abd59cb2379608d985bd20e036fba36689470b27273d1cb7f4

  • C:\Users\Admin\AppData\Local\Temp\Cab2C03.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar2D04.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b