Analysis

  • max time kernel
    141s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 00:20

General

  • Target

    a31d2315c3a47f7cede2038bc7b0a20e_JaffaCakes118.html

  • Size

    15KB

  • MD5

    a31d2315c3a47f7cede2038bc7b0a20e

  • SHA1

    e8e9bdba038e2dad0173b722345a2019d3442a1c

  • SHA256

    eb11d6c4811f8a2d3360d281b8bba664251b78914492e8f025f454c171882822

  • SHA512

    ae30f5f1309dd8bff9db0637270824c1ef7009fc0beea3f07ab767fc15896579d009261cf559085c1bd501a61271d589435bd3e6656f8bf40a06720ba71ae7f0

  • SSDEEP

    192:Cu0/eq7J5ZWzT64iBv0TbgbhTWP/VM1hS5z0pHzfh5EVxcWSgCk0M:L0/eaJ5V0NMXzZ5EncWSgCk0M

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a31d2315c3a47f7cede2038bc7b0a20e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3056
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3056 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3052

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4663938c41971585f7c9f954bce370e5

    SHA1

    b0cae47186f05154847d8297fe4795295276ba06

    SHA256

    b032e95cec80c1ef69dada657f5168986dbc4833ae248637377940f4be8e8283

    SHA512

    adc0360db862514c59a8487c5465226908c49da5f44ae4210bd0180216e5598baf24b0e8f7c7d116d601ba525abf38be68080a480eb044bc51e0d449964d8201

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9e33949cba4c69a97feed03e6f3d25cf

    SHA1

    b7f628fe7bc7d79280c4fc5fd0a1827db2b6fa88

    SHA256

    c031a3264fb5cfa2882f73b9277dd53dc82fcfa7f58f0cd0676b8d29cbea32cd

    SHA512

    930d93e8857c4d596dcfc5b9b71f6b2d99227912747fa76d34864736850cd7fd1f7e6d2e85038e21bbe38f24f72da53e2c429fe429eca6ad55ff5153d14bb030

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    45c051288970e03cb1dac0b992d3a6ed

    SHA1

    cf293033cc94b9d52870730fd91c344a5eb2bf05

    SHA256

    a41b3ac45cea34f3b366d250723792814cb3c44223d3da07c7d3be641f3b1a39

    SHA512

    1e188d2a150a55c1d306e87555904af4f943b02e355c37297a1bc19fa2365febd429d9686e59c0598818b30f22dcc1784759bc49e4d4fdc1f7e088f02fabea3c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    12fd80bc5d8796c16e489d7451349bd4

    SHA1

    1eef2e257fbc477341510b9bc969656694789cd6

    SHA256

    d9712b6e0b458017efb64b6f40ba2d37b56b1cff7c2c51be1e2ba663b7b1a416

    SHA512

    9acf179b13ebd234c91834cd5bce3e0143c24b10a183f9cb1648096eb9d1a0c608af5a3eca923403a59af30aa1656e67f898dbe77cb3907c6c0cb238ab37eb04

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8be5f9979415fd797d0801bb83df2dcb

    SHA1

    b8057d2d06fee394f1c8f3e468e849b6ec62e093

    SHA256

    d39282d9f0d8f8f08cd932c382c8edc0338b9494549be7b6e416660a03a1af29

    SHA512

    833722e758141a3240df79cffef9ba4870f1cf11bb5b518a5e1b9100c504294b0e46cc8c6f0d700c299cd803cd42bc0a9cadc3538b3c7538e2503f13a8626194

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    61b0e0789f475055b6d6c3573099643c

    SHA1

    391c798808045e2b0e8fcaa9f78defdb0fd680cb

    SHA256

    d7f3283570d279a0b6b02d3d8a0b079b44bcfd0d7aeb989aa8c3c79c768913f3

    SHA512

    051fc02374b3f0a7daa6eddab424480406badb93653829abf6be736982fa99bb06171841ea58d2b58257e2717f369deac8ddc957572f6118c6dd36412771be9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4873548f83bfec3751a822926d20b12e

    SHA1

    75787e59a455225261c64147fb2b56e426ca8b8f

    SHA256

    0166ab827fb647ccccba0a43e913436fffdc7057854e6935097bb55858885027

    SHA512

    05a0474942f0020d1baaf51f51197f0848eacdb16955d93e4ec23a117bdd31e790d30f19a125180086e0378e591ce10065ab4c7ac1796e3cdd0ab3592e32c800

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cf734d4a217c188196d20e5401ef1cd2

    SHA1

    56e8b642e68ba0e9f4219e4e9909a1e47d7c4719

    SHA256

    cb8ae80ea066e8b23244301b45da4d84a775979509fd7f1aa274f2e9897542f7

    SHA512

    c9724044c9aac7a73e89fc312b043e918756b9b12f07f1c92e12032dca7428284d4c8758912050ab5149fefeb0f60483a74a1d3b5057587a01d88ccee2f9199c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4805bc6caf98a2dd49beadb082de87ac

    SHA1

    1c01df1f5cf836deb5d7dfc3cc0b2c712b842b7d

    SHA256

    b854c617e5a841483b4f3e78a1b5d346c198aa220af6cecd0186781035bf220b

    SHA512

    1ae97fd7b8dc183d4f6cc59109454f151c18c0878c50926708999471443bae460af7f43a406de4e2fd7dcef78525c2ff1de21ee5632a8448c0ac82f922f6d391

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b295fbea13bb8a78a7ab7db9085941e

    SHA1

    9cc34a4d1bf4ddfc3293f5f8ebb41f5138dce97c

    SHA256

    5c17e766c1cda9832dd85355924a7062d783309c7cc476a081d5a8c2056fc791

    SHA512

    5a0165d71feea5316e4f7730ed5933d27ee26a3b71023ba240fe57aad2603e05bf237ea9bd4fce85002b2f2e1a8108476694a7d907fca7cf462ebc46b53ee34c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f0863ce9c77d40f2671a2b54f76d41a

    SHA1

    2950ed9eac786340d17cad00af1c8dde3b821712

    SHA256

    13a2a26d7592f9a14d49b6023f35c56721e3bc4c34f69b426611562febf77e91

    SHA512

    a8565b3c838145af91100cfc36d0ef899daa9e7a0334b9d1a8c41702196672aed958512b2a0aa0bfb8ab17debdb179c68ee9f3ea541da34359130b08ae747355

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5fcd3b057d53293e152c6b476757f257

    SHA1

    1918bc78324d5d37381635921f65f80a7656c7ca

    SHA256

    0b01b776e7772b07b9492fc34e5bbde19eae32850a1e604d357136203fe7565e

    SHA512

    63ec94e653c6b3af7edc8e1d91ea9e919698d16329242dcaca7854e3e54c6b0bd0d3fb7627ca93a2a6cc3508271fdc37903b5a55b41be1029499c919bbef16fc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e7e2fee77cce13bc796acef262706d18

    SHA1

    d5b1474f01930144ae7a2cb777e800a34782fc19

    SHA256

    b340e15fe48059b0dd5f0e656ff07959cc47122a533d50ac77578a10a9fff65b

    SHA512

    8a235ae0140ec8df5d79e6b187b0a4e73ab930e18f4f38a84b5764f3748abf27aee38054a2c308d05050bba780d3aa241fd3f6243423b8c5916ed098a153b331

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e63559026d3e6b60f91205371a34379e

    SHA1

    09cf0aab45811a3d985148e88b3889ed476417f4

    SHA256

    072fb26117077d0b43681313cf27a44ac974dad9ed131754eed44c66070cca05

    SHA512

    7f1d757bf225251d931b7ef15938e87e6509a0fc94698f89f52a5338c135c122df0a80910a1d3dc1bf0cdc498aeb93192ac5a61c7fb7eccc67782b25cea96997

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c8bc105aa3e85725524531552f88116

    SHA1

    d92fac290a33d8a1e3874e0b129e683affb0dee6

    SHA256

    a4f091e8bb13151e728f69ee6c84cb388d76df8d20fb02ed8334e7517e615cf0

    SHA512

    57524c15548b2d113f7a4c59601dcd9879c0db6025e1e19bd8dd9fdc6a524ce724d4207704073cb8be23a0c508107cfee1d2f6a28e207cfdd0bcbac77aa4f34a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e22d03fd4b4f6fbaa65bff17585aa011

    SHA1

    579b442d8e63007127120fd7237e2862ba480406

    SHA256

    82e919a1b9096091ed038dbe7d2ab8425eaba899b7886655926be42e6141ce66

    SHA512

    9c6f5750305b23e377dbad665256dc0e8818d9b03498e4ae0f862f98dc50b72883eace1000cc04bda99106c767d6f41b3716a3d40dcb9cb2963bfdcd4e9f7f50

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4ff4da1b8fa2c0ddcd26b58f931d50d8

    SHA1

    4daa6e7f063bd2f119aafd027eef15a2ce71c65f

    SHA256

    333377f527a5181869262aee16adc657a25eb245945fe0b1434c1da546abc222

    SHA512

    a3d73a41a99814101f1f5156798c59d6437af8da5700622a0b9ef006c6ea5fe5500c036b1a2aa37640b02c53021683938217189dd2f9e341ebd02b642b4fdb41

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1911ef2c011c31b7f39fe015bf128741

    SHA1

    e5cc02ba3cbabbc9478d029a07f7aec878c05aac

    SHA256

    c3817667ba840271a1ef962dd3e3bc0c843be266b33be8f553c957959f2f2091

    SHA512

    fde3316366a83584381857a8cc5397a8caaa7d09c0f6173612c6b5ffd6f6ff754579106cdd0bd3fe5952f051c0ed8e59edc93d088498d14a9043ddc2da2e684b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6986d130ce7d624b21766276cde88346

    SHA1

    6671ab3f28a25b7ab74cb86b00401bbcf9140f4f

    SHA256

    c0f004cb854fda0747744d7eb6e6434658f5479c3ccedcede5fcb17ede391d7e

    SHA512

    510563caf89bc1d60092ee48b456750ef4c2f28ab580e06e465b9ac762d1c0308eca53b859dae02a563f79cfd8428bdff77cc6a70ab531778b18a9ad6aecb298

  • C:\Users\Admin\AppData\Local\Temp\Cab54C7.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab55A4.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar55B8.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b