Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 01:11

General

  • Target

    a34ee0c632ba247472d3b435a78dd0bb_JaffaCakes118.html

  • Size

    112KB

  • MD5

    a34ee0c632ba247472d3b435a78dd0bb

  • SHA1

    8d91b686332efbe79e674b447e4b671779866b7f

  • SHA256

    889e5a528be6fe9862c37952f05439f6cef2a0b21e8992c2b1fb0ffbc9bb9271

  • SHA512

    cb3f068c621e3f02f76f80e7f8c2a873b057036327c8f3aa8f482d89292dcc95ebac2000aa7a98f347f545d7b2a2a2acb82240c26e807c69e2500ef2cc6b94dd

  • SSDEEP

    1536:SUIeK/yLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBTOy9dK:SFyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a34ee0c632ba247472d3b435a78dd0bb_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2804
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2804 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1720

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    caec4c7a75a6cb3b5fae619a56f61da6

    SHA1

    f7d8de4c295baab447307fa0ca8f9bbf0b6034b3

    SHA256

    04dcc300f8781c07bf7523506f0c959ac110f8e45850398da817accfd34cdab7

    SHA512

    9fcad7bd31619ed601652e4ecc49f814e156b21d95ef86d764d83a37b2d572fe14bc78a0d94948791b4500e8ccee66bd79e533a5518970f99b8d9705d2dfeaf2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    918c4f1a79d7f33dc54eb1232d5f7310

    SHA1

    33512c02a2edcf857c83b0303cf6acb3cb6a558f

    SHA256

    c931542d9cbc77869d08b5e94fac7cda840e0bf03454281a88f15e174ecb1af6

    SHA512

    730a79839e01ddada068f78fd438a06ecc4f6e7b7083d1c751f4d4363ba79f51220f3a818e38feebc9bbc02ff374c7d41a0ec01c635b0f10ac474a6f7ce99dd4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7add106c96b40f3f3d5c131ef330f6d5

    SHA1

    43983ab8460ffd9850578296dfceb41dab58b049

    SHA256

    67aa2e049ba9bef441a7c394bb7e64f88fab9c7b3cdafb38289a963978c4d0f6

    SHA512

    28b28207774036fa4ef8b4a56bb3bf24bb5806abc194e286b9adfc8dbcd2a503274549742d35d6db66ac92a790f8980609da8557e6471e6c187d2dc7d130e002

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    07fd8a64bc212da5809090ea1900d2a8

    SHA1

    e04f06b32da58a0679392c71f579ae990b6e8939

    SHA256

    fae38f03822097f6e240ca14b49b15923a4c380255a28ef90eacb80d7485b6f1

    SHA512

    bbffa582020a945937b298b2e24b900d87bbbfcc536421d5061c7dc8f0d6bc47f0760921979293bb47d0bd0a7966eba81606209fded3fdce8777ac26699a8e5e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    89ad8dacf2c0dad3ef39e3f29560c7b9

    SHA1

    581bc2d4c209dc1b597c2a3d479b92996936e6e6

    SHA256

    c9899e4f8c2afc91ed779c2318455b3fc2214d2278071018074f34ed223c175d

    SHA512

    fd8f3814f0fbdab6229818aafcb472043a33e5e2c5c725e929dd2004f96a125de301c288657d9ae6c8b5525e8ec72f064c2c77017f217d652263dd94a61cb726

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bda3e5d1c3f24ebe3a0a0f8ea06f4944

    SHA1

    68a0bac5f8012a387e5061d69ca6e2f86399b326

    SHA256

    6b5863a0e14650ee01715fee851ee773003ec4c2097250e653f32c720bc013bb

    SHA512

    8fcbb5c92e5bddce5232d80a92a38fcba1281dcacaa6924c0e9145a04840bb7d1fbc0700e439c33c13d308bb892201d11678aba1e5568b4f94ebb995ccdd6e40

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b5f5ee0208cbdb3a2d2aa1e7615fc076

    SHA1

    0ab17bd63e47a661b7da0b10c0c9abde42f503df

    SHA256

    83c8a0b308f5b5c580b48a05e7352e2048ba51a09ecb5e811e5319e26f2b33e5

    SHA512

    87bd67f0af3f181baa20ba89c651a252e2cbf953ef96d9fcd80b51b298d46b78d3836a3529d822027ac51db5d4fc98804113f2a097da5c638cb632e6ddfb168d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d4b0ae739436dc168e4e41cbc5037c63

    SHA1

    2168f018ce5bcedf1b45a1825079484925a4959d

    SHA256

    b67c709eb0c50bf82e019aab7e17aedbb303ac61adbb5e982b9bdc1d73862439

    SHA512

    ce28837ac198f96babcaeae26661d86018ff382a0dd824bee26c279ca52d79ac8311113c9cc3a5f1abc5d2f0938a1681661d441f8560cf65d91e9083b98b061d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1480f5468252bf2c4387ec90797afdaf

    SHA1

    f37bd652b7cf8072d2adadc2ae8eff90d1dd53d5

    SHA256

    b0a66048945af5a681fc0f189f0f5d08f7bea2ec1a0bf74679650bb1711fbf8d

    SHA512

    a104e42f78c0c2ec143169703b5314d2eba7ec4fdfb7938179c19ffaf884e9659acd79ac2b17d9f8c5465550d096df8d52ffcb02ce5188f35603f5f06952519f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f378a4f331d12310d43702574a5cb6f0

    SHA1

    81f9b85259fbe8ceffb4c8120c4ddea91f9e5f91

    SHA256

    8cc1bf1b633f39b00bfa1ccc3747fcbb9640edcc2de87e44b556a9575a9241da

    SHA512

    4c67efc58eb1b835c268a1a4c786d380d1e42f400eaec6c904e5a83762cdfa102541a227ebf0f1798463033fb0ed094719a5c6714eb3b3d0be2eeb41982d3cd1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    80a77429bf45206051e78f254f1c5fa7

    SHA1

    4165d52497c50da4bbb908bfa55e6e5b083604ed

    SHA256

    c15b4dd61371f83f784ac8cbb7c3cd9d951b357675540e79998caf97d8560ffc

    SHA512

    f17408de472fe81eaf257fdb683d954bb84c4d7f2d18679f80927d9724b7dc9318f098e5b84b86d3efa27daae6153ebb7f60f07515a87e7cd18404f28ac49eb2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    77321593beed9d85cb843a4d9d7cbd8f

    SHA1

    95abe0af07b76db317620856131333fa98cd866b

    SHA256

    5d5f92fd42f8209c7eee79db453d3e1a630bf12711e03c950a5c70d627bdd125

    SHA512

    497937651536c218c725cace7ff2c84a3ef07004e00b2736257546aa3c6a1e5e7a05631f93fc58fc731b5739e22c37ba271de63e2eb65e0556656a810dd8528a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    07d0f1d6406e54923c1cdb4df5d5d01d

    SHA1

    f4021c302aece0e4152268accd9d9f7fff1c7c19

    SHA256

    198951ef48b6d139bf0f27934c77a3eda1bf797584dd61452e6c9c90476067ca

    SHA512

    bff5141a925e2c84281d048e6fed75314d82c94f6a6873cf92dc64b5a764e874bc06fa13d959f2064a5e9e62ba9a7ae5f4667db7e5a836d265ec5d7eaab8b119

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c6ba6f77893e7744be4f6943e34be7db

    SHA1

    e12c47a674928013c91775f712332faac7fb2005

    SHA256

    605a0850496f590e0c5a24f88ff908a6372ce12e67de0ea3f696c8e6d72a629c

    SHA512

    b161117a1539a77e13097c68e13922c471031bf259230a034916f4fd0762f3bf582e7b2d8f487c3c686dd879e9063f7ff901cf7fb99d6f3768a29ab91ece8c01

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    340b0472219b46d8eba5c78e4a9326c4

    SHA1

    33cb86d9f706f9a48ceb47b1aee547f31280b414

    SHA256

    aab5da2f33d4b3afbac80baceecc7b6e822aec57a966c8b53020d3ddbc1a1ea3

    SHA512

    7d7ab2c2a4f4f1e63661b925a0a696dbdb5e4846e0eb1f8fe34cdca8ad18325e64db956fe98728f45090306ba0796384c9602bf88268cdb5ec9ec4ac4ffedec8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    47496b59b72b3aab242b54281241ee44

    SHA1

    92fe9eeee5eb045ab7bcbe7563c3cf0b9f3ee5c1

    SHA256

    d0d031ad2ec304b26c796d200410504ae3a0a83074d3b024df17e32da226766d

    SHA512

    4117e54691f8c76ba7443c655c65b17baff3cbbdf92e1b0db55a04ab8c09a128ffdc6d8f3116a72d9b5256b1007298906192e98dec344ef4d11dde4907733745

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    83b8ce23d648268a508d94526301ee72

    SHA1

    faf4c46517ec1a1c54dbac427f7fb66105eb6e6a

    SHA256

    3093c078f42e7b54e5a06c239d10ebd1fd54754ca77b4ddc376d9e000eb40468

    SHA512

    c781c95d27578ec333b0ffaa43221a9a3f6bc3baac8d2f033e76957efafabe1c9cb13bcef67046831804c701e51f2b0b5fe12f6eb1c53c060f317bd785b6820e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0bb9b78cabeb80757819407e0a5b2424

    SHA1

    0c6768b8ce4225a884acae1eb2ccee477cf0c2e1

    SHA256

    9a5594cc38426f0c4ee847b21af724d9f8495d99bf7d5c3f5ee93c1551bb9fee

    SHA512

    3a04820c91ca1a513bb6390647d422caabe1e1d3a32a213b8f0814e1a2ebcc8778fd8dcb9bb4bc1c6a59dac8b5fa6c8dee533a9d8b0d5b147e510557df804534

  • C:\Users\Admin\AppData\Local\Temp\Cab2454.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar24F4.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b