Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 01:11

General

  • Target

    a34f31500fdbb10c3d32d1746fb8480c_JaffaCakes118.html

  • Size

    19KB

  • MD5

    a34f31500fdbb10c3d32d1746fb8480c

  • SHA1

    2590ebf3796a24e60d07d60a04723b7dbbc06908

  • SHA256

    b359b7efd3ddc34ba83b768b0ae25b9173e8760f2cb69921cc6822987556f864

  • SHA512

    ee5f1bae3928450f672c17ff62c2aaabef4cf0de521b943369f1129a6bfaf1c7ffd43135334fa10985b529fe2859aaeee29572cf7b0d95c237e3a97ba189d287

  • SSDEEP

    384:SsurcxRYDNeB4feFsurcxRYDNeBxC8PurcxRYDNeBSiFi8E:SNDQ4feFNDQA8GDQ70T

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a34f31500fdbb10c3d32d1746fb8480c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2004
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2004 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2944

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    434c4c40c9d18c31336abd241df30e66

    SHA1

    f59b8b60b6ed2edb65e8eb3db91600a145613701

    SHA256

    f7531e17bf1d66afcac7373bba916f8dad1ed8af929103b884134429526b2240

    SHA512

    ddb045a290671033801b89da9a6a1dd827ebb8c0b1ae53b1795669c83b2c7466518bebe42964b31b4a77bb890c7c2da6363e09a1b6e159f63599ef4eca7f6c8c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fa0d025028d9a6391baaeea677cb3acd

    SHA1

    20abbc156c53669f3a7bfe863f8983a7ce6bedca

    SHA256

    3601d236358eb1927a231863f0ae716135afaf49f8f097bf2a4531289dd94a8b

    SHA512

    7a432d88215b5a1f3ca043a94c40b16a8259a4b813078613f338f5510a0c8aca1d274381cb52b19029cdb0734eda95891454bc81ad58e89faf4c8a33109bb2cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0ee6527604019339a895a764f3bc3978

    SHA1

    cac6d99e30d73b9ddb60ed234629d789505c50aa

    SHA256

    fdad00074d91af409749fb248d6ba39e59ea89bad25438246549cbf7fe013da2

    SHA512

    8006bf4c9f5b022da3cb336f3f2f50d2bc3e21347e64fb40d034a5fe039f3f5addae496ceffb59823321c9cb3bc4cbfcd6de863368ec7b81fd2af2a3af9163ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    10405dbc2d93a81bbade98a856fa80da

    SHA1

    1e824747d574e84100d98f8e3432f280aa8fc384

    SHA256

    59f362579a5b1e24f209e48dd739f26d17b857ab6ea94fa49d6280b89ad82ec1

    SHA512

    77505bdf5b1f6ac35c83974d299c18a2e73644dc4b4b10a51690a9e8459c424703514ea0057b611a382c2e60df4cef2e524437966a1c3d29f4ded2a53d00399d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c1df5616f6fd5244ced9f40f2a59494c

    SHA1

    71866f6bd6651ea1ca19aa4174776effa84a1d25

    SHA256

    37963c04f35479ba1ae5c0fe5f623d5b5db23df092af88276777272bec440252

    SHA512

    79abf501009f6e59fae1312a303d69d9adfdecde5e396db2695f979b0f70ca51fc3681b4d98b38189a660c359e6abb982252935cc2d8ef1c0fe6cb0999c3dcf2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0db90767474ad83a92a923bbfc7aac84

    SHA1

    54b712a32f8f59c4f28633ca37f711363bbaff9f

    SHA256

    3fbad8d1da2a451775059e29b96022ac669520d58412ac46d891e5ad25f2ac62

    SHA512

    b431e4cd1fccb3dc2f0840e6374d41f936d5c7a649bd64c76b9e39b86ae17ebb94315cc4b4f8a678e7132c5574c04089e09b35bba5ce01634a3cfffe61792ae3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8582adc0171bc4521deff4b8a5978a03

    SHA1

    d4c3bf82e6659739b38079031f3f6ce6a40226e4

    SHA256

    a60f8583963cb29142c255bdd128c4df7302a44d654298952fe6fd0d2384f6e7

    SHA512

    8ae5695f5747ca3435312d191c1d9a0fa45176c22f587108b8f7dbe6fe3c3b4b27520f098e154f0f4446385c02f411635963c9ef34a4caa80d49e51b83319cc3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f0cbafdf4affa2e21ddea403c2af006c

    SHA1

    5fccc3491b9a70f951d22ed3cca00e3b26a8621a

    SHA256

    8e51e6ee6a2d4c506b1fd8eada56d0e35831f9b946e2a57a279c3aaca4de600b

    SHA512

    c79c6c36ad3cfeaf4e76de2f27470aa865720d97a2aa58598ab8d6ca7691edad0040e1c4bd77f7485cbcd34a08b001086c1a3980e565fea4b264eee7bb6ea42c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0909705ee57e3274e265d0f5aab8ea23

    SHA1

    84e89562135a64dd2d13c968e804e6bfaa25d1b0

    SHA256

    a2f45945d964ee66afe4f4a2e651661026ac07beb7f6de8224588ae4d23eb6cd

    SHA512

    e650525c0aff31b091478d3e1976756a95e8b3e9c3c6b18140c5544fd3a3545e8f0c639236cf17b71e05729965cbeda60632ce40be4f91ea43b2f01a6e7dffa6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b094b81ea9bcd196b12bf75811fc3760

    SHA1

    f79000e4a2624c5c3f5505daa1930d4244027911

    SHA256

    ad3f27ab3b90c1924841372b336b3ff8e7da8ed3afb92a9102a108d3f89a764c

    SHA512

    7ec26e0b29aea93d4acaf1f06661dbe8ea13761a3546b979474e1763d3f4e4d8167a7c2675c7c1eded00c4944e7cd83d9973f7bcc2fbfb1f0e9293c7c807476f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f0a29035aa3661f8614b74ab117dd45

    SHA1

    22a11047f1ba86aaac49c67d272e54e9c3a5c41d

    SHA256

    f20c0162f1d0a5b90962439efaaaf61a23c7e2ebe56f5595f622311688276280

    SHA512

    4159aa46c18f09fba545bf6b7eae94985e47f53b39a675eb712f27cf9cd0a8a4f1307fa559d86c3f3b331f2ae770318d1a42061f029e4e925b9141d8d5f7d6d1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    df2550fbab8fa7470e3782a529bd2e6c

    SHA1

    70c40f475cb42a458f9f3e0b364a9d3dad53ffb3

    SHA256

    b2826ed6a1f01a6593f712dd7233f6ac76949d54ce01e6f8c2e1c1b28953c669

    SHA512

    1b4e86188d47e6bf0592d5904c9163a315973f7ad5bfd5d58c35c68a9ef4aa55360dbc28da94456c446a5f7e15de2f1f38216d5812bcedb9ef3b6d933ce202b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c285b21fbf89ecef7ffa3bf26f72bc58

    SHA1

    5d1898a968ae3d6c11e7904b12d40ef99b6d29da

    SHA256

    b10e74a44dff9bcfb53c8b359779d1486a16904362eb2b20857edb3d55ba8b19

    SHA512

    9934d1623816da0267cdb544e8ae8735bb6d9be0f1508b21feebc1ff7c364aa2ebb1549359dee67b6f4b3ba59618f56911906011f76951b539c3e8d10278df25

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    46297a87ee3defa6dd69d125af5f8c99

    SHA1

    85c5396cc17672615885a64aa5eec0ab2000f927

    SHA256

    4ff0e2ac289528c89ea3b85e41cced0f503f346e790c5c3352e78ec8128c9041

    SHA512

    8b7593ba008f6c8153f34f349453f66c522fb07583d0089e645c9b6a2455c616f1ab85b3ede2bbca75b566e6e4f0c3cf715f23d67b06d3efc3f138d72602c625

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0c6f2ce8d80ef010e23447cc8926f151

    SHA1

    9898437d0b52a858fb76ab5656ed71e71b93115f

    SHA256

    42bbb172295044abd54327645c39de3256e759c05709438be096fa577a56a5b5

    SHA512

    c36e0a21ff9ab9f5a436f4ebabc2b078d913b9b310b055b74a2c038d380a44cd58e1f33bfd4dd6d6c4a056c9214724b01510f20d3f4678cb0a18dea0aeb3978d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c7a4d7014940557791a269572de9083a

    SHA1

    de8bacac74e9a0ac7b22cb64b79ed65c7ba2799d

    SHA256

    a37f8eea830aa8cc52b985a2c439773f6409420dfdc02dc72b7249d845c4c01c

    SHA512

    495835339a1a0aac5a4e2f32b921f0314315a1ec240f2162ad9d3cb2a698f21a8339a4f79862af72876be23952e86e85b6a0f602f6873b5c753c346a0a593913

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    daa8aec453e5216050d267711e318bb8

    SHA1

    9e91894d4a33e9ddb9962a25df3f5a80b6327925

    SHA256

    631a1ec313e7e74da7bd7ba779a2355ad3b9e8dc82661552268bbe4a7c408b9a

    SHA512

    5c60b1b3a76b50c5dc1ea59add0d9c434c2a9ac37c9f09466cc3e9b98c27e1765aad4917518d4e05f28130563bb08533db5652b16c8446ba02ca28cd9074678e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ea90f66a63ac2459969f001c3da5eedb

    SHA1

    5c63bdcb102d130252534ef9150fad4fc65f5c49

    SHA256

    6c48e4e1c0e8be2fc073a9c6092215a40dd615bdf74224c3a60c8903aae638f4

    SHA512

    58516b1e1bbc063ba66d8562d4dc2c2bdcc50125201b37132cd7da47e08975805b37e76624ae7762fc5a4ac62c619686109801bb1ae1ff87d28d1c4141688509

  • C:\Users\Admin\AppData\Local\Temp\Cab1EE8.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar1FDA.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b