Analysis

  • max time kernel
    138s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 02:41

General

  • Target

    a39184be1ce7da7d096c55ab32d9761d_JaffaCakes118.html

  • Size

    157KB

  • MD5

    a39184be1ce7da7d096c55ab32d9761d

  • SHA1

    0d71409473714e18b0ff295a01593ee25c9d29c3

  • SHA256

    580852323f5305624ef075cb82d21d98a3ccfa9eef2cfd6cd1d17efd56ac3060

  • SHA512

    f5d9364c4e227a34655b7c5c3826286b18e1d227ad5549fd88ddb33b4d1ba87afa59352e2ec39c54bf91d841eb4b06e2ec3a4b8ab00223b7edfcc9f8907545b6

  • SSDEEP

    3072:SKrC+zSYaHRGYKHyfkMY+BES09JXAnyrZalI+YQ:SKZkxGDSsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a39184be1ce7da7d096c55ab32d9761d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2176
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2176 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2724

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    75f7b0e11a4de6b4b45ebc5e7830d5b7

    SHA1

    1779fc0c1b43af91656c0e365ce90fa329636741

    SHA256

    1e85a40c937a94cc1d7bbd3a0aed03031137d485483eb5ea6c02b088702fcb59

    SHA512

    42d69f0221f78c2b42e7b003c0fe5d9eae520d18cc464fd7672d100d1b26cd65c6e088caaf1c1b282d922f778156ca1c7e6dac67302470b7cab253854c65a1b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1dbb6d68f2501f0bb74f17acccb2560e

    SHA1

    3f8390885da9e303d14088d3b2c842fac4b4a4a7

    SHA256

    b094329c0a430ecc9cfa124311abfa9f94972159baaafe0798eb967d185aafbf

    SHA512

    e936796feec50450c9b3207b5992f38f9f19289b5908121f8fac26082896f67eef5059fb706598e457cbd86afaaeb1faebe846079dfa20bd6a0e1d36fab00c7b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4b08b04c5d06c74a9b7e77e93485a8d5

    SHA1

    2b4737e5db7c9b700cd1f3c9afcf0ff737d00f0b

    SHA256

    988685b17386fa538f22a35aeff21bdcd45e4ad0a7dfee55191bd13c95779343

    SHA512

    07b0c66accb201aa3e9e8c736263ef1d20901b5d1e59d0602aac3940359501f480994e406f4d2425b0b360cc55c14fa7fa4302f0af82feafdec86efb65869a0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5c3943dc5b50debae0d1e32fec05c332

    SHA1

    197bf191bc7e7a4b1b47f40907de8ea23b7e7af4

    SHA256

    75d2299827d62e132cc6dbbb8e2540dc7035276828fdde8207da9b9c3aa85892

    SHA512

    4fd0908c141303280f965ac940741697a89824654c50e83b5f4550f25ae3796e0d36d3e94149dd362c53823edb1a424f943751691d30b9d8afde1703aa6e2764

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5db0da9dd2ae699abcf702dc9622ffd3

    SHA1

    c4ef0225271bfb68ad1bd9ef1b51da3b0ea35625

    SHA256

    d3f88c3f55a67977f2a373e7712d3cf8edf6fd25aba30611a9c97dd90a592d40

    SHA512

    b442455ccb3af76d685a24533cda0b0c9c5e676e3e0237c23970d0e21ad38e4d6a15aa74d3c13dfa30c4df2e3acbfd449bec21fc265074b34348751b41bc0287

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f16b6082aff20869470de30b00f3eb56

    SHA1

    3e54dd8f69fd3159289ad2aad685777ad897390a

    SHA256

    d1393467dc3eb64327a34361cb21bc5d654e9ac040ffd49bef26ca94d8e2b44d

    SHA512

    9c9c1e304b4d6695daf400767e8ee0ccdb3308f9744af276e9be85ed4131f10d50cf4f385504520fcbf093450e53c6f0d8fa953f40196335409effcd356d39d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    22acb5be691fbba0632b00d3403d9936

    SHA1

    43f90a80c989ce309e4ca25d67142dcbda0d7a8d

    SHA256

    037098c2ae2d5cc4e9bf12ff3df5e4f43c53eea3820e3e07e75fc7e78c28c740

    SHA512

    e940f211069ec7cf9d2aaaecf692c448fee8fff957213ea1837f02bbe3b4f2d72d4c9c416d14d35353acaf277f0528e05fee033cf28ef62651fcd107748455b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c0caf04736aa2c25a3ecb0fc180f6121

    SHA1

    a9edc1622f0595179a4bfc020abbf0737b3df42d

    SHA256

    6595ab5f647b3b223696c219d530d1f3c4446333b151f015ad92e7a347cd82ee

    SHA512

    8d6e9393e0558a154fcd1710980bf026b6d6c4e5404f7fb38b651934c59515cf1b1de01ff2c369c2114596d84ab40f6eea91dc95b0f9741cca1e4f5eb82b52ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    330569f39e0e981f6257d5253c6b94c9

    SHA1

    e2df5e5ff0b2becb3d9fc32686e9226462204638

    SHA256

    6a27919349c9c916f910b8dd1b59d2a76686a78a493f8f2ac537450de37594a8

    SHA512

    5f3b9bad38ce6ccef007342eafa4ecb12c3be84523f03193a0a021d57862364757b9f3bd2fea873cea4a4ab10f1ea767cc00b23ab8b149b7d156a951f04908b4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd699464f713f5c627d17af991d809e4

    SHA1

    98f67f2527a88c040fc7e7681baa687d67022f32

    SHA256

    bee0dbb592f6e7365d969086194a52ac6772b86703d812a3fbdb6c4467997b0b

    SHA512

    155d743318a851645589c7c994a01be375cf2d8d61eceb74e4450e39f64dbfff607def7a2544e71302a4f458d2cd7df87674d688d717daad2eb9299ad2409b92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0c4b43b3f757594b4fb22279864ee5c5

    SHA1

    8fbd7ec36f6db09f33deeef3cef1aac694054626

    SHA256

    a951e7fdcac1d9e2ca843a8bcfe40b8f627c8152a29d22e5163b061e2c506b12

    SHA512

    55ccfe59cd2149bd4f6f75629648238dc3292990a332521a52a24e3060bf57a8010dc2f2bf06d878bd1e083a136d99043047f433aa36e073f370e8d5a0275d3e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e19b461dd20ccc41576fb61ad0c3a1b3

    SHA1

    d5762e469c9e85a9cdd6607ac3c7f6dff5ed98d5

    SHA256

    cb8e2560dea0c5be9c12e71820e4f786d80052eeeb0255d4c314b820ddd2ea77

    SHA512

    97a2c25418b07250fbd15d2b6ad83c0578f007c388e63043ccc8d4e837fc25e02f9d26dc5fa93476721403efaa8efec482eb63f5d2f88144ca12cd5985251f88

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c4d063095bc17623006568d0d883de01

    SHA1

    858e5708115d3af9e4e8831552df41d68b9ae697

    SHA256

    dcb35633e7f259973f005ea8d5b1527abbf9292660e0286cd042d7855d1b62d5

    SHA512

    9d80f813ecd74b11fdfcb3d3072c318d09e32e03b267f087752d7fbf5e4cd181d927e5934926dc40876bfee3616c70d89ca0ab3f78c3a1e984cf6e4e6813717a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e79ed6c08fa41bf9fbe92d65cc7eec91

    SHA1

    1e71944960ad1cf0155bb29a1db6946ddd8f5496

    SHA256

    3e692a7eb35fdc938056a4752ed8987e150673640a0cd866168bdc85c185d053

    SHA512

    94b1916888dfa714ecb1ea76a48a01d3944901b5516b4455f3e41ddbae67efbf3f8788144a6b0c29650ed4f5a5afc80071642e7437bd9b032502b60a38c667a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    59751af59efe03bc8933fd575f9c3b25

    SHA1

    a2099ffa10eb0e839119a5f3ea094a130f2ad685

    SHA256

    cad1a4df0dcea667d6a90c18b8be9e7cad65f3a1a2e460d6cc4effd65394917d

    SHA512

    d778a3a5c7c5d53c0ad4bdfbffea5229d2a7e564a25211e8ae2ccb5ea9f8232d5692e246240486411b2639971cedd57bfdf11e56c2192e76e1eced55a722c4b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2342c1b2a8501e3555876435288e3be3

    SHA1

    cd9a0e92f9675a40d8511eea8e489a6a4519001d

    SHA256

    16b904a82ee16993bd70191721ca8191dce5c23748bc19dd13b73a111e315263

    SHA512

    799165c69dd72b64fc16d28f9cf9e46b318153289a1b0b8ff5042ac58c39e6779b2ca9325a18355886fe3b8a758c672818bbe6826a64c0cf0ced274589451337

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f0543f3e21fc89e204fd380bfaee3802

    SHA1

    c36cfefa2152cc6b8aab9fe2539405532864fcf0

    SHA256

    c8729a5f8e24cec3acd3a3844bf9ace5ad728c7c4a6d22aa725ecb0ef55fd944

    SHA512

    bec7e95e41c20238a554d13bf3333538adcffd2d8046d651f45edcba4e7f5dbed6d0d7eaa79974393b6cebc6e6daab6886d4d06813d1017a0940a3d628de5ac3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    87e54ba31377489573789fbf9f93c577

    SHA1

    7ef7e970956c4dbff66efaceacd0c4d2f4ec7286

    SHA256

    ecbd0da108ab0880430cf9cf9015ab76b620c73a86d9065b97bb779e16b17fbd

    SHA512

    316c26160788d38b84e1116c6d1381ad771fc4f3959c33f8c5bd54cff8f49ddec95b733563488567722037ffd06f0e20f8f7c58c37b3090892945619af981032

  • C:\Users\Admin\AppData\Local\Temp\Cab6C7B.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar6D49.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b