Analysis

  • max time kernel
    117s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 02:45

General

  • Target

    a393dad18a45d9caea4be166bc557aa2_JaffaCakes118.html

  • Size

    157KB

  • MD5

    a393dad18a45d9caea4be166bc557aa2

  • SHA1

    5911d7cbdeaff0bebc3970c06879241daf3df902

  • SHA256

    5863b7f591f91174c17dd3911aeab2b7b7c13c9af8d60507d63073197330752c

  • SHA512

    c8e15276b07be4406bd3a06c41abb38761a233550ad50e99e56a290c5d03e902b6cb9e4c4339bff5463c934a101aee515c2f24f8cba34cf4cfaef19412fe432c

  • SSDEEP

    1536:SVcgjiJUllyyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBw:SwJ8lyyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a393dad18a45d9caea4be166bc557aa2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2872
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2872 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2520

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    1d7cfb445f41a6b5d3fb8d74caa0ea28

    SHA1

    52e4d7ed2c9daa18439b75f58df781ff9a2567a0

    SHA256

    3fca0e19641dbba963b8d8e09c9871a9072a771bc595dc3f117711ab89b5c158

    SHA512

    db724a8f079af59617ec78ffad325b24b2a256f358085865af64b92e5a5727cb43cd0dd06b551aabce2af57b219731c9aa8f47e805a76f79b8e93eb7e8fc301b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    42ec5792ea7995555eeb215e89c23fe4

    SHA1

    14153c369a98827a15aa2ca90e815d1ac94c0b5d

    SHA256

    1d4adfb6f5c1f159d99101ef41399583eac148dcc558ba2f2e8fa8551fa241be

    SHA512

    8fb6cacdda96180062a01aecb9881ce3d37f68c52d2d4932f9ee2c9c5285a0f8ecdece173d6b29c9797e83d9a5b0bd2e8c0e825cc9b9afd5251dcea02e533a8d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    f5731a547d5f3b2ff7a2377fe5630fc6

    SHA1

    a76fe90d9eff18d38b36eff11a7769e50a14d945

    SHA256

    07413823a5326362676ccf2ee32cadc5987cd439dd86a1ddceeacaf5c2bd61dd

    SHA512

    ca2f48f27530082e3e1618a81f053a517eafaf8b06046916ebb5a2a7d1d2128ba60ef3e78908c43ff3ed75fe0a9347c1a4440b2b65f6015747d119a06e441e9a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    7a710dd5dcb5f1ea73b45fda1af8214d

    SHA1

    2c601a299d7b737d5e7e3536d3b144c5d91de95b

    SHA256

    e771ddab3862bcddcfa274c6c7ca603fbb0fe5eeb8949897807ee03b5117843e

    SHA512

    09b5347ed851d8e47d442894c5dbf29302342bb6da2ab7d23a248c7b00ccfc6a726af15bc417c80c7506b633c461197e2cf872c84ab3c4159876363945b9e054

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    f9ab0c9497068e4ffb3e416f5d9ec0d5

    SHA1

    5dad48cdbd5e80ec6d6e26b5afe4d10053e7bff5

    SHA256

    378b9f63670bf11481134dd0b503377c27694d658c28aa6b9ead998139755e29

    SHA512

    1506fc5ac7e08f1ff04dc9a89fff355923582c2245ac9bd56b711abf4fe988a98b4a869dfc3a9899111d77cfed7c380bcb6112a0fa8ff1f50692209fcd11b76b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    fb41cc253558077e175339f1dc519b17

    SHA1

    85381738a834b78609dceab7c76283cd410096f6

    SHA256

    d663d71e8fc8b6f3f929b6ff92df55433b7e9f6c2475eebc8ddb08f7c6703211

    SHA512

    13a42d88ca464ff3b3114376ec7f6bbd3932a6b4945ea0b1dd903920776e5a8dc4a0f30365f75376916a6d2011eb3e15daf881781b5a5ecf1140314f36cb396c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    de72306d5bb627d6d1c7d20ddec13eae

    SHA1

    3af72b9a349e860139163f0cec50bdb75b7555aa

    SHA256

    23d6996527d8a78a4143772225e928ec88c8edf365ce56495535899b86007b5a

    SHA512

    dc374c9441f914370d136e664a4dd70cb90afd2cb5913c27cc8f08f4e7c9487d57b6886e704ad06f6455d5e4a0e7272dc19383fed8aa4cfb66a10c783c7bd1e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    4b3aee9e223f4abbf6d24f49c323730c

    SHA1

    7e8f871f67da5154eab5ceb5af5a63e58ab37dfd

    SHA256

    7bd443e5b59559457a77b19f019892c726637a6789ccf1ce0f6535208b01321d

    SHA512

    9ed3236a07d5646a2d59ddf18daae17be89e0d022678b29d462395dd106a94e5b2120c88c19aa49a703be578b4898d27ebcef796944f0c56c46de77a50c598bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    90fb9f2446fdc219a79add355675be4c

    SHA1

    d896c16f7a5206e5889e279335322bc8c57d1619

    SHA256

    fa75934fd9b8faabfd347cd3071885a63abfe66b1cbb5d08c6627d64e1ac4d2f

    SHA512

    3ed9b782df5a7fd83dd463be85c32254e781679fcae610c951a0bca8cb531b51502dcb2b01de237fbe2a414612afbd1608a7f08f1c4a93ba008e2a5902393c01

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    e4aed1be7f33a9eda05d315513bea039

    SHA1

    3f3664c82472271c1d8e47317d162c40c0d450ea

    SHA256

    fd314e5161272c5cc53938dce12f877970276ed7ae2e0b65f99ed39945f80261

    SHA512

    4029cbaacafddc84d7e45a08f34a60aa9cdde5110ebd00bab24c64a0b2e1f495ee6b9ea06cda096a0299fe5720cf47248a95c7549d27cc2f8870f5d0fe392677

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    887f612178d2bf1beb880360d268cdbc

    SHA1

    068e2c52dc339ddf260b756c2d40c30a9bf2fec1

    SHA256

    0d0e5303f90ee80f1d2e6493a9075c60212a8674aa4d37493ccfae9e3661c4d2

    SHA512

    f009c62170b1b84c9a1e7364c005475e8041b74896bfa04fc6851e88610e3df0080cefcf3df2b4ca4ae8d267f0fa22da0fc5cf4181c77e0ef675cfb2a6ad7c2d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    0549bc3d3c18ef8ffe3b3827d8d7c193

    SHA1

    432d03c5fa6ddc2d82a370f3de330589704304db

    SHA256

    d186b8140457779a229c68807475259e52899ecb20b9c6eb72457236c30f20e4

    SHA512

    e36ddc6452274b029d89014dac6363b233f505ed36f77349f3d5ddb3b855e573f8e34bd20320f9694b554bbbb80bba2889adfd535f6aac08f2e32b1a2bdc4b85

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    2d9f1709f3c36ad8c15b2c222021f45c

    SHA1

    b40d54db38e32b114318758f5c655ae041fe217b

    SHA256

    3d439046db65cbb3d2e0ea8b097c5c4b18240a495bd8479d9cc46ba7ac36429a

    SHA512

    60c045cbbe164b8d7cda7e8faa53b4bd996206865a37ff26748676ccb023b13a562b192cf736ea8a813e1611cb0eff8c7ce2e7b58dbe792cdff07aa80047d8e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    539c07019f0ed868901da5ab2423821e

    SHA1

    86947b4c43e7be5f69bbbf6ddfa4b0bbc8406860

    SHA256

    3c76fd18917b592307b7fee513500bec45a35b36bd9a19d89fc931e345811c1e

    SHA512

    6c43094135b693449a2441da81c77551201cf11bab5055318b961147f8f5b59d7cf9086d050c8b7520f1f834a9aec6ae69168f23a1e0c075a59ceec302d7109f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    2610af49f5e70f2dcb2e566e53f134d8

    SHA1

    0f6c0ed5a550737c457dde26442b79c92d179711

    SHA256

    862ded7c9d9e45b42d767636df55f8bb63c638d6d05c98ae2cb8e179700a40e7

    SHA512

    81973c8c595a665853519c76f8453609c012996b23844429809adb3a7f1b0db6a62cf76935a1d876c16f9882b6de879445009a6f10300398525b05bf07dee598

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    75a3e7281b438b58722dc9a30d455b49

    SHA1

    f1df00856440837c0517d699279ff53827fa0f8f

    SHA256

    ed76770ed4dcfe49659b3e67361ddc48744a27ce2997772e6bc5f0bbbd10292c

    SHA512

    06f713f84c22828cff0328c24be65646112e7ceb7039141f046ff055e75db2f4a2006a5a7a677c018bec5a86b11dfbfb296dd74e90396f1ac6e61296d44deffe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    b241a59ec9a7fc7dd79334761053b902

    SHA1

    db92e3b1dcde825cc2f72f892ab21bb6b2995e86

    SHA256

    6fddb00e11418754079d2ce6f325cd9a7c9d16dadfcd944bc2fa0b8cb855f612

    SHA512

    d3b38b65ebf0860148d0b889d6d0965f8869a3933a245bc1bb9eedfc6f332f094a235e6851c77900282062d298a06838ad66c778704d383eddf72c13c7185847

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    7c84a780e00ad9e3c2f5bdfc08ba9a42

    SHA1

    ca1d21ae51304e7fea1011554e1fd7375f972165

    SHA256

    0aeefe65601ad622b67ea1b68003087ca0c533ab0fd0789d9c139fbcb2a30fea

    SHA512

    f9c3bef95471cf0d44ee0ea215346e37353eba4802fdcbef212e7355465291fc5b38634f26f7a33419eade61d7f18ffe041800183df0509bde540a497248d500

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    ec7193bbf8f9b80dad73bd4c4a4df7a4

    SHA1

    ef90c5216d64844726092d5ec15d02823e3b943a

    SHA256

    6e524f1fff846c77f8b93fb260341e121675e5875316c8b0a70060ca2b98f61c

    SHA512

    5d5611debe587ac2b582c8e0ce89fef7859f9d3f830f0454313a9e9e94385c2b89de0528e99c9f66ad67c3cea8d1dca92d762e342372a131ef70ca1c5297736b

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RSAB58HZ\hot_last_main[1].htm

    Filesize

    1KB

    MD5

    2d287b3334bbed7090d84a60fd9c6634

    SHA1

    8c660eaca037ff7f010b21d1ac3df617aa0d1b43

    SHA256

    35da6cd8a7624a793e905747e0901e18b50f8fb7f899672eed54c9e3bdc5f14a

    SHA512

    55602bfd264feecf8cedf6c15464d068bd620a739d44ec263bd6a8f48752af2bc6b0dd9dccc5cc5bd53c7b3fdddf351b381781ffc9d4455a0dbf6b78742ebcc9

  • C:\Users\Admin\AppData\Local\Temp\Cab3DDC.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar3ECF.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b