Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 02:18

General

  • Target

    a383448ec1a0471abd58198a42533e09_JaffaCakes118.html

  • Size

    16KB

  • MD5

    a383448ec1a0471abd58198a42533e09

  • SHA1

    6c691e4714493d9990b210837025a3296895d82c

  • SHA256

    34ad00c657c3e195e6cb61daac5e2423e4de2df1a159c6c63b9255863ebf4dcc

  • SHA512

    903b85c62014b52b42db829f1cc54599bac9a23355467eee5a6a6531c986e329ed4a410b6e54b1f8aa1418b18e8c6efdca835cb09a0615e897d7c19133b51df7

  • SSDEEP

    384:gvw/TvJ3xXd3W7dy9GgMx5AiEvgiEBixSJwWe70gWLrgUq:Nxa1Ai3dIUq

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a383448ec1a0471abd58198a42533e09_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2168
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2168 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1136

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    128a22ce0c1c4619d5db697ce5440710

    SHA1

    a8b59dfcd0d32d490b9c0c27ac31022f516e8e59

    SHA256

    fe25a855523dc0f670b45bd6555f759088520357f009ae0f036c12742ebd15f5

    SHA512

    d5f57c4d685030821b1eba5001289e574e8e19967ba16a492b0d8ddeea45957f9bc0f793c890edb85667a308fb3a0e218254cdd3b695c82f20414a3f8e025b28

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7017e77741db59899391d0f2b9e57d7f

    SHA1

    fe3086fcdbb5fbfe3df11312c19f9202840638be

    SHA256

    d1a6ac4324a079d82b2a429fa3fe83389d256a544c37147c18219637c86adb9f

    SHA512

    8a820b30a6fdc8fbd1e09bb3100cbf4bc885f30146772f4f5d0c14cb5ab0c4be06b70750ac7323fd368c7628dda66b6fbbe78fc7c87280421b20ab2c55f08241

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a5ecec05f166eed58991e3c19cbaf3f3

    SHA1

    907ea10e76120f85e37b4764f47afbcdfa3ba82e

    SHA256

    116ab4d8539f26c58977542e6b5820921305a6f70a60b4fd4e29c57579fa8301

    SHA512

    dbea7ea5c52b3b3fdaccf1372ae67bdccaececcc52a98af45a5ecde11ec1cef3df0acf3f405eb37e3aa0d82f37237440456ecacfe068b1de3f8f52aefded73d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    060342103543ab33e4912cee4955d62a

    SHA1

    d8d1b5f4e24e39b513598e24a94fc03e433708f8

    SHA256

    73bc802ee7d26fbd1e4e5f219d94a93389cc5227779c55ad0467a03aa604b980

    SHA512

    14ba0189d64e66592ccfd2927ae117b8217d199311724c8d11f2291c2ff61b34151da6a3eb712138ab01b1f2230eda25c745df2058465e25d0dca91fb39352ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    24072d87e9d5287c16f0a5f4a263f715

    SHA1

    4277e3a6ee7937eb83809e4438b6e23e9f770529

    SHA256

    8bdcf8167b9defa1285210b331eda585d60c7ded7eedbd7cf54bd1fdfea51e22

    SHA512

    386e91f5fd6c2e9dd623f55113302723e5f25d2b14fa868ad636e060d62f9f5c928fc5cb03297fb96c14b271af1c9d33c29785d18d3f953f344f7e5c9ccf08f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    90957a928228089e854dc45280844d84

    SHA1

    d5f53a84a69907c29e4fadfafb554e88f206bf33

    SHA256

    6ff3e1e8b414ef3e9d03a1d9b55a894e944d0d956125c8b85b498c6bd5eb5ea8

    SHA512

    9c9d43998b8986e610abc728467ef3f067ca25b9b08f790a218669126ab4d9a766ffd1289e9caffae10f7658000c17a1329c0985e50416f84f5f819f5e6dd099

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9135344534d3c344fe909f7ba5587511

    SHA1

    bb865110ec7679e20d1a7080e7f3b1bfc75d3afa

    SHA256

    cc91dba8c40a6b3b71497d1da024d37dcc664ff2c547cda86b6d3fa2ff9d50b7

    SHA512

    411a262ed344adf9e43a6596963361519e6afdf80e450adc78fabad29b1fbac22e7ab269c49f373c24f6b2acb5bbb71c52df226fcbb6ae360dc0097dd6365526

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7e153e2dfc43052007ed782dd1b7f943

    SHA1

    d7f5256ba0b829d2f8c9d5965ae7a57c6a65c457

    SHA256

    5bd7ff769f022980950ae5055f482307e0246c8fead47acba07ebb272f620670

    SHA512

    8fbd765e560f80929f66571de992b2084ad8dbdb472cf3134c5b53dc8fb054fe0a32de02e0fa868cfb0ad889348de0365d7a8e6b3f81ea3a915f0dd9cff52424

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8942ea36e7ee4e694b17763ec35b12ae

    SHA1

    ddd5f4f8f0cc20d0c96ce6a901ef5aff7b387a1d

    SHA256

    351564ff2fc4d98d2e9fbe68c8f5ad3271989c16dbb5d123fd7fa98202d34fe9

    SHA512

    727039bb9485e0a0c8e25a83d4b903f9f0c3c9640336574bd0e45775689c107f194820f9813ef867da58b956bce70159bf38458ad8095a7aa3c75c944b1b0b80

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4cfc53d4840af28c14f9543061d1bb63

    SHA1

    289f8c4a164ba42b8cc49638326af9ed05c5ff8c

    SHA256

    948bb8e5169e5cacda1ddf60c0790f8673c77335461d3c128fb123c0aa543c25

    SHA512

    364277c40c82b643960cd53f2ec12f9126e0e8f883a5c4541afe15a3858be6b0b58b752173e8b7eee7659afddca72b813a0806114dca67a11700a3123e03cf33

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    62fac3adfc2f8d4d27e054859fef6421

    SHA1

    afb182570f57ac9a27640499c319c3535374d12c

    SHA256

    6a0439c207bd3cbb28517326f02543f3d5ec819ce9119362bac045125041fc77

    SHA512

    f6c38df84df4d07364420cf5323df25de801009f09597030db237ed5c55cbf42967a2724d946ca493e5d7d936bb061a3f91ffa3b975b493cac8a93f6990f9d3c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Tar218C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b