Analysis

  • max time kernel
    119s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 02:18

General

  • Target

    a3837acdfab845de4186571e77044d04_JaffaCakes118.html

  • Size

    20KB

  • MD5

    a3837acdfab845de4186571e77044d04

  • SHA1

    7f21697cf82ae4e66817273f4f1b8b0355c8b53c

  • SHA256

    39de382c09eb57486cfc082fee6562b5cfc212574e8bcdf8f42b4332617908a1

  • SHA512

    a29ee123af4366234a8f9d7a8c6dede0feab3ceafab49597aef02633d5d2b584c3f4436a4fa0a518c56292845b543b0513a60e966ff2ac3aa43308ee1c2d604d

  • SSDEEP

    384:NduQp2GFEenjx8xDxXoOnnhw+rk7W36tI:KGROnnhtrkK

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3837acdfab845de4186571e77044d04_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1876
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1876 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2548

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\1A09941071BB40771F697A914CAEFFD1

    Filesize

    503B

    MD5

    f31f6fd0d0a88e39b78d65ea9679fbb9

    SHA1

    f4d4075bb1b2aa2b446eb9c654de191cd768c7d0

    SHA256

    2cb544dc0ef352fc2820cc9aa8a9870e15cfe5af144bf4fae4d0540948637706

    SHA512

    4673d55c152835bfa37920c46e8d8ae6a4b0078661185c05ae96fcd5ea917356f19fa047961193e67797983cd2b0c090346d771840bd512cd3cb4e8de06f51ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ac85dbd0a60536c3092c0a60ce6d574e

    SHA1

    d8ab93324d798cc9c54c4dba35c1cb208ad66b98

    SHA256

    efd7d20acdd2788d0f383137dbe83c5b3ea8b5b3ab96c01a8fd3ead2781005bd

    SHA512

    d91410e45f9740531bf9d39a0beee3cef204f2977ff902b8fd9898a895db66ba53e680b4a5ef6bbecb4648df15af3378c79c6314e40ddb06f8dd3ac55b6a6648

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cb31b1e80d91425b0ced51f2292209fc

    SHA1

    d1f2d6c630e0cb53675592cc843b39bcc9832ed8

    SHA256

    17c716739aff418932c27f5f7794a23821189c6a4324b0a8b70811ff29fe66b4

    SHA512

    4e1603fb15ba77cf90a6c119ef6b84c7246e37c13504b06e1270b9e60790c820f8ee7a6329787c31f39caca94ba22583075cec162db72244dc3d544d27c307fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d627f3ff23182e21c6ca92a1211b0da2

    SHA1

    e237f5de4aafb4f29a33f9145e3d308874757b14

    SHA256

    ec10cea1a408603e5cbe63af311860a4532dfae14e2c268e8f782b5db9c1cb28

    SHA512

    65ebc7feadb13ca46ffa2159c32ee6abd824a8aa79a988dad13e6139e4a65f9d58fb3c5836690d58a5454f62f246e1d0dcea034b835ead0ac8e1b07bcc7cf1a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9472a2f4ec9db9a0a6a8fdeee38b0557

    SHA1

    9bfa457ca21b89026a57a201c254684ef1f9f898

    SHA256

    8ca1f136cf7a88c3986fe115660ddc4896ac1f843210e0420d2b42fae4916075

    SHA512

    e5aa8d48c409b12059ae7e2180a6abc7f3899275fdef8e589d9bbe2912b218d9a698d87b84f77a71c79edf1546df138724a5ba386230e591b72b5e1e0ac68076

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e441d2f69cb491d452f3379b2430f4a4

    SHA1

    3f9f91c75a556aa483a885c880d6b24b84da60f8

    SHA256

    ca05d7c5b33f0104c380cb60b713a6a585a7bcc4bf9d4b5e5554e33d9ba9e63c

    SHA512

    c6865163306dd14ce07497d6cd50fbbb1dbc39d75a07440f067d4de7652e9e831241a8d24b291e3dc18b7c6eff5390457d5957a68e3f9064ef231343bd374702

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d094da23abfe78377a4fe1b533e9618c

    SHA1

    090e5f18387ad4d7da8cc8c5e6dc4331ef34c926

    SHA256

    8ed639605df5adc38e2aede643537bd758258f51a65a80ac9f6c9c69ad74d7bc

    SHA512

    7932b85a8eb56e0aad98d30dd8f58a0e86dc47e4aa47c2eab4eacdde539d699d38b7304564d58a4b05f2a00c438e89afaf448845d909b5b2065ce06fdd5cf2d8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7953ed5bda3419d3f9f77bbae0e88220

    SHA1

    e31724eee3acf74eacea2119a1407f93cb656212

    SHA256

    7b6012cac6e72ab85874c0e90b55b0eb097d9f258ae0ed40ef2f1aa0932ab632

    SHA512

    ba4f3739a830e19f1b10cd6b0823a8382ba34b816bd9dc172b96e6e41e039a3914f4247e6a10e477783b759e83e238fc9800af3be8c73af2936dee44877face1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    733267294356bec8470d5b9e50b7df78

    SHA1

    7974122bdd8b301afecdc92ae5780a77864e00d3

    SHA256

    faf5480cd93bcaedb90cde71680b44e616c019a9f84de256e67f14d431e042a7

    SHA512

    1d8eab8b3229230a1f9d56f0773c1f78f36c416b933435a426218de8058aaca9595af2c69e94361725c781a3e38ab958eb617a76c35cd798a66b5ff495bd1fe6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4539df2221cff27a17af7731f2d73c77

    SHA1

    77b8b007265bd107d7261fb99b43ff0355e46a27

    SHA256

    e6e720a444f8f2647478c7ad3eca562b36745c891a69d6e5a2c1ec2738a4b376

    SHA512

    d4799f331028893d57a355319e54cce4887857c550e0c5d67c9a746442e7bbcfa805ee8aaa4ea1c44e0cec402019fc331c906a146c20f6a760708f1acd834803

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    88d36ac9ecc50d38d186d0a421c62bcf

    SHA1

    dfd2ffc743d4e17a5bbe813b49fbfe7d18113bd4

    SHA256

    5f27f36377459afabee527cb7e6b45fdf9eecbd46acd8d560929ac5859283350

    SHA512

    a6dcf8c3c25b0c55134e3a42470005ca06160ac2bb68fd24cb7aebd4b9769eb113651816137c7d1b49bf38b4bec323253dfbe27a0192075be67709654f826715

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a55ad7a3365729ca7203ab1c8157d6b4

    SHA1

    edebcd15d0595b29a403d8bf9aa0ca14b36cf024

    SHA256

    3d8ac76baa46c81ca9803e33131c1788f941c64952f2454c76d9be44135a42d1

    SHA512

    056b1cbc6be05a1a729d41c2df8fadc4b9d03a0aafdb544503093aa90118dcc0aa34c9a6b7094f3963d497d05af4ec64ba42bc38517b5e8dc2b5678b75f894f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fcd0079415d95796a6df3e7e2d1187da

    SHA1

    7041bfff1579ae6e3b139a8cee0ca5a941006519

    SHA256

    2f48f857fde169cb60f98135f486631dd698a5a1473684923a55943c70427435

    SHA512

    2cd6be72a481fd888326616fa2fd39542850a3ee1272d28cc9ea591831febc26e8296ab83a7ef843c76aba76a7d4ad9d4c037c99af77e99938dc2c0d5733b80f

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8DU897P\menu.min[1].htm

    Filesize

    162B

    MD5

    4f8e702cc244ec5d4de32740c0ecbd97

    SHA1

    3adb1f02d5b6054de0046e367c1d687b6cdf7aff

    SHA256

    9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

    SHA512

    21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f

  • C:\Users\Admin\AppData\Local\Temp\CabD78C.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarD78E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b