Analysis

  • max time kernel
    140s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 03:35

General

  • Target

    a3b183407d7b4610129de9b1e43cc155_JaffaCakes118.html

  • Size

    139KB

  • MD5

    a3b183407d7b4610129de9b1e43cc155

  • SHA1

    971709073e1f80c98184ecbc849d6dd30e0f6e08

  • SHA256

    840581b46d0e21d255a4bae838bae86fafdd6924283191512cd10827f3bea7bd

  • SHA512

    b5a7d400f4819389f44b59bcf4af31568aad12f63a24d76d5d730d70a71f56a479be0f53b70b906e914acdf1f2903b4a4a033f073cea28742ff1941485f128c8

  • SSDEEP

    1536:S4v8cF0IGln3RAmyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJA:S4Z0JhryfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3b183407d7b4610129de9b1e43cc155_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2164
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2164 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2716

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7cc67ee3f4379e69718a82b964aa9455

    SHA1

    a5827eb245887a2a49695c0e52209c02120408b8

    SHA256

    b3635ffc7b5abf203e8822857b80871f5c88b3ac382a9c6cb9d66c2fb40708b3

    SHA512

    a2b5d675276e121b24786fe47e6ee7f64ae61f1c47d13125e90bcf8973471d1d158623e6adde5cba33f1487a4252de484b8c74824f234741fac93bf89dedb2fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8df43bdf0356df494d7f642a436682ee

    SHA1

    86145609b99d216cededda994d4455842f9ae559

    SHA256

    2e797905cef7b0043a25ae84a16476bb001c1cb937f9ded4578cc3e66c8657d8

    SHA512

    de5af5055ac3ee5e772ca496c77a426ad252c00b79a022f6a9a9461a79363a370eff006bb213de61193afc11d4f24e5c9de83cae4e5c78fa9f7957a1e8ce9ed8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    167358d26db9ef4fcd30270031deb12c

    SHA1

    f1e33d0d4dd3f2fb50da6cb12760dcf86c6e26a9

    SHA256

    9a2458ad0cd7a25c1fbd4235f43eaa86b62127994b1cd5387828d58c9b62b8af

    SHA512

    af068007eda87bfb9439372e0f364d0891a69176715968b89fbff498ecffa2d094a9b48b153fa059485878ef8362ddb4dc106d922a9d7f657e5c532a18185ddd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    192bb2f10b0440cef19326dbe298c7f2

    SHA1

    b34dc56065d0bd4fe92135be734b695db7de67b1

    SHA256

    2d609562f84b79b6cad9e0704e70ec17fad392ee7e69afebd25b35d5f3a96956

    SHA512

    0cb96d80b0d45136a9d90022952231ad2e4558b76307deeb35442e2d820bfc2bad4a08ab42ccfc4956856b7d2cd84cba0a146c636dcfc316c12e8ffa1b0994a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    010c454c8a6d9872c24416cc624a93ac

    SHA1

    24c2dc4b424f94ff638c8d2aca44b58f70e06539

    SHA256

    e145df63db6d2d573011fcdd7d2dd75c5bdf914b5a34c9197c42a7b027780ffe

    SHA512

    4d94f0187d422490a0e73b33bd9b2fef84d6289e25299c2e4bd38f1e20f7f76e6eaeb0f88201b79beaa95623ae167f2148d243c55f8e8f31d79fbfdd2e86cbd4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d07fd468b99f1bbc02a569866417bcb8

    SHA1

    2ccd735c9e0436b91da872c3ebd15a237900b018

    SHA256

    16d55e71278515e7ac4f1e035fd6fb1b011ed07e170173651c3cc7bf53a0103b

    SHA512

    b2c535ceb1ee492fbb1fbe8267e1a6ce2040165aa2caa331f1b21dfb94b91d6cc0adddff5f44e47fb0e28d39e07f7a4a74c445ac7ba25327c6f7290863238b4a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eebde003566eb73ec4efe789746a2ce2

    SHA1

    52536cabd3cea020fa855892bddaaf38c5a640c4

    SHA256

    071a643269c6516256398d8d968507ea59d6f45d6c676ba373f89db558603dda

    SHA512

    01cd975c529d0ee5be9575a04f2248ab7de865db2e0149590b69232a575913d6ee9bce4e9709e70a9105374606b9f72287d451f131e9da067d01e3b0a5935553

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    075e8b8ccadb758269a178e805e8ba63

    SHA1

    0addcb0517ded65fd872e0970b0b5da3d5bc862c

    SHA256

    f8bd2bdfc4803b53530a851f71976ddb8b2a5d5718f7deadad1d83e217f570d0

    SHA512

    82104205bd169f9a38213d8f659a371a8aff7553141d601272ccc05491e8de4757cdb6a5e9d8e791ffdf2657be49c75a93a6f3b7b756a3338fcfaec229a3a6eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9f288b88ef125d57db51e3b69fe101c5

    SHA1

    dbc388785b89bf3cf40a23573f47c56c2292f6d8

    SHA256

    53c235365a6e255bddedb0806e6d5a477251f784c570f36a6a6c6c71661190be

    SHA512

    4df1eba5b07d740ff92461bf7375548888c993488ce73f07c6c38988e40bc56c328259e937a3d2c9e180a874b484f2e9cf909fd3551f8acac5f045c53e829ce5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ecf11107592107268ce26782f23e3d96

    SHA1

    033347b172571b2c3323ee87d7e1d4491151eb1e

    SHA256

    0427ceaf2c68fb1a7d3132e83e2056da8799ef0b51191404d3514a0595f2f701

    SHA512

    33e5ef811091a4446a705239eb661c6743116cde697e7d75a42bc5ee154e51adb915f0c4ba8e615bca2ad28d9b4c618fddcd9ea9a2dfc414b6a7441f257b3756

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9fc17ac5f0d56eb90a8f53dd107bf381

    SHA1

    6316f6bcbf4de1230ab11b6d42ef9cea9b7d9a13

    SHA256

    e18a876b18b233fefcb40defca5f062968169b90c4dfda998619c428d4816e10

    SHA512

    9167cf094b79fc22febc47a234360b5661ba4eca03cbec8bd0170f5a32b592db27238a74a731af3cc7013c41dfb9a9bd23bea3c212d0d87e00a2cfb60a97488b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e612aee97bffe606881640f7cdb48c49

    SHA1

    32b63128ca349ce9d6c02ba620f1ccbafc070d35

    SHA256

    bb950d130f05fb48b4b5757bed1e33330cd8ad49180c3ced9dfbdfdb47bca378

    SHA512

    e3075d05d82de2408c271bc714157bac59d212b8945675562e18145728f96b90cbc19b99ec06c322ecf5838647f6c8f3e673df6f5952c4848e472372817c02ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c4e74ca1f9aa8b2d2ca715e14850a080

    SHA1

    fc579e00644cc9ba707cc2814040e9670fe99787

    SHA256

    6a76d7c1628780508c43e3e798f08fd60e92e4b1551c8674ba334bb317f29128

    SHA512

    1484462e880edd12af1a391538244d10c211d63714c4052e8efefca1fad4e739ed00bc67cf0e786c652baa8e7c2c42155d5443e94fd3bb37b557379d5bd97fde

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    17fb03f165c6b4fdeefa4c75a4183c59

    SHA1

    37529fb6c262a7400af2bc878196b2fd302fd599

    SHA256

    ec6e00dccfc2da292003a9e75ff8359edfa3d97f383391d840fa873009f2ce4f

    SHA512

    280705b5ed736c179fdf546e417bc6eeba0d4a919e5887827590478cb3faf517b93910324b9dd81b864ade184ffd7bd93543c9406d4ba34d69a34d7d4ed60693

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    db87ee6c7240fc40742cc556f29b3d62

    SHA1

    fcd5ad68c4bc577360ea187eba6188dd8d979aff

    SHA256

    66d235f7b5d5eddaea72bdaf791fb819bee9c21f6caf40abe06707b5587cfe34

    SHA512

    5b7e190d95f6efd26405a7b969ae23bb04d3967697a676e50050eec32cb032732fdfde0324d0d19297f7b03531e4cd3f28c5fa9cff9ad537599b97a7d20e37f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    762bbc63ed5d876da811bcd983edc2f5

    SHA1

    cfb0974548308a41f86f04058dca95d2fa568309

    SHA256

    56bde31f28b1e685102c9af89f779e8190a91fc179202a18eb0612ba8ac8ffcc

    SHA512

    3c26797f986cdbb03b26eee87a58f9f869fecde623f260fa440c822b3a7a2c9b6ed9874152e2d42c9da3ccd2353d0cf954ae930453dde95f70a3507b00401c79

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    beba00b92849e3e761b2415292a238d8

    SHA1

    3668411e97a8f8a2ad41110c565c55ba8d2455b4

    SHA256

    ef7ca9c6909404df1fdc1ffa04d6d2d66f512d532b6ddccbb77e11c001288f98

    SHA512

    435b8297b0a75d0bb16e6e4e5e03a14c9ac3cce23871cac9321f8f04d2e30d177f05c883b12d562d5ad89a3c449da1581252aca98522ef6630a50014cffa8809

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f1acf6ded5adfd893682b04440cba43d

    SHA1

    ec041c1175987228030ad0148cef44949f599f5a

    SHA256

    41419de5f2d0e969f8e855cab7bb528b9d3c73e4d5232dc0ae8befc688b1c577

    SHA512

    47778fd1f7b6883afe4b9c0e0a114b755ad8c129263b5d49d6baea58d6c050ce63f6aaceb20b9d7419a313326b0a1080b7cea36079ded14bae9aeb071c34e942

  • C:\Users\Admin\AppData\Local\Temp\Cab127A.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\Tar132C.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b