Analysis

  • max time kernel
    136s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 03:39

General

  • Target

    a3b35e3946fa0f6f5a91e758a993f045_JaffaCakes118.html

  • Size

    70KB

  • MD5

    a3b35e3946fa0f6f5a91e758a993f045

  • SHA1

    5cf7d8dc3fa0e3048a1a1b8efe237354725aba60

  • SHA256

    78742ee95251eacc1794b000c67ee5192e4a649dfce7af15a7b699aa4185bdde

  • SHA512

    387b5881f0bddcf59489fff5b0ab36ae27cf8d4ff6d8584f0e45bf3118a3f18c187e470e4c9c5220e5f6cb1df090f5aed0e22d5927faab2d8c25c88770e9d25a

  • SSDEEP

    768:JiPgcMiR3sI2PDDnX0g6sz64k6FoTyS1wCZkoTyMdtbBnfBgN8/lboi2hcpQFVGo:JlWTzNen0tbrga94hcuNnQC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3b35e3946fa0f6f5a91e758a993f045_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2140
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2140 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2236

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f9fd7c133af97d1450d59cf221677b86

    SHA1

    168c773721c90fe496bc5f01d9dbb3e05b33d94c

    SHA256

    967f9e9766d1e60d3f8d9a2adf5567c3188717687d69b6be15a5f57d3712652f

    SHA512

    628662ca721bc4f07c3a36593884cb8fe0f3197cd1c844a812783b59dbda4be65881c1956c3b277493c500986b8a0165453ebba9af64db32402685210c2a4a36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    029d22827d1c3ce0ff04f793302238cd

    SHA1

    861f7f1affc19d72e37874085e3b97609a9010b1

    SHA256

    39e09ad6d05280106976c863be9cd299e1d59b9b0ea8b4e72271394d4366c47e

    SHA512

    a2f3d99774aabf9153bdf69ad9e370ac4e29f38cdbeb733e9efc87f415c8976e59a737c1881f1b30df01d3834d1da531dc7c291faf37a01dbc3f525a66332698

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    00b4582f60007ee8ecde1068a47836a3

    SHA1

    5002fd87cbb4130112efaca9f256926566caaa40

    SHA256

    9eaac69f773e392444fe13ac2be947535e377513b0551a240609542b5501661c

    SHA512

    a01aea07ef25612240eff5df01f8198fa6ce6a007570cfc42209c294f1b9f499b561954039cbd36b2da18ea97fe95e3aea705da9a2190514e692073b846bc30a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    07b925345f7ed50007155af893e85393

    SHA1

    d3c10e4dd3e0f1e9ecc5d742a9154e2b33d1219c

    SHA256

    0ffac36fc22906cf41effd9db1ef703673668583f4762668f73e5380860747a1

    SHA512

    6b424618df8696385d0e1b46b7f37c06a69d460e4b60db3459c58e57bd9af4e86aa9693a7a94597e60cd5e948cce40fb31eea31b89e3b0f9042b11266f768201

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ae9bd0044b10d90c2fee97e392a905a1

    SHA1

    b9daeadfd938ff39277502675b25ffae2a567ec2

    SHA256

    22ea69b75bbb9c34ef627d18176e022fc268dc2bdf03d0964732410a6beb320c

    SHA512

    7b2e46f4c8c9397ac3e181288a42d76e6e142bf7b650f383c9acda57ccd71df6cd04ccce6a4e350eff3ce32f6af9be8429378a2771be3be87c9227c294a226ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4f6f4da79f29435e02d6e3b0767ea3ff

    SHA1

    aadca3244c9f97c5dd14cc8e3da834746c6cf8e9

    SHA256

    99aeb8da71de96df797e84623d6bb4790f2d4205f8c14059e6af6d9820a30780

    SHA512

    0c444175dd6ca9fd2470f787e758c8a6390351705a52a25fe4ccb563bb085daac5ed68afb82f8d1fedc855df1d815e152831a75d7acba8902d82e95b94cf59eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    88f2c7524176ecce0c10783fc8905505

    SHA1

    32047a8a4575be79c0b7175ccbd6564efb73d507

    SHA256

    79ab4b1ca7a1548cf7a624f598547a701f9fa8416f74dc772c445860709417c8

    SHA512

    f6e2041708268a9d8c2c2689ceff15ae1952e291ac67b20ccd40db0ae7ddca14e7ec217bd1edd0cfe8440665bad05739c0b750d3877d91df394f3cdfc343d1c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a3c52789cd084d631ec7fce58ff7c84b

    SHA1

    071dbce07616d61fbaddaf459e8253f5f39a2e3e

    SHA256

    4767c7049bab0df64972a958c4c8bd8830c1f3dc18352d41145aa3911542fc4e

    SHA512

    9cf73ab84eb3768b57acdb69353861bbbf7d556cc0d366e53510d3e9223547f025c36268f029d6e9dab700e326aabdc3fa729bfce49748f99bfaee82d7aa4b43

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    046b05e843aa0fb60c2c47b864fd1185

    SHA1

    2a49f1c12630e1107d6313f02eb10f385c464c4a

    SHA256

    dd69096ac007b8b6ec490c275b1af2133a42898078a4c9c10b892420f95b17c8

    SHA512

    658ad34d5a1d36fe3c0f84bcf886d6ce27785e4c636db4d998b10695fd4b9d03e4d59c858b348560c28f4e86a3c9c433d08d7f252c779a8ae33274c2acf952fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    598a3b6c55be89e914ae136b50e40140

    SHA1

    c7c67a77563f279194759b4eb5a443e72c23ed94

    SHA256

    996063ce3aae2d608b275538a8b7f30e61fddb8138593be21d5e8fee780ba52f

    SHA512

    55841f3b623f2dbaff00fa6d1ec1aa82c61c1e74451f6bb3543c9f0b5b6476e40954ec0dc492bb8e0e354ac63395db01e77a58fcd574d448164b8f82f5c3a4c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dde1a4ed8fb3f7ff1aa6141facd8b281

    SHA1

    a7e73c8b63c5e1cce869fd8a78f821d7311b96c3

    SHA256

    7841641700bb505baaabfe772b4d6d966d63a67e84e7fa37549aaf5786bb4d8c

    SHA512

    2bd179eca24ca677b4189a4f6de6f48ad9edb97fab7c0e7dd74b36a741e5e96f1114209795591db792f850d1103841a7039c594e5eda9aecb75b6ae0d83f01da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    774ee0561ce06c0f5ab76dd2d59c4a27

    SHA1

    00f30c49c574f1b871054bc2836b67aeda45e800

    SHA256

    01a6f4a4b96c27bbf103f4457803473e7ccf82253ad786c685a889f27ebc923b

    SHA512

    e070d8424fd21c622b46fac772ed5d4c0004352afc4fef94f7c494a79d7daf4be38d36de62cb1ead666e033d2e672001a7624aba22cef0229965b799951b59a4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    90faa8e52a8b3080563a2b3811a32df3

    SHA1

    8ea914bea4847f83e934c50f5fe86888575bf0cc

    SHA256

    570b20a7c533dd7f650bb5eaf57f7943ff7d8f95f3e63974b813b4cf3a14bf80

    SHA512

    2fcf0f2491170237878b0038fd141e2c6a661c0c6c4388539052a05028ff8bbb184bd80c7b74c1ee3defb3f883600e7fb719195e241245b0c2996e57ed62428f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f19b70669234d46a36442b6caf6a769

    SHA1

    4f0ac3a870a77c7e524b464f7eb689c8596d7d6a

    SHA256

    487fee15c8712a1a11714a5b068d94ed51dc68f2ebc4f59ad749daa580573f11

    SHA512

    d7048a93dbfdebe8052779b9e959692c81f95b343e00e65f9247faad13c799ae232f0c8d2db9501586f0c16962a20141f217839e083864599ea9bd0f8a0cce3b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6fd4974f6dbf7b4873f1afd2df3778a9

    SHA1

    2d2108b2375a2d7ef058991b550c32ec25804b23

    SHA256

    1da08114c9a58296662171040617670abe826644eb8ab00e8db57a95fa7a6d68

    SHA512

    61c04a6bd7e02603295e56fbea12ba0ad8cdea6eeef83603e0e3767f8ba9c08bcbfca2d3a7819656f86e39d3e93d555a8b49fc42fdd62847e9062975f5542caa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    052db53a0aeb1860963b8bebdec15e63

    SHA1

    9b99503b5b6ca37f615bf6d69fa506c45c102b7d

    SHA256

    ab9d3fdc48b3d74bf806f8b0c3693ece373a7e31f7cbd6cf4e4713b32932afe8

    SHA512

    3b442fd56293e5e472f140dab43a369783c1f20a0b94c3550e16ce47cc722cf1ea4ed78753cb8f1114fb23cce9085bbfcf32a2b6495305b059f4dfd7c98836f2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    308c2a3301bfbbcf72ccd2fc2eca7ec8

    SHA1

    7058556b4ea8e101950ea38d15bf59fb50bd6800

    SHA256

    06ba0fa142c087ecc282a2cb727f382b24a73cf786d83f415763e31cc2a2988f

    SHA512

    37029e6e45497100bb4f51bee2c3ae6d4c699527cc0876af87dd0993455587bbe63ef6107a6b606e8eaad9e0f43bad19ef8675147e6043fb645a0c9f02047b88

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15c84d58264afca2ddb4672e052cedc7

    SHA1

    cf77e41ee3649959f320b3f215fd467b0cb1d0d4

    SHA256

    fa6817a8776c86de4c3aad237ffb68cb5ecd6dbe0534850b850700210b1f8f5b

    SHA512

    eb3eb94f7991a47e7536c87621a8f143342160515bc2931e2d07cff5ef90c644f9031d6363a928b8ec9f5e5f9f351df795aa9e00f7bf1b0fa378263a57116338

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dfb3b01e31e70be855e88743a94cb9c4

    SHA1

    2699684aad4b09fda09ff49396584de20f237e96

    SHA256

    4c3b0235320fea0bee7925f881f7e1bef73c8916a714fda1ff1474489b3024ed

    SHA512

    4f09c99ef70431533b23164b1e434fdda5fabee7a19a769e79c2ff0d469d3bdb24d6a52df600745b8990dc3de390f44e4d8e67cb0db369a87bc489490cc29805

  • C:\Users\Admin\AppData\Local\Temp\Cab276F.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\Tar2833.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b