Analysis

  • max time kernel
    121s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 03:39

General

  • Target

    a3b392a9816cfcf98635d86571e610ae_JaffaCakes118.html

  • Size

    149KB

  • MD5

    a3b392a9816cfcf98635d86571e610ae

  • SHA1

    59c8a9dbec55c9ba7aa77b2f0e46cdff79a2044a

  • SHA256

    7a2d44847dd16be5ea4e315e3d4c858dbba0e6290ed6e7cd6c82d5e4d562273c

  • SHA512

    e584e9bbbdbd2cdb1556978f4be2aa138d32932407833186eb1fa224a5f465042c56966d67eb429766932878e6df92582aa639f5d1b29537b894e2970ffd9484

  • SSDEEP

    1536:Sp1Sbii3Br3XiEyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrk:SW3Br3XtyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3b392a9816cfcf98635d86571e610ae_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1888
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1888 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1988

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f2185cf8e2be473a2df0384b96ddc676

    SHA1

    853704f518b5f846d483d6211dae23d43d0b85cc

    SHA256

    8f8fd1f60b3428f1f28cabdc766c977b0ac770f1e39403cbfee638ac15ec20d0

    SHA512

    824bdd5af877332e2b6b6f807a02292acd0574ac554cf68ad376cf8c6e7a9b7973a5d2fa84afd932f8be98a2ebe49086922cf9aac0ec3647269dfdd1f46ad864

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e39725ff742b7bacab6df098edae8728

    SHA1

    75ee4008bb3765c36efe59e59f1df786886a8695

    SHA256

    d048db524fa9679880b2e92b0f5c26d94ed852ebcb16b303ab30179dc409d669

    SHA512

    0d45d3c51e158da2ed84474029e44ed65c8eff05b8a91fdb580f12a2fbf9d218b848ca00c7726b8672f0497941cb24db3fbdbc2b302408471ce6b98d7f1aafae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fb57c1351b8b4ec8bd2fb649d4bd4ce1

    SHA1

    fd3829d0864596641ccacae6f09377d5864a9400

    SHA256

    51e53a5a606d66078df7be5d16547f4f61ea243d7fd7333c7da8eb17704b264f

    SHA512

    824400cb8dd07288d94a531b3a1961a3ad422e6076c87304710b2217a4516df5b426bb5920f71cf840ef3e32cc15831ed2d9e9511aef470ea22c379492107e9b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    362de3c8d83d4882bfec4b199b636ead

    SHA1

    b3845f68fdbc3a4d8f04d6c08f41225cbb79258e

    SHA256

    ad8f8d67303fdb1fcd12a0f8352e760708d00c9a86fed583a46732f896725b00

    SHA512

    018ee22817f71088c3e006bf6354a8a97368a857fa8bda24d9739a9fe06ab1608ae432510517822a0518659cd0e581ebc53a40214021a7f9b9480be93a29c980

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dd2acde0cdf472c910f8d38861a9f1d0

    SHA1

    b56dbe307ed41319c551fe3a715eb37981de2c11

    SHA256

    8cbcfc5f7e01b36e14503dc931f8d682129b5ec6bd90293357b49c9031d8ccae

    SHA512

    0c5c74f5048d47e982413cddedeabb430d123bb5f4f2d44e186a2e47434f84f097e16638e439cad9b2d1b6f6c290876880199e07d4bc26643cca6c170f8f3abb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c7242e163c61e57f6c85b2e9ca6d651

    SHA1

    a2bcd958f841193cb2aa4fc05291253b326dfd91

    SHA256

    4edfe78b2e56f7d598fec875a453ed56fd26a4a4a3467cc5740a167e4d5272ed

    SHA512

    c7598c25ad729c14ab38ca7ad168a2430fac227743329f0d2923751a640d493064ca8ba05e60234e0b4255dfebf3cf45b5539d0ad8d7af7c98b9cc8c6d8eee2f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    202085593dfd4c1f970ace3f0dab51aa

    SHA1

    16efbd88f52dd1fe1df1e50adb59f4c0473fd57b

    SHA256

    fcd536c88cc9ef7764977dbeccd63015534d19933a9b5f8dc9484d2852cc812e

    SHA512

    9672cdedf9e8506782ef91339b3c7f82400422e3353d61c5fd271f88a7f83b27d661796bdbc955cf3026b3c9ee95978f450d1270e052c4db2e26cedf0ee67594

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    57fb366d17fb8cf76d54fdd8e901d44d

    SHA1

    6a3d8347c61460c711ca34c50e53983b04208148

    SHA256

    5f004f02017e29a0e1c01f28325c356e416b924f3c20b512abc3346efa677c7f

    SHA512

    773fe4a6ad9e74371b3b5c46cf1d6c0564b6d636cf864f7b5ec3943cb741d02c819820eb3692bc2ea091502e8117d45a623877bf478a2cd7d0c64697bc1e409b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    95f144a628213f97f5f13f6bdbd4e217

    SHA1

    94cc908c11a0a2f4d0ee6229b41049b3a8c48d33

    SHA256

    31fa437086eb6413f0368e08cf098023b5e0377d009ff8f47fcb5ee6ac800844

    SHA512

    b7d727aa66e1154465eed3767bb0c38498d7dfd5d6c6b640478b7b8adeb854f4c5ab0d8fd579921f42e5c56a5a82e600bb91b9f0584e8aa50cdfca3b5b861c94

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a4537d5e95e26da5e2ae28759a69d9c5

    SHA1

    b64cc2f4b145ef40a9b2a76d86dbbadef018d806

    SHA256

    dafd7692e7251cf11ac07d390903c7b4e6dc14af2a8e6e77c6bf9f8653216c1a

    SHA512

    24186e35ca24a4b07bc271385e9c7b090ec14baa7d9d446e4c9fcb60e34c62c0947683f7429a3e382c92fc2c9e540f74a7bb79a955a20cac626808731b9be737

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0a872dfb7209bada97a644f41fa06c93

    SHA1

    262daa2ec00171b84c96c77d3538f3ccc2635fce

    SHA256

    edb7819b54763716f7fedf35bbb327d55263e3adb30853decaf98f306ff2b1dc

    SHA512

    885ff10d40c858d39da00106c240aacc0000c196d1a2db952768fec3eaddba46acdaa58cb2b03b997faf884c1284ed8ec088319f21315d96736f68b244cfa2cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    70b2df6720095fd4826576faf88ca2a9

    SHA1

    68f3eaec4b3e77dd247d065ade25068d5f645090

    SHA256

    90968777b0d22e4e5712b32fa83bc70dfde20f2f1bd6ae948db3fb5cb7daac2c

    SHA512

    9f1d460ada844c42867be44e6d13570746de8219ec0436a85fbc15b32c2342e028036e0470d69fba7f1ac84a8f496820e56795edf3898423f013a5a8de0ef33c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9287c2f01789fd8273319665ce06cae

    SHA1

    1c92e4bce5bb53406cd4b31640da2f5a2c0fe7f5

    SHA256

    a8dd28b6d71d454c33f46d119e2ebefd41c705f4fdb503cabe4c1268d8670a4f

    SHA512

    c3af69f1489055d0fe676843ffa8a4ce820a1258397db41e27f78363fb52426b64542375e15466cfb5bf0ea73127ec88f9c45da69f54c6cdb6beb2af1d48bcb5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    356819a5c587d95770eedd2e4751cc22

    SHA1

    1cfea607441a8384d048a99f5b4e05918d533ee2

    SHA256

    616fca3eeda5b5e01292acf971d015eb3df8e517a3bfde100f1817fff9ab927f

    SHA512

    1a6da843d033ffef86f2665ac0a52727b1640d7f7b0020da24b96f501bfdfc3666e58f0e4a9723bc0974d5e50c9ffd0eefeff501c077961881ce6d3500939ac5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    870ed95727ee5ffd9ebd13c34752d23e

    SHA1

    53bfb027950cc4899678848581186e669a3b98ab

    SHA256

    bc97043cb12b3ab3e62aa3b5ecc1c89ce100cd61b5361a5612765970628d05e4

    SHA512

    3c42aaf2d55a999dcfca3540d1c0b1b118a04f76f83b6bf256c7f6518682ad2880aaa4e77bbac6ec233c3e80757818c26f1d3f09646e1614a7c62fcf8aa75e69

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fe249709fc87b94f2ae37bd8bd101339

    SHA1

    79162ec0d59bf9d7eb36ac21865f39b0458d5581

    SHA256

    a3c2430256286c9e045bb6fe07afe4310b8dc0b7bddebfddedb30ab506fc543a

    SHA512

    799df1ce3b236972a947a4dfe39e638b4108a190808c9f8c3c0db23f485f722ed114fe436a030558a2a34d77252a264f97669326c71d1d911e059448fc6301ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5a18d317e68f67032bf919b18f873f9c

    SHA1

    9b8315007156c6ea2618420ca30a187acad486d8

    SHA256

    d389bddf24655e5fd54b6b14022984a4f1c1561c5294dab3f1482d2412002281

    SHA512

    b5b0cc2c5abd82dfb34e3852d6cfe22ccad9446ad36fede02e66e0eba2c8eb4d1d7276a87b54eae7f294c000a74bd4d82643799b6b9221476db4fc73fcd6f1b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    219facbcb3e33281f849d1cd6a7a0c8d

    SHA1

    c495418e1931b455d359a0b8b5e038285eefaf19

    SHA256

    036ef7128df1fb99dd0a5dfbb11e8bd0b28229d684c0f661c3a5b14e73f0a162

    SHA512

    f0165edfa5eb88480157031dafe2008767d5e962b0e8885db87536a9260cab287beef76898f2cbb2eb6e12a8500c30a39e910e725324270925be5be263b22296

  • C:\Users\Admin\AppData\Local\Temp\Cab4EDD.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar4FC0.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b