Analysis

  • max time kernel
    141s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 02:53

General

  • Target

    a398677fca27b12d89b0a93d02e826b1_JaffaCakes118.html

  • Size

    67KB

  • MD5

    a398677fca27b12d89b0a93d02e826b1

  • SHA1

    4dec040f41bffda06d6980106e26d51b474267cb

  • SHA256

    48939f78fe01da5f154eb76b0de1ff6b067530ed73dd222044fa3b07bfcbc173

  • SHA512

    4bc4b7e3df843528d49b1e9872e94cfc9c9326128bc2807a0047c4c17ced8fd241e1f0e5dd3aed7aa3f8b4f7fa70e4caf37e584936b81b41da451548cbb90c1b

  • SSDEEP

    768:JiegcMiR3sI2PDDnX0g6hvOhgoTyUZwCZkoTyMdtbBnfBgN8/lboi2hcpQFVG8sM:Jgh9TbZen0tbrga94hcuNnQC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a398677fca27b12d89b0a93d02e826b1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1740
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1740 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2984

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e05a06511fa45a819738a53b80a995f

    SHA1

    ef1479741182a6259416d934ffcd2848c1f7c747

    SHA256

    d097cc03aff63a34e5ece6913e1f79fa68563736c6bba93fe2c15c847f69e00b

    SHA512

    0c2f9ce07508998fed2efec120a81d34fe08dcd09f2a749398179bec485549e31b6e88dfa498072e2781b1bae147f6433ff884b08e858de0b155c69e7205ded5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ebab168b3087d15048790111e56eadbd

    SHA1

    bce09ee8385317d2de6d83633dbbf83989c41394

    SHA256

    89ef45bc6d2243de24afe28de35b0627a60c370af9672c29eb2f58d726cf465d

    SHA512

    1e7e58ea0591a35387cd3ddf5d0ce84568f36fb8927b417b6903cc3ee4d79c1bbc113ada97e1bebfdf89db6808c307df12c35cede9937c137d2f6a0292f830dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1e9ec50a704ef06eae750e576e994d89

    SHA1

    8c8c57f514a545f3570582f57324bcb3bb649ef4

    SHA256

    575081770590b0d18329c2ef94f372f2533ad08fc2e31c8c9b84637a98caddb9

    SHA512

    b323aefb2a583baa31cf2e7f84846ada951a49b58ca99e1e0b7df140cb2c34efbe24395c2c5e3588c8807210526d6c565685f91db6656ffa8f9568c53ef1d92e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e846f7d2ae7d4456069238c4735167a

    SHA1

    5d3898e798d072bec11a5a03800c5c24c96a57c9

    SHA256

    a82c60670d25b188a4c684c706d5507a75710bc268ee14a51c5a5ecb1390031e

    SHA512

    c522a014d2b47842f4079dac2611ff42ae7f9bd8315db5b8e8db24081a45b7b864e4ac808454a3eae0d4319c90f432ea2b73c1f8116c146aeac83679a4acfc00

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bdc229dafded44cdfd6ebf5165c3b5c6

    SHA1

    47be3792595fc6b65a53861a9d3caca516d187b0

    SHA256

    95014638657419c4953c5be3cde03f2d9fea0f29815072281d1125cb325756c5

    SHA512

    99393858c0a951c85a98797db9370093094a34092513f9cebbf90a9f49f7cd514ac77d23c43c117e0855f1cc060d2fc03db5a5b7897df37e7a810d9c66c5db37

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    97874723e7c05e1f49e93194d31d7535

    SHA1

    014c9628db91ab06f2eb7162dffa43c1daf4510a

    SHA256

    df2d2a32823fac3fc0229a28a98d7d61cb6a9d30625d78f75eb02b4c0032efe1

    SHA512

    c44ce9749eb18e3f4282ece64f18a169e2769a3b0d61f7505ecda43ade21aadcbdb660df0198ac2e2def640f3e3b55f36b1d206e767018017e673308bab44345

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f362c4530a3a5cfce2c24dbb856dc9e

    SHA1

    87cc31e7b1879ce7e6eb177982f504acae1ed314

    SHA256

    516ecca6b32d34e46c98762ec9f384aab9a54e17f6448a055ea71cf22eb2e1e2

    SHA512

    3a0d53c27e8ba895adf622ce259aea63eba127e94e1ecdd0508a223145b0203755ebb23bdfca778e10492395dbed40c8c3946638fbe27e896eb8732aafc7df9c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5695c1739a791cd3277ee6b5dc2b59fd

    SHA1

    89b4c9878053d6271f85c3f706d3fecbe3cb9da6

    SHA256

    8f3a4bed800e7731f1d5c93c5600facc1f6df000f59a670e54b15e730a0b3bd7

    SHA512

    fe862c80e91e2c6b0fb7b71b932b542a2227e9ba5ed0a15cb407e61424a48aeafbfa8a8e33a1f538edd7674eff5d58fbbee2237aca59606fc5272b1417f20222

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    84dfe879f009b8d6830c34ecb1874950

    SHA1

    3f6b3d34a43aeeb545de5e63b5085bbeac4a48a3

    SHA256

    e7190f870a1b0a8a09ff7841903e6cbf66d75fb76451a7520d56b0f665a676d7

    SHA512

    dcf7dd187e0d9be969293f4eeedd25d9b49e85735497188425d55eb3853adffd00313bea093217201e9019a244c96f2e563a957cfb061848823547b161004b26

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d6e3d35dee29f5b2e1c5559d837f07f0

    SHA1

    d5f88031fed1e3459812887c5cd8960df91a8cd0

    SHA256

    02eb2e91bda4f6cc5b982af0602059d3065ef987dc79fa454af4dd4500985dda

    SHA512

    679e32c0f48eaf8dec2087ef59db3830dcc9a1c4e75c7034ba3dcf7030dc98ed4a304b928e8a8bc3ff7623944c5c30006e1a1e4bd86db452a2ce0094cd41bc88

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    44ebbb22bf19b49291a897896b453f98

    SHA1

    fed48321888904007d69295c8dffb57b9ca6f9f9

    SHA256

    d7efd5e1e0f78fa9b66a3eed8f391d7442295637336edd54a6c40c0fb9a74986

    SHA512

    ccdd81c950bbd64815e9164400535a00594fa54f47dc95f72ca7ecd4ffb522009f31a34b28e00c847950976986856069b428b7ddd07a9f699b69c8635806cb20

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    304224314e505b6fc7802723940244cb

    SHA1

    34d405d63137388c6bca96425ecb5708a7cf1926

    SHA256

    ab7847aebd72ea36f282a30fa0571db31ca78d8df83a19c555343f54740369ac

    SHA512

    4d118abdb3d9e916452123a0c50efb85afb45908b76ca52a7db9b2f360b8413ac2ad91e347adae7e7c00e223a5efcd848986cb38d835529f56ae441496d4ab96

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    75bbf41be889c7bb9638db9e293498d5

    SHA1

    3edc4c0ce369a24226d76c06dbd19798dfdaa3d4

    SHA256

    99b3010b07754322f49ea7b93738cb163e420cf783e206fffe02a7ebaf18e3eb

    SHA512

    d82297e5503c50bf8387e2c7aaaee51d7dd5190e1ce785277ca81b0d18e86627cff03176d502dcc6a15b63a1098b680da8c6ac71828699a252726bd7fd6d06e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9b1bfff4d61e88f51f5cdb1f200afdd7

    SHA1

    e69243bb375e3a73e1d346b3d7612d0c7c8342ab

    SHA256

    33451998a32460d6e03f795eecd9d1d2051530e2a16fde14bda71c314f00d648

    SHA512

    4d786df89da6e4bc3369d2d00f254488b1598ef33113db04ee80d9306b3041f9515fe98d2e2753fee3d282de307f323c3c8c619da5acbd9abc778c881441145d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e76261fe730b6939b974b3d6c7378c6

    SHA1

    7b29e821c49cc6f1af20955a0c8f22b279771b70

    SHA256

    f83edabc559de43965dcca440a628bfb01f789074d767fc5a91e13fb91df6e4a

    SHA512

    911c12b1bdcb7e6d9c384dfa250b46778a9b1fabad3039b842d75ddb89c0ba5dc584f3b9e455996d9550d2736261474f35001fd49d4007b78587e39403a4b08f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a34b3e5b2c17fbdd9037a2c51357735c

    SHA1

    b7f3c2394ddff9cfbee8334104ac47301e80572a

    SHA256

    e684d170259d07c2612e233929a218b8fbfc01ce31fe76eff5741cead49f3a04

    SHA512

    11b74ebbee782a28e25a0a86879b8c278bfb063dd3a42a800122a04d44ad8d2d04a1be1f2be65fb6dda5a462830e3538a614e612924a36595791f41179ab6581

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f2f35529b3abff487d762629c2fc2a1e

    SHA1

    4751a14a854e90b977d90d556bb54a5ea406a1e2

    SHA256

    406417a09bcde743a6903b6354cd57a45a165d29b343279527372368e5f9cc29

    SHA512

    3c6340400c7773e7834f68046b7d065467f96faac735300c43418acabc390cfa53f666006c966a3103618d13be03141138c88fa43e1975aeccfe5a26a76fb9d1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0d3b32b65e602816bb3ccd90f8b68181

    SHA1

    71f39f5d85c463f5e090587dbe6f6f894f11bfcb

    SHA256

    1fded2ade0b39281dff771ea81e143474abc5f1fe7740525a41319e8273a2a25

    SHA512

    c5e72bc67bc3b524d3679d90612cfcb774ab086fcae16662461566d37cdd22f50a2397635f57bb0e80b0bd3523f9b5e632ad8c35c7bf5f39fa621cf51e1edbed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    acb38ab76071f75aad8cfbcdf2cf091c

    SHA1

    939cdf2538c50cc10ccb0d605c4c1e79bd282e2c

    SHA256

    aae0dc1673de27145fc09782f1f1228b8e8ae23836c8636b5a7820ec656c1d23

    SHA512

    6c4368c55dab0cb946a3ef7774cb000c19e06b62ae1581c0710dbb5cd7b323b80bdc691f6d85306ee138fb2ff7920d5df0f2427b5d3f859389203c87a5cf63e3

  • C:\Users\Admin\AppData\Local\Temp\Cab234A.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab2409.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar241E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b