Analysis

  • max time kernel
    119s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 02:56

General

  • Target

    a39a5394c59205d69d91ffebb6e771e4_JaffaCakes118.html

  • Size

    32KB

  • MD5

    a39a5394c59205d69d91ffebb6e771e4

  • SHA1

    12a16469a49d91d8c9b8f56c287bc25c31edd942

  • SHA256

    63b6121c20e20054f70cf240edeb22790f5e2d7854ff1d2e349c8ad99e3f76dd

  • SHA512

    c52d5e73afc0c7b1eafbd3a698fe75c2ed3b2d7941907cb1bd50475d72842dbff43a6d5908337a4b87cfa0b26fdafe47ee1407275fcf4cab9fc8c3aec2f7edd4

  • SSDEEP

    768:6z5FwqFPDIWMksP2TBxBzs16NtcHwmui/b:6znwqRIvks+TBzs16NOQLGb

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a39a5394c59205d69d91ffebb6e771e4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2188
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2188 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2384

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ceccb03b851a637fe78ced2feebdc85

    SHA1

    2480ba009879d4dc93f367f73bd35250f080e11a

    SHA256

    46f021f86d376cb96c1cf919a51b37cbe030b598ba889f22485a36fa90a0b344

    SHA512

    ecea854a91e2ec56c4f97cd6748e1903ab75dfa69e51e3f5a4eadedccbcd7f73d1a9281d44e69e8a912cfdaffe9160e3d92f93c4ec66c4fd35d33ee2ae29bfa7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1a32fd8a5ddbf54894a9fee0b9d6df77

    SHA1

    2734a7a8638d15313c69ebdd70ba4079877e72b7

    SHA256

    35821bf9cfbf4007e877d88e32c6c04d2c986bd6396555f16b78f63532f37a08

    SHA512

    88be1c5dcb4402ad5b102d7602ce58c7a3d472e42df9cbd3fd7e88b9d06bd742ab0f10e0472e8db810c14a75490c26d08b3c9d381fba580d319c96a8c083947f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f9c0c88f1b3fef95a05f30a3cf05eb16

    SHA1

    5d621de950cc0b177a10255ef30c2548cdb5c637

    SHA256

    8c6ab5f0bc09006e07d037e73ff0f063319fe0bcea0d48c08a2891edb1ac1344

    SHA512

    37c0ae4f24245226cb8056dda7abf2af5b0826fbd3e1bb4f1db0af7a363152508b74fcb64f44b1a037f345227ba0842dfb0426751016b1ae4ba4951ea0745fce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f4981235fde61ee2e49bef0a6bdc3b6b

    SHA1

    944e88482521bc46d77814484c50dc45e2824fa4

    SHA256

    c5c8877c434f1f99cf6e5a3b422f19ce496a6616362a19c24ff052befbb99948

    SHA512

    dff69207c521ae5c3de8056c3b45e4a21bfca50d638123446f9abdee6418d26b0667e7c8bf3d002b0313af16e75a0be8a8bc60d4d236d0e7bf9aa872bd47d6b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b09a330bf86767a244dd15fb31c68338

    SHA1

    0dafc566306441d4eb019030a9d5477a60f36215

    SHA256

    9f44afee316c8d7c1924b6666c6b967c838db60a3641accf00f271e88f2c7f98

    SHA512

    7d383be3173b030e30f1d750c9812baec032f232d399f4bad093eee218cc68dff66f749da8a2ff88b73c754d60e864f10eb2d67b081ec1ee7b260bd8faa7effe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5858c768bf62e3d2566d27e36250e2a7

    SHA1

    b2b29f8cf5173f0df2bb0285d670e2084fb33f3d

    SHA256

    917bbc4d53a47aa7815722a4d85ebbb9cef3ac1a3c263085774a5f4dfad7a916

    SHA512

    89a7f01066a885c4a046586d2bec9a932ae04878992dff31e90a142720a756d7a3e8815600bc9c26d791f0353a41442e6e19d756980aa4d878abc6dc51c7058f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e157a637380fd8dc6039434471bf3003

    SHA1

    e25115c3396776c050f81fac45a61a0938c15653

    SHA256

    8f81a67e5d7923cb15234ea8abc108c0a9a8edd7b17a1211b59b151c449b213d

    SHA512

    2b052413f055b7c9316384dec4a8fc8f452b65355b1ce8f63f66712e37bed4b1e0e0fa35239d24afb4096abc7b6ad963ab223255649ed305a0c7c6a5e1913f13

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5036317db346855ad2a82e431774d50c

    SHA1

    fdb46a273238f822a9ef7e13630b169f04a3759e

    SHA256

    a70b49e1be7b12c733199001e46bf3ba1334e2daf32c3aa668f296bc4c93ef9f

    SHA512

    9647638c219a466060871a2d4976a233b0532250a569bf7704e09a4e320dcffcb7dd13346a0358c281f39bff594f33df4a8588c96ce8b7cb75ac0f7cfb5f4bef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    37c6327885188ac304874dbde10c0062

    SHA1

    ae794ec8d8444c2cdda4252dfa2ff2f8acbe2c82

    SHA256

    5ece2d108c515457904a9608e48186da3947233136821de0759a8036f95ffc99

    SHA512

    87c71a5276eb6068d70b65cac5d79d1b988ab1981a0b51b2cce3c6e30e3ece9012ef01ae3ee3f15a6cebcd7e214c03d36cee30e134c2c61dd5a169703afa0e23

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3fdfff0ee5f5afc9c8010c29e8b226e4

    SHA1

    27bea8f2fb33334df15f8f3054ac69e3c31aa052

    SHA256

    bdc4755f72e44daff8da38525cef8d7f3e95817f402744359be732be292e4856

    SHA512

    4c0725a7c231b0771df526b91c47590e0e730b1a5a33efa02c51f5c8e27b9e5d2a6450473b42376ad68b483700afe1a632eaced6b3c641b92a4a54e2a4af6a95

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    99331031b55de1326cd650846d4f2b2f

    SHA1

    df9a2453b288aedbf3371e9996baa1c81e495f0f

    SHA256

    0a1ab0fc4db9bf4411bc6dfe21db578a28054f00312313f098bcf9d3b9715004

    SHA512

    a9a85b71a7b36809e0f149f0cf79ed81f3faf4611b0ce3e2f8b89405419b720f92e4bd82c16adae4a826f483907b3816df7abafb38bebf92a5f4e4bf267e98e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5620edad24a7f182a472585a03f30e5e

    SHA1

    79c021a91e28b3bcdba33a95e28895b0821f6cfc

    SHA256

    2e8cbed977d132b064b1a19923cdaf47f4580fa6025f5db0b5fa5261342baedd

    SHA512

    a23a78b7ca873fd38fdee8f50690c520270e64605638fee18b5039a375d7736db0249be2c599ad600b8ebda39984a99682c528e3a6d9892019386203d97ad1cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    066eae2e297a8b0706b6e082d6349751

    SHA1

    3574d31df09a0d93c63a7c5909809f96eb44b862

    SHA256

    f48be79e86c2dc46080f4e837411cf4c13a55637aaf9323058e9ae0f322a7031

    SHA512

    df65d8610fad4927ab86260f0e7943d22330d775b08318224b5e5e4e042778dba63045d8857c5c42f545618698775b6e10e91c467993a6aec7a7438515913ab4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3f30097eb19b70485a87cb75919e5e65

    SHA1

    d66b632561cc3bdd02286fdfc56453e68a01c506

    SHA256

    4c00c4e37bc8d4af4cc83403f22bd0225e26b6668ac772e7f40f3bff200e8fd0

    SHA512

    7d7703a749142c6f496f32c2ae8cb5cd73298759b10ab183db2923cf8714b483f6b75d2f63679772ddb7a9322653a3b26637a89f9302d7a22724a929591ffde9

  • C:\Users\Admin\AppData\Local\Temp\CabB619.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarB6B8.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b