Analysis

  • max time kernel
    136s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 02:58

General

  • Target

    a39b8a7881282d37ef44983f73cfda44_JaffaCakes118.html

  • Size

    69KB

  • MD5

    a39b8a7881282d37ef44983f73cfda44

  • SHA1

    7d1a03ba1d89f87ae15f760a3ec7818f19378977

  • SHA256

    72d591ddf3ea0cb34de8ed6148fd6cacbf67282196fc81022c0b16485e481b40

  • SHA512

    b3c2e22a2c1d7fc8f8a3f6a64bc343666a7bf77b9f1187fe8a7688b460201d94c23eb3817c02dbfe3d0bc6eb2bab7d8ee4b8fc7a877c62797694f136ca44bd4c

  • SSDEEP

    768:Ji7gcMiR3sI2PDDnX0g6s66xyP6/YoTyS1wCZkoTyMdtbBnfBgN8/lboi2hcpQFf:J3QSdTzNen0tbrga94hcuNnQC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a39b8a7881282d37ef44983f73cfda44_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1244
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1244 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2332

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e69b05f0e270af62cc1408c0acf1256

    SHA1

    2213d5142b784895a6956ee99b7f7f81eae07461

    SHA256

    b63eea07644b505a813e48a8dd81d4fcbde0338036d31a8b2455c544fbd64c71

    SHA512

    81e5afde8abfc97c891fd0a02606ace4dcb9701b295a1de37313d9cef9240aa589c302376e97d888a03f3226e91cef7e5eee3f63eaf927b3105b90e34b03e41e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    49829f00c378f390ffa8d8552fde5ece

    SHA1

    5186aaf0f2e6f7c56bce8e812f566eeb2d8f8fd4

    SHA256

    6119eb9f6290e40bd8e2a6996ff2e60f19f113151ee5b7ab8d86e7418617fed5

    SHA512

    e016dc2904b98217cc425fbc3e6dc8ec0871200e97cd4555f999b0ca90def1b5b7f99c57dfdea4876df39daacbb713ba2c8b6efcdf63acf1599aa0a9fecfe738

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fad025e3d7f449e0133d0288cb6a684f

    SHA1

    2c453ac8c549ddaafa96e1b35c07b0423b52f438

    SHA256

    a0478963f56ab4dbcbc03668ae60241ba4b4c0898ca668d07b08df2ba58666ff

    SHA512

    31eaf9caae58562279673ed9edcde2df0864906ddd82fa5ae314cc3d9e9cfcdec388601dcb6c9a8d75ae98f2fb64d1c5f0656e4a4b0782c5728586dbfa35a17d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    66cd813bde222497bca1002f7179c576

    SHA1

    11bcdb5cafb24262c2cf5d843f026f0a6d7705e8

    SHA256

    c6586625d461505ed6cc0b631d7645820f39dea32ddb8bf2d8040c46e28eee5a

    SHA512

    7b165ee5551fbc7c00227d2593b6cb4c2d9394b43199066f59b502df73e5431cbd3bb54d55e950c5e9b25e0cd20f455d1027dcca0f8c444d0911492e69636fde

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8367ff6a020ae984d7b619a47705f14c

    SHA1

    e7a461b75d4a2ef6497f402deb6ded578dfa5eb7

    SHA256

    c77a914f1ca2b589acd89a788826e7cbb9e0151378fb4f0874f4f93ed8fe0405

    SHA512

    e765ce93f23628db5d26082393e41eebb1b4eea8c91adbeb7ab2edde60d8e8d43f7ee775a6d229a994bad0a5f28d8ee691283dbbd520087f113ab9fbf7c01f09

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a738bed2fb647a57fea9ac6268856be3

    SHA1

    dbaf26b3eb50dc16c036dde585aa6286d235931f

    SHA256

    e7fbc219d6964d4b5655de7acdee5c6b0b3e643986257d9005e35e4c5401af84

    SHA512

    7152be2faed536bba7c557a87bb021a826cf6e68efcd39f00aabcbf7ebc5144ed8c815453f0b756b8e5a2319df03c78f86cc219b9f7935073e4b30a07a3e46bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    53829d30300e071ef9ce99ca1ed36a36

    SHA1

    196fa9f7227a774a4f8db0f198504524c41e0532

    SHA256

    43d2b3d5e693e7d5c01f51b37f328ec53fedeb4143431b5eb380f72294dad050

    SHA512

    b901e21fcce04176c9fce3c2bf2e3da7094e7d2f75516ed2f06aa83e4477a0666e87081a028a4770c679a51cdb76b230e94f47831328ba983705fe1e4292e37e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    035b60f4d3fd36898fcf8dbd0a8115b4

    SHA1

    48b53567dc29c2c100e7956897a3007b531e597b

    SHA256

    b344092e1821699035b1e0dcebfb1623ef3f4d60e2eca616fce4c94a1acf3dee

    SHA512

    602783b998b35d6cf5e3403a45a53f251897c414a03116c010c6911fae34602b26ea6e0765e05621e771c473a682b071938f8ff1211b15d1496504d3e0b10539

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    88c5aa7846b7d32db0fe912488347855

    SHA1

    493aeca3125a4023eb5adb970eb3bcf1bd908728

    SHA256

    61ce98e5c11a781730113887f5ce3f1caf74cfa3cbbf92ee79016b3cc8b7b7d3

    SHA512

    fc17838119e316059c7850b42d0be261317208b0549ca16aafc25e85299b3d4c2aeaf1f63e7ef4bf7b90adfcce17cc65b61989b9c4b4c469e8c005bd96bae53d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5bdb28a7f53e8adade1d389e70d4d16f

    SHA1

    e4a95b305a39a359ea4a8130bab16dabf2660e60

    SHA256

    d53f9492baac35e4904932ea4bd50c0f6e540a52e4459c30a4167e5692c59880

    SHA512

    18228c76e7bfc35131dc73eecdf6b38f6654cbffae8d1e5b086302f425487421387c57a2c403face1d619512b7db1f2595a576ec9bc9c838b674b7efe219a562

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9a0709c75a7ff4d72159c1444d2ea54d

    SHA1

    a46cc84e611ae40744577b3d3b86699c616b9a27

    SHA256

    763a6dd47eda0a84312e0d838e7d549daa46c6964e18b352378435b4bfbafdab

    SHA512

    dadda77a6844c87938ac5185c9f20dbdba40aa9b68fb02629d34de972cb640013323b01ce40af77ab5fb45555873a48ac4bcd5c98bc257873f2710225a9dd201

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f27e0e777f66dbd7066c009fdfb953d6

    SHA1

    fab2458825c668da5089549f7eb03357c71b0ac5

    SHA256

    f85f287825f3c2199ed1934ba5fbee1f03d4c8c34669f0b73c47556d67b56c3a

    SHA512

    c6b24c938cedf375573e91f71b4a0a6ced90853a16c92c09f062396f9322b8e9001ab5b61ecf53b9949b1c95cd9876bd8ec25cb020a2eef70bd093fbdf887852

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e174a7b3241ec084f84925705b7f511a

    SHA1

    4428feeabae4c5c597953d1fdad52cd1926e47de

    SHA256

    c8b1877c0c0c4d01c25cc56e97a223f27dfb31d741a5c4593dcfd8b93694a867

    SHA512

    fcba4131a8d3358416e1f8c4c9ebf41b22e5742fe4ed047dea592894d960ceb333076e12aa2f8fc11ed65784eb3d6c05454b0cb0276fd1aa4b15f0c6b2c2e4f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ac035626822c0d93eaf11a7c223ebd8c

    SHA1

    adfe4fb3674ef16001e5566ff927b8b5f5be862d

    SHA256

    9e852750e12f855d534cd4a683ccb0f23843e7af332b79c5c3204b10928b1e11

    SHA512

    d3623c80054773c4b7f405c482f43520ed12fc0c0900ed76ec32a38a4598398afa33bad35f4ee736e7534a2b619aafd704439ad08a0610948beedc374e786d0e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9ac4222112ef35bd4b6cd83bfb730c7b

    SHA1

    46b6487fcf2e8a8049e96bdc489e4c66fcf8ca65

    SHA256

    1435b99ed87a3adc51f8f7642f5d5361dc2f2247944eaa0b1a5571451ed539c9

    SHA512

    e47f389fc8d2af72025f36b91ca250138c9ad206b184a4b8398cd63a7240dae7e2e01d4846b2ffe05dacb1767e8cb0ea2870249322b9feff30eea65f219cea28

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    94def7400c51a37ceed311ffee4efe1b

    SHA1

    50aeafabba56f2f6ed3f662a6b3913eb25f15abb

    SHA256

    c633719720210b440237bbeea7cfb633a93725f9060ecdf9282f9131808d8d01

    SHA512

    d1b43aa589275376fb82470342d91050431a9d50bf5d5c6887ac447f29538b55a17e1774413836fd9af11e331a1445da0cb63d861e0e0eb970b3c13a4203c9d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9965d2402263a3922513bb369228222f

    SHA1

    d3b0d16fcf0674d92bdd61584d5fc383ad8d04ea

    SHA256

    64db831395ba500c70ea50f9f9e5407cf034b3d839b873b90242c56cffcb041a

    SHA512

    23f89b603e1d940688de0733a057da34f364a037762afea505fef7ac5b16caa6d3644c4dc7d74c120e58c95cf89ec7658ee4ac80dbccb15f3fa9966a1db8f681

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e5400676449d22f12ce67f89e3511757

    SHA1

    0318d181adf406e7dfa57f794e23f892bdd2397b

    SHA256

    e01bb187a6529f152e7514fcb5130254a966b8f9b0e1a28fd0784dbc60b7860d

    SHA512

    5153618dce3316594a9e13e1c1d73c8032b498871db010f1cf592661dad36b8c7625ed0b15874fb50d59b8e293f390663ca62f9972d9fa77e606e9fbebbf4cec

  • C:\Users\Admin\AppData\Local\Temp\Cab3A55.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar3B27.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b