Analysis

  • max time kernel
    142s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 03:19

General

  • Target

    a3a686efa55db1537a31256ff22d8c59_JaffaCakes118.html

  • Size

    139KB

  • MD5

    a3a686efa55db1537a31256ff22d8c59

  • SHA1

    847a5f237cc116a2c34dd1ce1d516495ae403ea5

  • SHA256

    1401a159381471dc82a628b5b480c31812d62cc0cdffe6c1e47832d0c168ba6e

  • SHA512

    ead1ff085f2626cc47c5e3ddba4439f2d0fa186ce8fea4443898a741dce95c2503a7ae6f2109b0885cb31c04afed040ffd1776b6b4a02dd526c631a592e395f2

  • SSDEEP

    1536:S+vYvF8KilcryLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusG:S+qF8IryfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3a686efa55db1537a31256ff22d8c59_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1900
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1900 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2620

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0b0deb921e61e9b9a99184b634ab25a3

    SHA1

    d457817bd7511286a124f826736293b2da2ec963

    SHA256

    a0816fc47873fae419e0af85ee392b2c82dd89d94363c3af1ebe8279e9535b90

    SHA512

    77cedda1b017143d2ed828561f038110c4c627b2ca76a3638d94ceefed56a16211e21d04e3b52eb1dd93057d94dd97d35baf7d61572944549e3840f624d55a94

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a3da6164061e0a93808d463e9a8f37c8

    SHA1

    78111ef9d1075270e7c8ef4618695a2dff1ddb01

    SHA256

    9b10c0bb2e98c1f7706dd39f25c43e0e899354f81e0e1e51c6ce0fd7119bb339

    SHA512

    245517c99438aa514e6bdf65e97000b006fddb1706d1a5eea2159b34e8dc08a14aad0772c01ffe4c865df1a92e70282d5c56a4c3d11983903affc786a423cf33

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aab525b04b5b87c3ca989395c15ba94d

    SHA1

    f39e094ceb4b4952130c77d2dc419319ae53079e

    SHA256

    58c258bbea0376b521b7271cb1df78982d3298ea4f12c55857aa3bbad5dace99

    SHA512

    3e2519d6d94ce33929aa144e56732a8a4604cd2e451188a6c280e3976be11ace11861eb6a49324b82b81c9ac7cd95cc0cdf4d0054066c6a79eb8bced68a3d90a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a19f08967ee061a6d46828cac6ba21b9

    SHA1

    4ee8f534eaa7dfb7cc95b990a20905f7201e7854

    SHA256

    5e308912849683ade59e0efb5a11b7d9e93f295d5fc344adac56741bccad736e

    SHA512

    1bff2dbb9a0ed0bb10102026575587a43ae94862a2378639d3cf8c9bd7b2855fe50e4a9c7a59285030d1be8f388a9e93ea3379d07c0f8f9a320347885ad07679

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd2b95612093a09e7ace9b8263548e6e

    SHA1

    aaa773b22e165b7ad65e7dc599e681384415e5aa

    SHA256

    f6bee248cf4e816075d9ff1180af90948003c3c9abf8a544755d2bfaa999abf6

    SHA512

    2c3f422a57f8dc8a49e0e04c9892f47ce17f2fd1e5ecbe779006798d0d11f5b1ac2a253e3d2bc7b621f29918717e6cd84a4df02524dcb4d28f9acdb33f96a53f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4499b3c1427546ae74f1e03c042ff642

    SHA1

    cd36b6fb4f1cf0aa5f25cbeebfb7173976e43333

    SHA256

    9685826847ad920283ac110d858396d2cac4baf8ff8d1965a69a6915b6d25746

    SHA512

    dda4068d143b123833a31343223e2cb09a91524aa81bf58e7054ec7b80447ff861e55c365681b1e75ece63a7fa1799fccc2f8bc92b3c08ffae76c256d30a49ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4312485d633cb33f99ee67d30b083d43

    SHA1

    f4ae021278dad6842238d31f12fb045a2a7b1743

    SHA256

    bf036acb379cf7ac81e3f165450e552e3e2a1606f95498540a3f610aa7a72bfb

    SHA512

    7fee179f702bd1d8ad76b48f5770bc8c2f8e347ad26a487b4fbb41a8f4a99c794afe958f4186ef90e7d50efbb749f6eada3d4ec1931469d29d2ec94767391ecb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9c391cfb23480416948d0481068ff16d

    SHA1

    71ae8c923c9647d6a6556b1036bb36b48cfcfd73

    SHA256

    f826bb82cb26b4a678213a45c1a5f7c176f5449fe6e9b53eb4eb0403d49f2312

    SHA512

    fbf74ac5065ee71250bae518af211b4ffc798db6a38acc277b1a8fbeed703a82f1a977212eed60b72cc34aad6928529309b206827f687cffd00fc7694eeead2e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2c87a8e29fd3d3adf4afc849aeb7dc80

    SHA1

    73cc4e86c5043a379f5e29e207972b2757574b4a

    SHA256

    06a29bd7708c04586cd12355c755bd7cdc70272ede937d9a20e7e3779456dd86

    SHA512

    73f59269b356a538de10df67d4f274216ccfce8ab096e13ec8a9b9021b0d0fa0f41cd434f74fc91199198d49b6841045f1ed02f1767a0059140ac3ce7bf98aac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c04b2b966f2d5e22e05eea84e1e92390

    SHA1

    73743893e247bb53847bdf08067e6a11c612226c

    SHA256

    edfd6d86f1e3593ec84fb4e59473df62b509d684a4d7283fa0a9be19b607f7a2

    SHA512

    4609c0f91556f1217d3510e0f5383719cbdab6563b8f021d83a725829f4b80bee1d3816e3622d9a7795cc644b9efd6a82edff14cdcf2c979233281ab7947db79

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3eeb61050066aa92588df31b55b555be

    SHA1

    5c79458bb3b494cab4506a1945280fe7856e2dad

    SHA256

    38cbfa317b86b4458eb62d943cd84dce74f7163f4067a60f284ff152c60ec5c4

    SHA512

    9456ca82c55d5fdb82015cc97f3e608f1aea160e85f692a16ab45c36093422fd787a2cfaf682f2aff34b6377f03db5ae1f9cdada1a0719515d1ec858c88bfc79

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7b21c0bdb1778a00fffc20c5f9d2aef0

    SHA1

    88d9f8d6c12b2e8976b819585d0370b23a9bcd1d

    SHA256

    1cbc962f3b7bee7d17ba9519fbe03e9203a6bc156d07d2ddae2f14f35e478151

    SHA512

    9a6697a4abe9179ce4122fc23766eef2ab6ca84e6e5391cbd844b404a97003cdec87147ccc9532c5d57d890762e89c6facc0bfc28461fe74cf82b56e14a5766f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c55813b93ac02d04b7f97606f00329a5

    SHA1

    5fa1e68de2c462506dd374aabdb7cef97b88f60a

    SHA256

    40bec926c1b32d98247e4854b2dacefe2468414c947d3ae388e0415b4e6d25ca

    SHA512

    7a157e6124fdcf86545c302224ffc62ad5def99ee238d0d285beb4a5cb2a6ccdfa50e5690e58dce9282275081038000a6dd10f3f0de9403d1d82522829d1662b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    68d7e8379e1d268c02cd3da98cf36892

    SHA1

    cbfaa872542ae9319d0a4aaea5659f56d17c7d95

    SHA256

    a7a576d4f239551f865628f5369ad1feaa7908d4066f52ef99b484f49d152350

    SHA512

    fc9c28c1680a27d6e61ad4b6256a1871d8828d01ba02ede9f6fc1a93be520f5fde2a1ef3c0eebfba3ae97f12eacf8420929d3399dbaf1150cb25f2f2ed9bade3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    17c1c97765310c8e99cd243e0bbb2320

    SHA1

    32f04a7d2d3f4a02f2853bf052edd8fcc39317a6

    SHA256

    c56661948ba384a6fb3c7473ad4358f9855ea1395e8524676638df15d50dfe9a

    SHA512

    f2c75792cde19dd4f63c95ce420a03e55182b59b2a25a833d56a0afc195ce6f01398f89bda9cc8d9bf19dbac76063ed02cbd4ef5d3282e8797c96754f50a06f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    166eabe2043b61901424a545492d9a9c

    SHA1

    394c689e7ad09e51dfaaa37d2da9653496c58636

    SHA256

    66069d38db827f75def73f74eebdf004bbf6cfe78c3a2cbf5c124d587cefb12f

    SHA512

    fc5638016ddf9770c6e97f0fd9eae68f18b55c3f1090e1d3ddae3e0b898eec23f4585349f6b39187ce41886177fc10183450666985a5ee82c8095586e82c61a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3920de957bfb4207b7e0a1ed948efe43

    SHA1

    7cd251db5d96302ad51d0d8eb5f84cb2fe2f5410

    SHA256

    9698e2082eca1bdc4af591430bc82455b2e6591ac01409babb658ffe1981a697

    SHA512

    2225864350ac1c604a1024046e394e5aea5315b3aaf7ec9fda26a69e75f0ed6a0270dd9611bca6174a025b472c144be3112c18601044fe0ece8534a9f7b4ac07

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ae8f3b0e1949d8a7db4d0e3b9515015f

    SHA1

    0adf9963e49c8e49e7e88ab60cb6a4cb66891ecc

    SHA256

    65b7bd47ec59d1dd6e244ed61caf60b2c25ad65832ece554e153d39173d18eb0

    SHA512

    49be8ddf421a5d26a052e9d12926499f6276dfde52f39a79ef780d98c95f78d85846a3921310a82f062a076b70c610fd4f5b351197638bb094ade260c9f7e934

  • C:\Users\Admin\AppData\Local\Temp\Cab61C1.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar6280.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b