Analysis

  • max time kernel
    141s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 04:39

General

  • Target

    a3d885dac3d865c0b3e9372d7ad603b0_JaffaCakes118.html

  • Size

    139KB

  • MD5

    a3d885dac3d865c0b3e9372d7ad603b0

  • SHA1

    982730a51748c70ec950556243af140667943c74

  • SHA256

    28f68484517432b4889133fa355de1529b74a781eec6b8f8532ac11cf6d9bd87

  • SHA512

    3bd0daa10deff98474df43c5f4c66ef98685e7316d86e180617a383194c113396322c64e92cc2a11bbdf7442f6ebf6a3e940cd77dbbc900513f17b3d5ae34bad

  • SSDEEP

    1536:S2YXImXalHvyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBw:S2YdXeyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 43 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3d885dac3d865c0b3e9372d7ad603b0_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1920
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1920 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2840

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    838877cbe254998f7e433c933ce7b246

    SHA1

    abeb3e0960a29ef190d878521bebbf51afdb383b

    SHA256

    9e6c18fe36f515a4707b60fcdf70da88ff05bd4a009ff96ee0ec17e028e27159

    SHA512

    a348878c0ef9b4697321508a250bbe20b8dea88b011b3e3893bc616589eb06443683b121515b838a2220165f06359253edba743b68fb24c00234fe943cb052e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ad73c6231aa6136576384fa09d562377

    SHA1

    6c076aaf1f71dabf30ffda350cc9574124fd7c9d

    SHA256

    cc6932bc041151478afc2f2f52c6cf72848c1be41376dd34c7ade23ba17094f3

    SHA512

    6495863c33aa3c5bb159a73831f9822b6fe11c8cf9925c04ce77211c1d9cb91b7d273fc49ec11c6a8d2060bddb640d2e70b7c982d13e2a28884d92bf9a29107e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    98d6d7d2d316a3ed66a32d76e944c7e7

    SHA1

    2a1c6aca5cf466e01579552c6309558a12046957

    SHA256

    287dc5067a76555cff29d8ab5deaff7d34846ab05a0a1bdd2dc1e334cd088a04

    SHA512

    af70b346a8a36ca33c8d7da4294312f93e2c4597d078f5dc6d4df4fc881101d1efb23653dee4232b29b74c1ce9fe77baeb81320d157b8f578215dd874c3f90dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    498f62edc43e54361ed0c87b7310dd92

    SHA1

    d63db153b3c2c16b24fde0bf914e808f854b42bc

    SHA256

    82dc3d96330c27ad63c1fc5a6528b0e0706f1ec40f36199389ead879f55aa5ac

    SHA512

    daf51c7059e8aeadbba9a311f5ea1c04fc31c492b4e0b14defe8b5ed306c97416214172ececf9c8aaf63da4a054fe04fbc6e6dbf50abcf8496146aaa50699993

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b788dc765f4e38a20223c2a203b81c16

    SHA1

    372b778e4a7d70e651ff768946a1fe52c4f62470

    SHA256

    1139f55c4c7a7e7197e7c135efaf7133b3c11d22c66750d0c76d9df658c2f804

    SHA512

    8b9fb087fd27ab404a428b7db7872a1f447bbf0abece4f583e626e60db15e2162b372727a05dc359975bf40b83e3360279143a9fd400571400d1c9cc9d958284

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2d2df723ebbf3b7fe006af4fbe601d78

    SHA1

    cb5f26c698520ebf41cb3e44cce51a674d007ac2

    SHA256

    17cd2ac4154515d8bb8a98c55ec5dede1a9e2c99985c6f1c0eb8c117dd4208ed

    SHA512

    f75da5d251b8278ee3cf449dd36645df047c083ed56b6f508226a11f56e08c2e9f6c7746023708515b23d6a69466ba9f5a6433b73eed21bb054ab9e215f2bd68

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    abd2ac9030dba90cfdda96a5c42d564b

    SHA1

    296639288fab964c3f509167e739b1d6a7fee9cf

    SHA256

    efe35cb339b8a3c578a1317614d0654d5e09a34a9531eb9032618b8ce09ee853

    SHA512

    15dfd36a4cec9f1ae3dfbabbfc481aec5c0a33e6b36300ec76b95fc19118cdf0b68afd6efc2d5625b0d4031f6c150518eb8db85c5b7afa2a915f4c032ebd2cf1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    287d649240d4a4626a77269ab3565505

    SHA1

    a0541aae034fd975b94de6e2649813cec764ffd8

    SHA256

    8b6e9ecd654bac1e3ad233ab7a7b11e311c505370e0fa491d90b57c195b2784a

    SHA512

    569804b4ef36993f4505db1f37d7f97fa094466876c89bbc00df00d0ba8bdabef5e0ddcdefb4275d7a7a5a16f1275f497d15a0ca51386466959b6e71eb162dcf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cadd04e0b5033ad2019d71fdebac55de

    SHA1

    7fc1a55b3a752deb542806c04fa6686431dc28d8

    SHA256

    f1c8466a79429230b2d517e1fccc8f1a524be3a52d9e96dfe9583659c1c57834

    SHA512

    9cc41a700d7378e7e2a815e4b29a7a04eeddadcc39c74fe5779a40faa00ab035d472c0fe4ce5ed856d8043fe32a3e6705edc90b5b272dda3b5d63d9317228a2a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b5096ef4492583c99f90a931e6416110

    SHA1

    f1dc0a83d84a31fad9d334a9be1bd19c499b03d0

    SHA256

    eb3a4021272d7d02e2f89e0dd4e3490d8c056536c6de96d731e1f13d49754a8d

    SHA512

    81a19c5d1534ee9051d900685ed0bdc45b98a88859ca95616cd1eb43036f411e01c0781f56865846ea6213413d428e5f7ea29010453d66af0b7ad1d7c326e910

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eac701ffd7f7c59af889572feb01295b

    SHA1

    30d45189afa3518d1c422791378d15d8c36354cf

    SHA256

    ccd571b55f482e60313223fe34b9385d5638a411c12a36a27ca0e3ad883dec17

    SHA512

    16a9ca074b27aa5368a97068a4afee8fef7dc2835fb0a0f0ffc016ac3c569091b4a5119b44c281871265a7646341354af6aecfae58702ebae2d5e9efdd5f5aa7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    96fd96ee35df5ede2c14d7d55c7e4ea3

    SHA1

    115439036d976c5194765f9a7d4584fc8d0bcce0

    SHA256

    cf938ade73da7102d9bf2d37153b902fcd3eb8a38254d3bb333d62e2f3b15d2c

    SHA512

    f106eb9890140889c36210deb526ed440bcdb981ea191c3ab809cc8d46919ee08628003d02f442abbd2fa960885948cff413814a426842d71a7ccac8f1bced15

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4fa08aeb2f3daea7df80f09e91f4b3bd

    SHA1

    d36e579ead04291c4985f769cc729d296c0290bd

    SHA256

    35279e5e1e164bd7194701efcbb4267af9d7c2d81aa4d5854ba8f0b59fe21e7c

    SHA512

    65738db1e1e2329258848968dc287976c3fbd13b5ef3b47675093a253a96e8d60961d888253b255da69c2769ff9ac6f6b60ed1061ab816f5781b4f61286db8fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dfc8dfeff37cc9b4f4ce83a2e7df24c6

    SHA1

    28052c4149d3923cff74152037fe212a29551ebf

    SHA256

    303f9da55bc63fcecf07ed5343612c1c839c60ef1f0483b2f68f4abb71e49a7f

    SHA512

    7839fac1736b986c07cc336ec6f149f62c14e67ec2078320b7dab20ad48a6064da7a745673aab4f5823d9605cb91e5d1d0c39f95f158e54b604dd4ba7b00b654

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a8b8ae7ae1e88b92ca91e0c43df0c0cd

    SHA1

    7b6e9730ab6961769a7484567586b5f9e4995cc6

    SHA256

    60412d38982653670e0d4eeffa532654f2fb550b271bf92aa9c6a4f1990141ea

    SHA512

    777dc941c736783a35611fe8e006ebf5ce75e9c08a7c2a626fee3e66a2700ed0fbf80a165b73fcf89425e89e3f6066e8ba4ec8533e3bff7250e96ff34a8adff4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    212799d468b00c17f38973fbb51937f1

    SHA1

    5b4477fcf159f033968e4d3920114a7043842bb9

    SHA256

    355f9308822bca16c3f909499ba4b2e5dae99ea5d07b8b39bb74213231b61288

    SHA512

    b5f8b68c46e4b2ee6da8373ce1874a189f1a874838da752ef8fa59b65de88b3eb63d66629a4cd9378671c5311669a98ad19e6919d5f8c9c20e8e045a7529d3a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e436535f113a2638d8e54940b690e916

    SHA1

    782f14ebf934212a90d28071992598f0eb944a07

    SHA256

    6067f5d57a44b4c593e071d80b5e5f05fa5847666aa541d3d22c3a733b1179e8

    SHA512

    8613f562ad5bae78a70302034f9a5637af6bd1b5d25c5ae927b4200c8364156363569600eaf7b3095dbdf3fcf4a77684281ba4bd45bdaac0f478605cc4534d8d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    251fc32bd36eb0e0eeb3759e8e1ec61f

    SHA1

    9444833e29cd82b3a06c156cfeb2c303cca156da

    SHA256

    93d9e01a10297a77d397b45282dce60a0d136e55d0dcccef4139e70d689f72a1

    SHA512

    aa6f428c608d78c7304e52a2b411d7a901765fd6dab7a3e768864708aca32deff6bae311b06329bbacfed437fbce9a4c0aff53ef087fa644fc9ca6cc09683276

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2cf1c12a7122657dcd74b5fef4df4e29

    SHA1

    3954b7014220e6df2c927b2657cd6b19dd6528f2

    SHA256

    3255d58b6728fe44192a310bc60808a086c92aa7b221fcbc58d79afb9afefd92

    SHA512

    7d3f1fda42f06c5212c9e5e5897201cb98b779e13c90d68ac9fa629a8e756d997d3decefafd11ad252f18965d770c2c74f1984699348edaad4f2b7195cf9fcf3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    2f347c4469d8501c2a6aff1da4c93c45

    SHA1

    70318d5fd408d2b6c16d118c569879c1830799b0

    SHA256

    12526dff24a36bbbd3aa37fe300d18006e955b564eff8603b8df334faf5f8d1d

    SHA512

    a8db54e1ee2720a749b63aa29ac44c43b9b130a23a3e61ed6fb661f34ea0c532fdbfc5171ca13ab4e80c43ebda76e378f1d9aee849f7072c77d8b95b2b2df830

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Tar100D.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b