Analysis

  • max time kernel
    136s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 05:01

General

  • Target

    a3e7161f266ba5ea08ce57c1d2ab80e4_JaffaCakes118.html

  • Size

    157KB

  • MD5

    a3e7161f266ba5ea08ce57c1d2ab80e4

  • SHA1

    422bd6d462ff4893c6a41ff145daae87ae1f03cd

  • SHA256

    0105de608f6cb893a8c80b66d9db3b95f08923028a5c6a26576ebff19b42e36f

  • SHA512

    6cf73503ff179cc96180dbe51cfcae5913c02ad9e5ec6e423731f6c45f82c45029439a660647e85f8b2965fa6af2c47d928a826e54a9c289b071be41f212c5d0

  • SSDEEP

    1536:S1E1T20+F8lVzoryLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJA:S1e28zoryfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3e7161f266ba5ea08ce57c1d2ab80e4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2024
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2024 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2944

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    49e9eaefe7b13b1720b766a95c6f1cbf

    SHA1

    ca08a19e1499cfe73278ee25cbe674e547533f9d

    SHA256

    10db59b6a01ef1265fa6d60ed7365c3d0210dd883d24c83e106f3743d4c26dcf

    SHA512

    ed2e06a35346f796c45fb0ae12e2b548a643dd8109153d9f86a04820d61748dd582d2de950c71c36a7c1300cea4d24fbf1d419fa9411f8d493a3912bf3056248

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b0ed4b60295d3b4cef740cb09b5572cd

    SHA1

    9793f4e40ca3ca2176597a60f1b170c9a302e2fd

    SHA256

    71bd7f2d2618afea8e681c3dc828c499df85486e0100561eaa1a3b5829fcd0cf

    SHA512

    d4a05cab8cb06946e2e0270d7ba12ed0b0e4ebb8e6ca88897787bde8272300b29c429d9099331fbe396520133b7c323d60dafb78f60765816a72fcabecbadb53

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    34016ac730dd504654b2aa934ead463a

    SHA1

    b8330209123cdf31cf5343c48deec8d70e9eb666

    SHA256

    2e929494d78e988d39cd34a39031d1f4944deb6af9ac9c3bdd31ece77c61c6a8

    SHA512

    b0b75bfa4a8af6451833821a613bbbf4145f1e6c08f7919f763deda1f82ce54b7ad78612aed30556daa5d4de0c9ac8fde1f31d4c8c99e247bd3aa38763de69a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    01fb226c6af45c2fab561fe8712db229

    SHA1

    dff9bf541b595be9dfbdf6c59804c4edde9dcb55

    SHA256

    d9b08957d7a2378ded844ce970f50a8552dc1ce9558464ec13ecd98b6d91f552

    SHA512

    26cd0ef23c9b3fc6924cdb47dcf359f79c47be18491f99f855d5973b985274910e895103d0baef55a02326f22afe29158e43ca9e7430b09d5c0fb2ea582a0e64

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    96a67cf501cc745000ccff6d4cfac85a

    SHA1

    0b5743242c2089da788189966270dfda419d0916

    SHA256

    64a360047d39cca0f0f6bdee6c0cde8b022e9175ce981fbaa5fbd4eb6c9e0b05

    SHA512

    820c16c30454060d3ffa7858a8ea9613c2dd666723165c99ebaec28ce33fdc96239b356b34af3c7fae5b548f35f7cd9ff95f9b1b99c3ba425134c8ec4ecea4cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    00ac8d3afcce5f261ef9f90169e257fe

    SHA1

    60a739f7b3831374697df03ac4dfe8ce84aa499b

    SHA256

    36fdea585ef0f26e2bf1a59c4b71ed890b4605666df609ee7d5955b6a0c70ff0

    SHA512

    6424b1d2d744e8a36d89cd4165ebcce23192e2bed184ea56f57cbe447ac8016c04e9a40247221ed5f748e5c2c72ab2857e27ff58da81c5d4d14aebaa3fcc85f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    741a4f6ba99d94700f6f51d88ff355f9

    SHA1

    49a46e9cbf6f43754046864d430689a5bcfc6b7a

    SHA256

    8e596a40b3095c26a94d98aa1bb0e351892a9e24b7084fb430135c6ee1cec7a1

    SHA512

    642feb0e86fbf656755ded35a3f8aebad42c45d93dc2999f190af110744436c873b4afc20126bc631f4aacb0aad3529babe691d131f355999123168137461aaf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    904b98bae5d8ec368d68f91db7eccef7

    SHA1

    c66019b55a68ec4d398ca90df1e5432e726a5fab

    SHA256

    45d015984967043135a7767053007e734546ceb3a0de72043950c1535f772a70

    SHA512

    76b50bb598b8cc59a64272fd593e2ab3710b31144eb06f7adcc7f2d450e2ac232f1c63352eb11dadaff8a8171b67d5105e58b5cf4627cdc39745a3a4d6745d14

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    12ded826c52c0c5f0ea80246766048fd

    SHA1

    390eefb7c2aed150af30eb252b9d457e916a7f5e

    SHA256

    4e13622aded9a892da3a25b3df96ee7bfc2eb0be7dea52f51a6f74037acfb345

    SHA512

    ac7676578570612d0bd118da24f68939fe5321108c2c60552d5749540d9a4b54688c519e8f3223fe5d7e8637f8ff67a456af1fb460a460355ab9501d9dee88b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b5b626da2a02b6f2f59e6afeddaa14f

    SHA1

    2554a2d429dc3249cee9585856758db7fe76a63d

    SHA256

    2978799055f70f5749b2a93e6ee88cddf8171f4ac9eebb8f7da464579c034f72

    SHA512

    3d65b29015be2e84b51b0d8b93c5d344f9e3b3c7cc3f6c37649bc9832b5ba1ef9880ddde8690fcd78fa562d005505dc108b1fb34b5f9777819da57f3601b357c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6c154cf7b9497ae65a6140d8e4840aa7

    SHA1

    6ab23be944aceb8ca0579c1dbca6c4d5958cfd3f

    SHA256

    9d52795427d4a1b560333a9ed1fc7403aee7cebb68890a903ed1539dc18ed005

    SHA512

    88d830c4b04a6fce256ea994b13f79d962e0119fa50789aac50191afb280d7ad1b8bf18fdbcdce6c3ee6ee0ec9c462247afc5fc6ec4443db6ff6ac02efc1bfb6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8b6ed7b29bfc239207cd144b68cdefcd

    SHA1

    3e5c75262ef4df55fb60b94467f652fa22e9d63f

    SHA256

    cd1505647870822ae91cc2d87c19b1e9b88ea2f4ad5ed9b4fe0b967065ad4a5c

    SHA512

    ab8c38e2e39d02c37afcb57978e9000cdd3cb38dfb8a8522e9e5e10629f95335af495403f0f58bab5e5700bdec041107cd8a05935a84aa61f42864d46d698701

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5a5c7c430268f010607dabfa813da9b5

    SHA1

    47d371b7f5ef4545fbe832790d9a30174542fe17

    SHA256

    07078ab977e4876db98fb927908e6ad636997ea7526431aadb36ba4dc2042b22

    SHA512

    bd94fca58c00f934b3f28243a39f9076dfd6d6e17808245c0f66d1f6c0ebb57072812f05ca53db18421cbdb4b5f88319fa09f8899ddb0631d3532f8a703b418f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    293bc7f48834c660857aa27ee26551e0

    SHA1

    d87c7621f26bfdcb504f2cc46f5583c7bf00f36d

    SHA256

    9df74b75cdbd258d481836bd308e730cb20d542715acc93f8b460d1f07756cc4

    SHA512

    22792cb8c681df05bbb614d4a58d3ad991677adab40d434b2afa69f5ef1a99df9f3edd146ed5fd3e63d8bd64470fa28b8a30089cf0e75c9a34c202eb75034c1b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    df0def90bd886f94b6e40268fe00a22c

    SHA1

    95a4bdf8424f765faa10856855498c00254eafc3

    SHA256

    b954c331ca14896606e47703fb71ed40716b506e80b406d01d1aa147fbc24061

    SHA512

    6729761d32787812061a223e979feddebffe0ca685686fe7286c8ba43325cf38a46bcb1530a64361a71aed97949dd1a597d8e413e4906055ffa3492df5fcbde9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d6f3e64db770019df3dde3e0d7403cc7

    SHA1

    3c10971dd80837c5978afbca7a570739383229b2

    SHA256

    ab77583b4e211f7b319d6b63c3878b92f1e18c7c37a195d9b5a3b2bb48374449

    SHA512

    8661afae62824670cf869b632c77b55e5c4081fe46562c2a2062a0ec11dc79dfe741527baa8e3d2d0590320a3749d85bd05a12569758e097bb01ae05cb0f533c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    92e0678efb435c7059f772a2fd335a71

    SHA1

    c80aef43aab9dd77bcf0c9c56aed312f64cb7600

    SHA256

    f927cfc46b04bc9cd4fd0b054380ebba5979bc4b84c4b77a02a2198121e8db0a

    SHA512

    6ac2acda34440dc0aef4d20d04aa7cfffce08f95b996489eba086b56a91baf40a141370d67cfdff6d76ac95ed8014ed41ea66e6fcf5ff5662314f59e32672e2e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0de7bfde58c6eb71cd214b179efcacf1

    SHA1

    fcb2c4d4bfe04d95d57b6a65a116c10967dd7fed

    SHA256

    f7a0887152cd1ab6dff8d3a8d076cf2467ad57834982a7e682585e93c8553b32

    SHA512

    22e45b5cb1eb5480204da20514e25ba74fc85cdfdd007610123c4d9cbd4c9b65ba3c2b4df21946e4479c2ab76a92b6c4da65a0545dd4dcd1b14054569bea9c5c

  • C:\Users\Admin\AppData\Local\Temp\Cab17D6.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1875.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b