Analysis

  • max time kernel
    118s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 05:06

General

  • Target

    a3ea5d51c701ef63b83894bbc599ee79_JaffaCakes118.html

  • Size

    17KB

  • MD5

    a3ea5d51c701ef63b83894bbc599ee79

  • SHA1

    b643ecfd091d9ace5772e0ca85ebb75f8a7e5008

  • SHA256

    9f7c94ea7cb2f8e16ee408716f6a0c54d492297e2b76efd5f00fcb5883255106

  • SHA512

    40f0efd5c28941b73e89dfd366c67e6c949a2a2e5d500890e6ca215a7a9eabcc72be0b134a6c8373b7c06f7f4e8af86086ac0db7a99e6363f652ba4eee55ca86

  • SSDEEP

    384:EnnKnCIc9eL6C2/qzCAkpi8apjyaNoaqOF0:EnrcLk/qfLGaPp0

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3ea5d51c701ef63b83894bbc599ee79_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2932
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2932 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2548

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    33708e6eb06d4f7f649c267f72e675b1

    SHA1

    767ea1c03f371905d5c6ba89cc7549ffe58b3d1c

    SHA256

    f3c5b0078ad6d3213f54c131bf0b4d915259d76ed10e1b2fb02f7e1dc0c82a31

    SHA512

    f2373651e6bbab2337e1c1c64d1609b2e715d0aa2cabf7d1cdc37d09c5e21b4756e72b0c4ea1e6dde20d58fdad335c7995dfa6593334ac7ac69022ac227db31a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc2f4b0c3ea990764c70292818b9240d

    SHA1

    1308c1a981ffaaac8f2732f88299af1d8a9e8049

    SHA256

    c68b835fe0734b0cf269b77bfc83781850e3c822798e0f520483726f7359e5b3

    SHA512

    6bf7948dd8fa752b560885bfb9672ab7e108a8f39f62f5145d62a0536936de3ea9aa6bfea15bfa84a88f26312206db73187e2f76d559b70185b6500b21b90211

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e553898c58bd0b6babbd7f1fe3a38106

    SHA1

    2c287dbcfb54d7786327fa60a4e094f510ee8a90

    SHA256

    6065da600e48fe7b57f8a41fa9c1920cb89269f3742bb5b20c7e32c660c7b6aa

    SHA512

    5d8571940fa9024095283c3785a880171594321325362b10a23b99b77e0385ccc99f813ba19d9cd8a52340d79626b5747c5af0d36d0cc4ef98c49ac93c916a3a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    037ca038b4b7192548e512b488e6696f

    SHA1

    72fb3013672550213e2c4560be973b00c3172c90

    SHA256

    10907782550296330f53e544fd52053ce47aa20ed64449639e0ab61205df38e2

    SHA512

    fea2d151a0eaab2dc5f7818327c062c41814570d87be7040538db875ce68b6f1fafe68a0189450b92e6afc4472ac3e264075049d0fdb9dec78d1284bc48cfdc1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    42b5d014d5256663311498a211fa52ca

    SHA1

    cd8f3d53d43f4e60a567469f6d5713cc363c86e6

    SHA256

    a4e0327a4192335e6a7f12a5853724e6fd1d84ffada0e5df1dd98503c4d266f9

    SHA512

    880dcce682bfed9e2b9eacb485b1dab722b136e38e87f889a31a3c807777bc4c0d70df23ff54706c5772ab8f79bff511b7547778cb30ba57289e9e9230c332e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ae7621d7ee65bf9016c7d3e999b5e248

    SHA1

    bc1f4de8caa899e2a426854baa72d9b2e9c5d54d

    SHA256

    326ae43b2e0bcf9db47f7c407a46bef8038fe5c37ece2285cf8579a6e3a29e08

    SHA512

    219441e94b333752edd274c5e21e0aec34bb3463dbb9e82dbacf9cbb0deefd3a788c90db1aefae49a637ee5b2f9c88e67f35ba23e188093130eba759378532f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7a0393cee5fd92d580fab392893a13fa

    SHA1

    6f25167923ff43ba950b6f15a68af072a59b45c9

    SHA256

    ad6ca70574967167c7c0c8fc4a60c304819336ac0a2abc41753761082b50c56d

    SHA512

    118bcb6b8f076f39be0cbd289526a2dff47b91bdb7bb7812fa8ff46bfbbfffe69025992c793d700c2e60ba3417855de324d1d0174c6b768a57504d93a9f6ff0b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    da2c98f4d77ac53645f7788f553a5d41

    SHA1

    17c6518a6b33d355acf76f2cb93f3f3ac6c3a2d3

    SHA256

    d7b43f549874f2237c83d5b618748818e939b11e3467f6b6a03f58cbae9992e9

    SHA512

    5ac948f0f5bb15f593075d59a093d1cc67b2bfe0821f6314ad8ab8b1922cfd644af23cc8962d451b18fc21158d3e6cc9d25ce29bc143add01eebaefad1790aa3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    361495218460f99d50a690080b941378

    SHA1

    baccf5bb81a972b114c2d701e4f4942627a32981

    SHA256

    dc41a5c8d3f87e1566e562460337c163c34059ccaf1048654b1d5f3e47e5a92c

    SHA512

    ca87a9a0c54acf9d56fc6c88437c667957e0dac23188f6605a0687e7a2aff6c0e8dc8a5884d36aee1bdcd35cd1bb86d59ec4e7683a8b575f072cf0c53ee4ba91

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15635c0a7bfb4ecd298c31cf748f32d3

    SHA1

    b86cd84ca6b82624633b8ff130a1017a7135e491

    SHA256

    bbfa894ab91d0e04a4fcf0d885f4047fab261b5b0df93a269ccca7a3134864fa

    SHA512

    fd63494b41f0fd272a627b39b74d839baafba072814dcffae855bc655eea3a77a5566ac88258f0353fe742e6e5782b1dd9ecf47403d4a97910163b9033281a36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bc194bdbb4293c8afd7981b570c7227e

    SHA1

    ecc1dd2e0f60d8b682f11eff1debe4aadf594181

    SHA256

    74929be36df2681108e3d604638f09e25cc5e01910d498395a2c0df6eaa3e956

    SHA512

    5e7fe610c53856c46a8aa378d966214703441aa1f9271044c69edaaebf5f313d4b7b6547f30f9fb25810c0ee9d2e8c6c1efc69b3d654f17a798970b7912ff894

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    136a105e71f09b4bf7111b2e705d7a64

    SHA1

    1f5d804d9ed53337d29997107924b08cce51457a

    SHA256

    0d520ea005e47acaad39b295281adb5e3df077fb6dc2b5ece51dab5c065bb605

    SHA512

    aacd88b2564cf70b6b0556b7868a035a8cf6e31ff78ece13f5593835ae0010bde845c0e77f7acab799519e53dbebc582cd2dde718761d0fd9c0fe64146e2af94

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1af4fcc60ec9730aae01033b6cc86d9c

    SHA1

    e54fbcf538e527cfa1a32997f4cb239dda472672

    SHA256

    e9b363cc8ab1883075ab1839469fefbca85e714795e58b936f05a8448d2179c8

    SHA512

    4797200ac0aee607af64c959e5122cabf678a33051a3f12c53117bc4cc1606ee542836cafda2737c15d6912356697cfd697a2271b779858f953fdb29b79cfb67

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    01b0f2292f99b90e5486b71e4f6128a9

    SHA1

    1e4ab108b7b516b93c40a08f8e0d42ddf1748e9e

    SHA256

    b829066cc8c9a26179ca22b8b75484e3aec929b015d8fe4f861af7e1363b1f4e

    SHA512

    08ed7ea594b9e242a8ea17b9c0dc35d4da67f865323114a9c1ab897062bdbe7ce1de9790329fee9c2d0b3f924aa74ffcdeddbeece4aebfd07b87da1012c8073f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b64e6068ea0ed3a28baf22110e5db0ea

    SHA1

    8a27465d86f4cc280c9e4acce62e206265b5c0bd

    SHA256

    9e850a67381dd69bfc05bd5fbe6184a11c97b2d0b5fd04a99ab16a455024ce5f

    SHA512

    e68579736381f15c04745ee43f004d032e836cc73ec4f86315dc68d2d6e9ffa89d77031a7b7a95a3ac2878c55917ef6db3fdd6abcf6a21e8238202e44e789c93

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7a0151297126010076d8aaedec6d1b0e

    SHA1

    eeebc18302d5b2f2a5bc2fae5b611d9c1dbca56c

    SHA256

    16511ac6eb0013e632667c948bd15a571e0e4503b81c0f8ebfee6bf84a74275c

    SHA512

    2ee3258a4e18419ef4c7a5d375b89e6d8684381d1056fa2cd5483ac30b4d1b6afcc92d7836e225bd54f4088fa059ffd422adda64b0b4039be6d46e0ebcefd048

  • C:\Users\Admin\AppData\Local\Temp\Cab2177.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar224A.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b