Analysis

  • max time kernel
    119s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 05:06

General

  • Target

    a3eacbfbda0442ff9c78bb78ec9e2df8_JaffaCakes118.html

  • Size

    65KB

  • MD5

    a3eacbfbda0442ff9c78bb78ec9e2df8

  • SHA1

    ef563bf9bfccef439ccdb7c480231bc2da20ed22

  • SHA256

    f0d0261a99a9710677ffc4fe4bc58d50099f0509a2a49d15cf1c2d343d75d823

  • SHA512

    df65ca464e2e5acea5d252704f118d2d0cfe0810d61da925fe84ef5875dc75967f0b7fd2ab1361221677f038090e45008a027700099cbad88b19519a84ea212e

  • SSDEEP

    1536:sNOZgxfnUh68O2S1pjCXQLP5S7gmOmQeJ0fJ+HK7eYL2Hea:sAKfnUh6C8pjMCBIpvP+YKaYL2Hea

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3eacbfbda0442ff9c78bb78ec9e2df8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1660
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1660 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2840

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    50d69b290a378fc98276074c4b5d883d

    SHA1

    fd9d2e333ebe2ad7effa97dabf97102878f77e7a

    SHA256

    e4c45d5190cb0d0056aa384e851d8eb55d331317b396b0211f296b14f26309db

    SHA512

    b032552f76249d7d0b3fc8676167bca4877c51d859ed64188f4f601704c8dfb5520039bcd6d297f6cd31f8884731ffd02417d4d1c5d8d5424d0e943df84af0ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5c17742fbc48c1403b033fe8d9e5f7ec

    SHA1

    6dfcf34f15790c04fc006e9e5db14f72ed8eeb7d

    SHA256

    d49baf7f67b23f2bb1161f0eb4d28994d510c907e35b81595278700f54f42ba0

    SHA512

    3b62e3d8480c9ad4f49009adfb68646480be52bc5e180e81cec552f4853ab0e96b20bd11234fc3adcb34884128f314a211a5fc74a5ffb530cf051041e2ffb54e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    18dc1c6e2592dbc68a25ad158622a99d

    SHA1

    75d46b18bd2f8142f502894845a08dab27466af7

    SHA256

    fccc54a545887587994c2d79c1569001baf2187532ccac70368bc74c854f7298

    SHA512

    f7a7852a2b626321664929edc7f213aa580d423a7027a0071387b9db4ee26ad4774cf34c62d50796b05cddd43e5050ac6bcfe87edb8eb53deb60d5d40bc1be14

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b6f7e8bbbee637f5f247a7585e797df1

    SHA1

    306e134ba1ac98a9ae58cbe210440ab4a39d7bbf

    SHA256

    d0dc3f02f12f2e5932c7601854a442d388dd4e83bc40f25d34d79f1c08e26bcb

    SHA512

    0178f73ff067bfd7019522bbeffc79b0f98cd4e77f4d186032875c81a1735a9ef99850438fad3b8ba1889a9a60d35c97f2ada2c6867928c83e5b3d250ffbff88

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ff0aba963744a6cb47bf077cbf6d935f

    SHA1

    6b6a4d8fac8d44131163014f2e4f39e877eb9466

    SHA256

    407e34a32ea53181588e339853e6ffcf9d559e6e10d58a2642b34643eb9aea82

    SHA512

    e3ee98f0fc7dd155eab6bb1077a90d03c192cfb35db869ff50fde25dbcf0eb6bbb5bc67b851fb09766d6197c09fbbfd01bb214e68f9617547a07351f5f29cb73

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    60c76a51918fc99e147af80452951f32

    SHA1

    d53fbdf1fbcf026c9daf3bbfa7fa2989b2be1bbe

    SHA256

    65df167cc20a216db626aa7bf64ddfb2b9b2f5b156ac5e36de7a74770c747f69

    SHA512

    bb97c77231c0425ed1ea0cf145b7f17d3c15fc8b19196214e3c4baee44859993fed0a3ac843dad3aa7f40a4d693f6e99c3d78cb1df99c2df84276caa8e25baa1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c571eaa2679c283a74fd39c0a079f6a7

    SHA1

    1596defefad44aa8afdcef57b3393d9da1e4358c

    SHA256

    5c31594c245d030160d5e41e051ef9eadee458c0bab68f072591f561527d0ff2

    SHA512

    d720c009456a1cc8e145e7eba3dbd285c6251c82634d57dc366c334de106b7678c81e5ebc52de241a96a90bdaec3e29ce5257f3b2fc25165b9277fd2d08fbb82

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3da668ef65b0a838f1b19d340cce7871

    SHA1

    70728b42ed61e9bb3cab4f034b581189720257fc

    SHA256

    c3b140e44873605a348f6995231646d73125dfd77d056afd0b8b6f9cd09fe1f4

    SHA512

    e69b88f8d794060e6121d3a4bb5819f55622dd509bcf83fd79ae40671c863ee04d5892e23000de1e4508229b1fbe4905e73d846a1a4411ba745233c268324957

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    906d9ad3f4e4ca43a14aa78ae41f568b

    SHA1

    fe0a1668c5384f7c5ac5d85ec785415a1648643b

    SHA256

    5eb8c4ce8025244f632bbfbcddc3df182d08d8fe829578b68a98c59b78a0f216

    SHA512

    5fc9d18818d9df8e12504a61b01a7cdabf2e396c59c8c867fa02834d462d12270531689da8bfccfaf164582897160295cdf4122498e77da5e2c1e4cb4412f306

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9c19fa3ca37c8e428b5ac02b746268d5

    SHA1

    cfe85bc2ca286bddfbb2115b4372801ada72b3e3

    SHA256

    c1103bdba4b0d391c2d26fc7d7b45d2ec09e1fb61a13e3ebff020ca13ab28cd2

    SHA512

    91c9a1c0c43d82637b047d23950c87526f684fd4bf2185e7767141d14115b47d1a0b1e44d0649a2d64910c5f17823c6f89756566c11e62c7ca81f381c672666c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    8d989fad5feb8703ecd72e7db9c06700

    SHA1

    d3604c0276197596e6ce29d4d53b88043e461fad

    SHA256

    f423f6113aa52a40598ed522f5ca7f4a08852d23f356f6066a9a25c937dc546b

    SHA512

    3a19c5e67c9afd5a4cde5173844e0971ffa6e295ad80cbc7f23d55a03c210e742ecb5927b57ac83153c2240f9913a51d019f6b4cf3fbe1a9a7b0c5574ac9c1e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Tar2A70.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b