Analysis

  • max time kernel
    120s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 06:25

General

  • Target

    a430819d8bd9c6df5b91448b896af5e1_JaffaCakes118.html

  • Size

    3KB

  • MD5

    a430819d8bd9c6df5b91448b896af5e1

  • SHA1

    c22431fffb9f7aa84dd12584e95451164c1d9350

  • SHA256

    ed379745f86affba18e6c94bf9bf2f068475457c3681dbcb0ebec90114223354

  • SHA512

    dbdc22d730ae0e9aae486349bb589d33dd966a96c8ac1a95aad181795c78776519b33a99b7201be2e1aaf9bd1ccbcdd265626df390e979c6e375bca8f90e4972

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a430819d8bd9c6df5b91448b896af5e1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2916
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2916 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2444

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fb286578a7b8eaf165ae5c6d54f62eac

    SHA1

    90c35e5a5250d5a1924b47c840d5c70037a6ee7e

    SHA256

    013cbf413326ff0c0a5b79761224275a3d5e2ed157879389a223a4439e458748

    SHA512

    faacb17e2bf346f7ce93199d66558f1d0374e51f27969f3b641ba8f45eba2b1ecedc44f5a072185b91a18a58d233ef15a1cdf34926284876d0ada290547ca1e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ceca9477733eb3f3a6b47dd140d70bcb

    SHA1

    43e873dac0ed9b00f5fce214375160d959850897

    SHA256

    8f01074c87455a4394f16286d5a90634f2e4ce3f112c55970cd4daa056cc709f

    SHA512

    032045e3f9555a186c6f8e65bef6fe0ab5cb5b27b8d24aeb02099d9a54628e25ac645c9fef459eb73f389ca9695695f9c8cd2d8b67b522de2fcad1754d95a30b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c4da5d55195ef63b2a77cb80a6956fc

    SHA1

    db4e941a15c6ba9cf12dc04eb0e490a5ad397bcf

    SHA256

    f2fb6c742091ae03c36a8e1ed81bab220f530322a21ee8de299e752de058d150

    SHA512

    302c97a4f2c1cffd5eb82a91b69f99a792d6ee0a48818595bc5442b4c11effec07ca2f02ea52287c0171562414939dec3b2dfb5b5bf8a6f16d68c6d6fa7eb41e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cddd92044c05056e0b0942261edde6fe

    SHA1

    672f8679366f686b85e8487ec3c7db51bd177d87

    SHA256

    c18953c4b44c044584feadbe81bf3a761206c1cb379d2c01ac8f807e3335b7aa

    SHA512

    3761a49f7d0932e6b552276b222ed9589a68d82605fff591a88ea7f4bb1694ba1a1704aa25c533e1234be0700edb7e054e967d6d683c7ede257eb6c5cf2b91df

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c7cffe73cf386ae50aad6dd60db529d

    SHA1

    ff1a54bc2ba5adea309d112fff96cfb51d2a3f76

    SHA256

    aabbdc09dcff8b4289d0f971e8794a286cc4c61067a00c623a481f73617a345d

    SHA512

    ae34d38ecdb0398270c0567bd187a577a436dcf01b1915000f82dec42b2608509d4db1e2dd4f27da371b64295f927c94f65b4e51dd8a7f90b63dd73dfd1f7850

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    42295f680ea085663d89485b87fa50ad

    SHA1

    1c5c6e0a9c080aa6c8b55267ce45927d10081035

    SHA256

    54d96752d4996478d13f76a0f468810f7baa1f8f80762f0656e127d283cedb87

    SHA512

    6edb4d337ca5f5687fcf894c02ce3632383717f56cb976afadad7bad5a38021545cb11f6ad5679f61c706441e2531bad32cf1ec84a0a0c465e6401d860d42872

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    538a222862270c52f139c4aa692df83c

    SHA1

    e01ca000c2fb553f9e28c588bfcbcc66f310633e

    SHA256

    0f8c93bc12ab0204731414cf0202d0ca8d3376bd2fee99ca83a5cec48a53b66f

    SHA512

    17d11315dc4f95c0f0e0fa61f93eda27c1f1098f91c4f321f09f81454b5ba2c6e27220998d95cd2439ff95ff57f34537c4b4f5013196c0295feb154618d9b786

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ae9f1228cfba9a63a9d52d46ec44ea0f

    SHA1

    f24a6a7a91160d3886280f376b0052173a9a4a2e

    SHA256

    6da63a1518490242d379bd9294abcc324d4a8cd0e1d558bdea2ae835ae64bc1c

    SHA512

    25bb8790d3decd418ffc05c7eac41f59ac0f6206a8f36065b72e9e9d1ffaa298978a4a10dc7605cc1bec7f335ca1ad3b37dbd457090a5699c96a16ce8b4732d8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a8bdfd38c42f82760da6e67210e15cbe

    SHA1

    01148701be01a75583dd14c061de646fac489967

    SHA256

    70edfcbc0f43af16f76dc1407d39c3abfa7c38b54e6cf1f3b3ec101af8414f3a

    SHA512

    de53c0422bbe01218282391c5fd778cfb202de2c1946c2518452ac72af0908d7977e6496ea5ee88faa355726eb6d4076ec83ff69fc707c49657f867e9be3b5fc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5597f3aaf70c19d3e6f3e379da9fcb68

    SHA1

    195c736f772378a8e7ba63f7a0931d05813dd592

    SHA256

    6ce0d18272530e5e481c54be76129df50ddcf4529ccfc1c71500514700dd9352

    SHA512

    25528e28558f5331d8209976dcb1e3478e9b35f1e093f3701fb41028c84a6f8e59eb94c54019a520cbb6e563c236ab80306af4f7ef29f5f98a70f9e6f7dc839a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    79051a0ef9e46f2ea7db99d64a77f106

    SHA1

    5b9821e4620f24cbf0a438c395bfaaa98f8b05e3

    SHA256

    bf5637dbc434215a82a2cb3b39c7df5636586ad8f050688221dcfc5e781a867c

    SHA512

    eac813f88ac9b84505254ee8842f31f9bc920ced992335018936c77f316d15a83d0cb2b164eb26624a97d66db289710ae0ad9cbdf1ae7b9fd1306eff587c55c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b292dd5a1fd12442d5f4468c620313de

    SHA1

    df698601b6213ecb6ba9b7a79cda382c8e62bcbd

    SHA256

    22b1eb096e843797ad3ed96ab6af4b089e6ac810318a9e898514bc0dd17c4a0f

    SHA512

    87a712fda9588833eacfae90357f5bbd85ea479ba760c247436a426a8f83adcaa6ba30a8861f25e54ae5864a1d87b0c8edbbe526e9916b111a9ef4790d5cddb1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5c82d85e2714ef13b315a4c4d608ed12

    SHA1

    861149f1450dc7f7a12bff9db75d6fd5bf8c9353

    SHA256

    f84e371714d4f0dea7b125344d0b584c153c05e038db665b930c945b55fa9a54

    SHA512

    58ea4b47fa8b782eb31526e995c558ea2455f0e773cd3cf4f57a0a0e579df7f469ac31829baf89bb995406e09ead898fa08c30fe10f92eb4bcc1bf3754642543

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7edaf3cf5ef6165513a7a1c61dc0d706

    SHA1

    883c91b8cca6fec7cc8bb9687f0cd0053068051d

    SHA256

    0f71151cc0a12e2d7897c780494c6ac23e99d4317ad12d98c0d04f98999b5895

    SHA512

    60ee58150e0fda81d3684cd11c30eafbbe9d1d01da87c1aa37d9501cf3a3b0037d21264c7b947687f11e5d6dcef1c8926ada3bc5dc7194ecd0631bdd15e9a521

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ccd3e6b0638dee71e293575dad3d984a

    SHA1

    a23fa4d55afc6c2d5c79839b2c3209291c32610d

    SHA256

    48f445408b456dbb3eb35ab95bdb83f24fdc4460217bb3637fcbd4ad782d116b

    SHA512

    f6e1557402f9664c18dfe1010a13e6e3672de268e79d9bfd2ecd91aea20a6c55dda3050593a689593d44d5bdce8d3aa837f77a68989b05def4c742749e6567a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1d59823ecc18fdad21f5eeb751269285

    SHA1

    873a8665c8b5bb26d07fefb4e8925310a1aafe1c

    SHA256

    1475eb9eda78607bd8c2fe4ba335bbde6c85915bbee1b61ecde647457a57e899

    SHA512

    1c1b5c5a815f21ec027d5c418f530ea5b37de5243f37c95f44b7c3705f8a72fd572717d0acda58d9c59aadaa571e4693b7c9b5f17574b1820c94fcbc451ef909

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a906f9d3e35646affa219a9024d2cf7e

    SHA1

    9ac43ea269b9591316e39e1ff69a4401ae6cac57

    SHA256

    14e4e80c8d9e4a4b062c54ff2b28223f1dfd17a403855bfc32c5968fe9f8e9e4

    SHA512

    ca8aa39517d07e681b58a83dd3a569e539318034ef39409c1b7b610baa35818d6ae66c8af8aff47f665236d321c514c7e82bfe70d4bf21fb61eee04e33c3ee64

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    11e0a78a2b89fb4e0a481a4bb186592b

    SHA1

    906cab76464f95bd5bcae2f3f76515dbe434bb34

    SHA256

    858e05501d2c9442954dcb745c7b0b0059bb768de073e25b9ebc1cfd8b982973

    SHA512

    c85de1124b4db25c28261dc1f89a13570b0a610fd633e059367021cacc2bf32992d1a099470ddea5de0ce5a1ec9f8556b58a088409a24fb430b208f792c6c057

  • C:\Users\Admin\AppData\Local\Temp\Cab15F3.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar16E5.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b