Analysis

  • max time kernel
    141s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 06:25

General

  • Target

    a430ac2add343e841b6aa6001d73d65b_JaffaCakes118.html

  • Size

    139KB

  • MD5

    a430ac2add343e841b6aa6001d73d65b

  • SHA1

    19f0ab725d9d8727b381584de479109bcb5de7f6

  • SHA256

    7de33ecbf1261fcd4e880354dba3af8a21981d48e829b34b420da0c0962601c2

  • SHA512

    9233bdb938563f9db1568a5e979c5cae80c07f282ff1673970d81f2e7b098d19bdb9bab0e68f32d3640a1a5dea9878e1d67054a9f52ea30a2fb115909798281d

  • SSDEEP

    1536:SvNTo8lNyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBTOy+:SvFyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a430ac2add343e841b6aa6001d73d65b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:948
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:948 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1996

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    66f31299aaa16126381d241e9c45395a

    SHA1

    d6b36840ee4f2ed6534057db4c2f7330367152f6

    SHA256

    a37237a70a074c78794f505a5bf1d50e549d1ba2521765734bf5b28267c64861

    SHA512

    1dcba754118020dad76adfffd78ea278211133fb14fa031673aa687134526e0c933a24edee95887b6703233dbdffa099e2ae6b8ddaddb2b1a1f129104e0a3d28

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f747fe271fcc9adb5a970cf2ca72498b

    SHA1

    a73e5e9992a720c0e42fefbc3670cb3711393e3a

    SHA256

    83f7daa4cd73a873bd53e4f32f5a1a46d2e179065096fede8ff315d1386a597b

    SHA512

    49534c0889e4d7df503f127e21638fb476ef85b304729367833905fc43c9c01f038bd8338e03a979f4168976d6b006c755f6242d25bc5f5a3af9349517177784

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9df6a4ec998eea17d8fc63c95a087226

    SHA1

    a43ae6d2dcf6eb910a077a5231a28423dd064741

    SHA256

    966e287d269f90db4b0aed0f2df0f547675576d8b7d53b42bd1601bd5736bcb8

    SHA512

    584ca1050ab5fbbbb2b2ac997bef5e1d068e2b44859c3163357325dfbf47331df2a1cf40623a5b9a82c95026e36f08af5b4f4a5462277ae52cce3d07d78576c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a77a9ed2c440a7cf643f3f145e6e3ca

    SHA1

    8ed77afc432f29e0520e82576414b9eaf0c76b8d

    SHA256

    2b7dc3fabf29c1d71f937e17d8897694269cc9de46e2b0be961faa36eb583c4a

    SHA512

    515a988eeabccbcf24b0191cbf008df97c0db80096106551cb30a399320bb66e62b6ae369476b979c63651421d1c3a157b041b6d7f4df4e3c49c96bf44040205

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7f4cea162cd26dffc4ed412e83993337

    SHA1

    3a038ad7263289a739d0c33101e02fb3203078ab

    SHA256

    40de18032f2d654dbdccbcfbf099f12edaeb11def4a065677b68301345a68ad3

    SHA512

    4a21a1c494dd48bd35b8430dca39795a149b48541c979f785bdacf8df8ce89cf4140f2d45c9925a57d989c44b2988f996682729c9675237dc1ece09640fc9f2d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9f06661ad7b8777cb2bdb5ef6e65d032

    SHA1

    567506f7024894aeaf4786e905bfc58158b8e731

    SHA256

    2b090acdbf38e2cf0a29f7db87ab2e09c94f2af987084d28bd0817a2671a1578

    SHA512

    eb7663c3f6ad276282d652236d2513fac1292b81b64aa631cbfac843b6d8025b82ea0d15f2a2382942ed48f72ddc424f0447e9593598e009480d7b7c87d4869c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ae7111bc234eeca3d93f0d7eb17dc3a2

    SHA1

    51026d67c410ceccae9b1fdf618d05f9f1662b3c

    SHA256

    d0893dfafca73d767b22718d698fd00ba0a4c2d822954b8cafd9f9acb00209ad

    SHA512

    c477990c2e5a8d3be7d673dcc2524c7d7fd6231a69b16e6b56a0fa82563100093ad9f8f30d29b64df02588debcb4dc18866485bcdb73d24f67aa2bd6cb243c2a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    46cfc300a5c15d2cbe198df7af4848cc

    SHA1

    b7dc556e89304922ade1a0a2bf5860292f61818c

    SHA256

    759a51ad6d5bd93d93f22135d19da5e8d735c93ca8ee49c2109dbde25d191361

    SHA512

    a3b05e444ca076887d4b55053941a524bd82b3072ebd27e3c0a8e87d06456b4e2b21cec7a96c867e731cb143903d33ee16812ca57f37a998457df2cf534b1e71

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67426b6c770ed0a10066ecc03673eb94

    SHA1

    6542012ab7fe40832c0c23e019ac863d53efbb83

    SHA256

    cac148ef7f916f6fca89e799d54946d41a068001211f3b227e0599ae72b980cd

    SHA512

    5d7359550a68ba80a5b2017d3fa593d023233325bced78b1e2e26bc67622c872f3b7f76efe6e79285a355216887578f251cd64fb740497af77549d3ba2277a3b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c1dde36bf76f98cb48bb56f5d5f1320e

    SHA1

    6eefd50e0f62a3bf747ece335e5da01395086a73

    SHA256

    38cb17b460926168b4124713a1e08c3a957498915c4ba60e2368a6841726dfa2

    SHA512

    44b2fab680d747b7e4ce89976afd075ef46adae94b9fb19d0c540a3c81e3a2f43cf708add0ff42b3d164098768bb0e5e145b26da37453ed86022c75555b33a20

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    261f471689550a11444ac742b63bd470

    SHA1

    1f588067a43c5dacb94a644948392b758cad4af7

    SHA256

    7ed91ac9befd6dafdd87d43128794a7753c0c3248e1e4cdbae035d3d875b6a28

    SHA512

    d5a0f8146f81eca26c1dbd3e6dabca532a8e3b2ed8c4a2242d77037c8e8a2070136de5f9276ebe91392764bce470da6c34f6c7e51ed40ece49861968aa26f239

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6ac34e414897a441eed338c1bd54c09c

    SHA1

    d12cf586895d5be6ee27c9834c8a18446fbae9d2

    SHA256

    b97d430d3785800e0f3357907fe17ac159ba607d0f37440fe8741e03c9e6c23a

    SHA512

    b2de3894b7f324e4e0d079ff334edebedb29458c58e36033ac6abe447be59a6349285641a72a08f1670d6a34ad55fafef89930df783d656f39554c7a94629148

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d4315023b80dd5dc8de5e6e5036382a5

    SHA1

    ede7ce8cbba83a9ba7715601e853c937aeb42765

    SHA256

    a51e06b55f03f67bb2460d20a07245eabd0c619f1ccfff89850a2366293682eb

    SHA512

    0ba45a59ec4f2f5f4d68299f7fdbaca4968c3cdc863ffbf211c7fc8f2927dade808447e598a1153fdd9593e8b75641bfcf8d80b17a2664a8f039e511c7dccc0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8d783cf7dd8d86b84a471dbc08d932e9

    SHA1

    4932adbb56483071e86b51c9cdae7f5eea3be446

    SHA256

    f7f02efa25ab5a0d38391094f28c37723b91f7e353c41baa65d0570985a77e7a

    SHA512

    4b651cbe98de9144f18f8b649efa8a1652ae7f32832fc716f709245797c89f3e3eb63f07bde6b477f0159875f568ca629826c37c2a2346f0289e4517f4cc7d82

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f37a4276e9ef4292fcb6833aefb4b18

    SHA1

    3bf6a219d130130744231a41aa21b4fdfc0c5477

    SHA256

    f21f09270ce9e5511b4df8cfe5599328d7ac3f8a4672a33ec79e06b5b1cd27de

    SHA512

    dc22c20ae11fdc22470ea13504284bef52f336c81ad5165103b768a6114036b4217529a07821919b20f52d90f3ca902dff7615bf7dc6cb6eae68d215714d0f3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e78e8b01b86b5b94c1ba9fe96d5ebc13

    SHA1

    053f327059bc0ab10f2143a6c4aac471c87dcb29

    SHA256

    0eafef587560f3a3feb5abe6ecbc2ae4693735402d46966dff34f9b132062ba1

    SHA512

    ad0d7ffd905d3a3d4fe40363a51c0b4fae6298d86f5c90baf6639380cac126709aa4d8924d1a5fa1fccd20aceefae9430a828b98afe7c46bc17fa2aa1393c71c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bc1377647f0a280bdd70b7a1b5b0067c

    SHA1

    ea68fc0070281520a443e42c7e84f5c1077842c5

    SHA256

    58f41fdbcf727b517899f0843c4e7647f9d28b24f44c34abb00b3491c47682cf

    SHA512

    739b9655393263bbbda9f16325901ca4658043988b404826b6bc82e1355bd5206a5db0d1f8547faff08665dc6b9a609e3bbe7dde6ed3abc66946e74b508e339f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    edeedb0dbfa79f69ae7a82a655f29e2f

    SHA1

    7b7f3cd27e2b65080b6cb85b8dac2328e01e4e62

    SHA256

    8c8a0bdc6112b7fbee94d2bacbc8f8cfe999f00fb84c288865df3ddd2917ce7d

    SHA512

    70b159dbe77a2aa3982d4044380604777b153a80abd9392b2f485510541d14af352231b52ca4c609e2ab463ab2b81103b233cdddbbf8ff577212be386f700bed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8e5fdde3f24c9508d466a354d97b287e

    SHA1

    5e819ea8ae004d55a74d0a5be7f9654d7c19f87e

    SHA256

    b8037508c34765ee76d36f6cd40d42e708dc5abed00bcda3353f9f3fb0dfdf3e

    SHA512

    cd7477c08dd10276cb713798b189f4046f029c37cdf54f018b7f2d17fc6a82b34fe7845357ba1bafc405d31f5acba136cdc6fe378d0a83aedb3cb0e2e3d07554

  • C:\Users\Admin\AppData\Local\Temp\Cab1822.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\Tar18C7.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b