Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 06:26

General

  • Target

    a4321443bb970d6a92e5dd7887d2a1d9_JaffaCakes118.html

  • Size

    220KB

  • MD5

    a4321443bb970d6a92e5dd7887d2a1d9

  • SHA1

    c4959cfdd44e9e86db67dda6372d1ba2ffeab2fd

  • SHA256

    a34b547458b2f448b7f9c50bb49d3b3279599ca03e6715e2a6e73459d59489ee

  • SHA512

    0013163566a1f607c8db33cf2cb1d6bcfaeb3c3dbfc5cdb7965ef407bc66773cf1d1e61797edecf684165d5e0c1fa90af3dfe31c581f5518ed062f8ade064b91

  • SSDEEP

    3072:Syp3+r+zdDkzHyfkMY+BES09JXAnyrZalI+YQ:Sy0uSOsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4321443bb970d6a92e5dd7887d2a1d9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2940
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2940 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1032

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    37007c99124a5b40ceabffdb0c648a99

    SHA1

    a296a502b9573bf6a7b47b2fda57559b228ae79f

    SHA256

    738ecf84c6fbe47c20841e712257575a20190a1b79a27effcdf4bd4abf0d2d0e

    SHA512

    1f17b2fd958a2a917205b164201fe39feed9b01c22cdf23e5874b749e3baf0aaac2fc04a94d9ed4c7cb930f2f612067d690d682a93db032876c5587e80d0bb2e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b7b5d1638dd9b886981e3ac15bfb48db

    SHA1

    df4cfc2d3a5729781216b49e24cfe093076ce006

    SHA256

    0ed1e7875952b6911b31d3e187a3365960dc0044da7bf8526cbb62026ec1d201

    SHA512

    1ce8043734b777edbb634737740a30170bc7c02b0becc2718e209a60e04d19e6d67b3674abe7218f224ba1d231287210398daef3e556ec1412469a78b863b210

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2dda733fb96560c0eff3a2baadb3133b

    SHA1

    0b4aeecf369a8bfe0f6d7d636fe800895229f0ee

    SHA256

    43dcbd3386ee56b3430e5f62dcfb875d16f66523a5870f0dc82e6823eded80cf

    SHA512

    a6246e1c8d358528aba9320827fffa3df60b445851f54d236a1a59f3464e96654a4b285a90c09ef27ff290bb778c5155bc2dc03c6f637368244c66c62dfe0ca6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    983f7de5fab1bef0659c473a586996a0

    SHA1

    4552fac8f344e0512ffe8ca0a3b8954e13939b5c

    SHA256

    885faad7feef76f768617033a9650c21bfa9330ff141008fbc4b9075ea0307ce

    SHA512

    fa1a1e9b5c400d1bbac5a200e970c2fd3b2f71011db6c61a285abfe512a35edf149238eeba61709d0dd3e6c1df57bae9c29b21af85798fec162c948a77e38a94

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    06935ee61faab436f11a800d1fafcb89

    SHA1

    4eb0e2630a9cd06fd079ebdc845d1ed7c696fc74

    SHA256

    ad15bcbb40fc0aaaa4670e41e37696a2f7cb7cdf8fc1dec64a289ef2cc7e5347

    SHA512

    2c8c9e2535a0548fd70b15817ba431bcb9e69fa313a4e3c8daf0a11df09ada93a1fec9c8db92f7c091e5cb9c2bba3592129c1eaa268ef483dc4438a0c9736e34

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9acb2d59c0d665f80825e7674b1d2e8e

    SHA1

    47358272813c37ae57690e56800bf0842291b7ae

    SHA256

    f31ab3ae70dab489a7d5be5e690ea9094c942fba18c955fca5a802221680f762

    SHA512

    90d7264c6417db0b308a0e7c383b603c5c3b4bfed0587cc4794340fd396853c7e32d0b7e73de714e5692a6f5c36b55538834376f7e60d922994ca4304801aa98

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5de8fed60a8516c7331a33bcfd34aebc

    SHA1

    021727e3a8d1e390d71c68aeb7a85be910cc69e8

    SHA256

    ca7f1fbc4db7e94e9d8f0918d67020b372ca4ce7973a8a421edb28a23a67f8b0

    SHA512

    73055b463aa0defa4d05fb41011b021cefecb6a0527264e582a8775e906abf4dd161f94c66b975c87b3824695abcc4b7d896575c9de4e6a00f4b15e35206e01d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    40d1a6591b0163d9942f03f959e0ad80

    SHA1

    15a82206305b10000469e036063839c700a16914

    SHA256

    5d6e861d8b64a5bbe33953b3ea3554c82bf6658064875a942f2dcbbcda1e5d97

    SHA512

    69e61f06c5e57879b9e5ca48ac7712ae3bd3f9b4052025d97fac86e573e76b4d08cfd6efc60f29eae9c9ed9e97fe3958598853d6f78e227593794faee0543dfc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2daf493bc0f31be1bf06585db665d22d

    SHA1

    2036b027ac51f5956af405c8579c598867c3e4f3

    SHA256

    7e05b82a4685c586e062abfc74bd2f726818a292dba714393f43bf84c44b6de9

    SHA512

    e8ede0143625fd254508f3c3829414fc3c0dceaace994cc4943228ce0a600d6d87762a848c49132b64ca46f6fb0ab7d145d6890566463adf5407e7216f1918bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    00a28db35d12d33d6feddc4991bf025f

    SHA1

    9ab5a75bb78ccdf86c891bdbfb8b961857772690

    SHA256

    fe5ac973993f3ed729f7eede4d6e9684a0ae7a78adf7cfeda0118ae669ad4ae8

    SHA512

    725af0e28918fe8c1c6613d8b55d2af86992d107a1589ca6ab11c37a390742986e89ab63496323536f225b6381e3eb88c9078ad88c96fad5c089406fad5a6832

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7f69015f630ca525f4b3c0646abdf8c8

    SHA1

    3460dbb672f0037f66007ac2bc77c32c1e08350c

    SHA256

    77d16957bfd32357418103b784b8e7423b9c76ffe0e0afa458886d89c9e1e76b

    SHA512

    7ca76d0d4e90e10f203ebf8b0a21c95b54b3cc1be308d5e2f5b3aec809b8420287c47ab4eb3a87a91e79b56682a6bd82a72eb25d5a21b637bd103b6be0fcdc5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7b895546e62a0bfb159daa93178b1421

    SHA1

    7e88a593fbf6d2fbe51216b923957930f6450e43

    SHA256

    6140cfc85671be853ab7d0605795ab03abdb3ea2aa9e69049c8873519492fbb3

    SHA512

    b84b03a380b4ab7377a0fe99e9395361a0115a68299f17332ca00c8900eceff757e107f5dd135f664ac115d9cdb1ada1a60c52f5afc6c75fbffba6022aec6055

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d56d876162d8bf4bf9f3f38043993e43

    SHA1

    618d79fe746902f127a9d21aa9874082751808a2

    SHA256

    007063e6ba4ebe3c0540231cc7bd170b7ba21276de7d2db6e088f75ec6bde5a4

    SHA512

    6552e5ef3b5aa5085faa298158b4ebb4e1e88a0713df749651613004be1d78add3a94336278c42aa8a993280c17fef339a1c4736a09db63bd8654d3bc7e96cfd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0d6a26ff42c970fd0b4f2c657e5f2ede

    SHA1

    38d733eb121c67cee13b005139ad44ab7964a3b9

    SHA256

    1d17d1f2017715a3154c71edadea77594eb9c2417f263fb018f481d99983385d

    SHA512

    cfe77e2047df16753544588266db319c650396d515b9b83d1ad169d1b1a2614a4be066e34ee65f9e83c28cacbaf4f7217f032654fd7294038a81af4df70bdbac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a517a2ade744723251a99919ce3be77d

    SHA1

    9f8ed529f4047f3bf1e0937ae39b20ccc96e746e

    SHA256

    723849fc612f3953617a61d5eee0f3d554c1fb7f333e471f29337d15eed926cd

    SHA512

    5e601a343ab03b33ef66d4cbfc8d9363b8eb333b1771849fe5391acd2a67ba4eebd687a13bde988f6140c62ea52a3484b4178422d796bef777955d2a6ee00551

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9fea8edee41ff751270281ca5977168

    SHA1

    612fd31761fc0a2d181af654c6af581733e91a22

    SHA256

    1e35f72599953500ff12328a7fc0e4e744ec65a4e96923493b25403ddd9f06d3

    SHA512

    66d33c56469059ac46ee0d99f43a87f2ffd68831cc3b0aa2928000e00afd9736f51a49793b17b16d4f4a2564e8cf6ef1df4184b4759badf97983655977b73990

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63b895cbe17bd948418295c1f76abe86

    SHA1

    a1662bdabe09e17d79f65c3b5510e6c458f204f8

    SHA256

    356aeb60a5cd71027420d900c6dc871d31b359f912e824642bd2a8ea84902a1a

    SHA512

    a3cac602dcfec74524c4fb37d88582e0148864c5d5eb61a0cdb7a9463f59d08c97ce1cca8965805c9949ed7ff17c0a262d7fe99f2a949ec8512ae85c60586584

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8e4c087c167ce0b3d923a73389452093

    SHA1

    26f72efc08b28babe6dbc983737077e21dcf8d07

    SHA256

    2197821cc30488d21d44c332700791688a24f22d305e423a8dcf1dc8a179c39d

    SHA512

    884ba7519555c092b56d00643852ac31c91a0c6d9d5e2b0c390d6ae553dd3cca1a690323877fd233cceb40a5b9a2b962da8921c48a6a7292ff5414a70ada0212

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fe444b2ec7608754630a7238f172e832

    SHA1

    d5e087d3f68923ab16333e89f7628e03e1350cbe

    SHA256

    d0d234211534cf0e680218b7054c75ae91e7b1e717f3b63f18b79aaf27c8319f

    SHA512

    0955f9c37be3de2c212def2a30e78f125f85cdffecfee9e9fa1733b7b86e163bbd964ae6ea964c303c388768688fbefafcadff716b7ee01d21eafd1b01b7c5b9

  • C:\Users\Admin\AppData\Local\Temp\CabC12.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarD05.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b