Analysis

  • max time kernel
    136s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 06:27

General

  • Target

    a43269c71b874b102bde1b093274dfe6_JaffaCakes118.html

  • Size

    1.4MB

  • MD5

    a43269c71b874b102bde1b093274dfe6

  • SHA1

    0f0b789a778c9a74ef336b40d92fd8e548424d6b

  • SHA256

    700365e51f0949a6f943da95eb903aeff292f140f23ea1cbfdd13799e31a9604

  • SHA512

    9655114e83221ade9da57c91bd2a52d7700585903cf12cb03c99426dc723069bfd5f9dc41e9b850508661f799f5334528aa6b2115d3edba53c9f5076312a4c44

  • SSDEEP

    6144:Z4L5EFa3j/+uj5e8Ugqoe9Ae6M0eCOPQ9m9sWL8NOFItO30rTchCZxK/Q1QzFejl:Zc5YOj/+uj5e8UgqoPSTS

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a43269c71b874b102bde1b093274dfe6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2484
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2484 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2428

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    56eece8e635c28333beabcbc93d3af1f

    SHA1

    047411556b2d260d24547124231491fd4ca2bd0a

    SHA256

    33d263d174c5edd6154c7b52b3d9e837dc1474faf040c52abc5f8f4fc7427660

    SHA512

    9cc826a32cc48a197b2346ee3448842ae0bedb00f10145176e6c77e9f8bb23bf9792dffdb29b2951b256bfc78493f40753fb24a12e7518cd75b1d6cab6c7396d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    495c6fed56150037d49584ecc4a9eba6

    SHA1

    9552296f6e739b5d6eb88194309869329401763e

    SHA256

    05aa4d3e0343a7b7a19c96ed92ced9783422d4fe29d3d5a975a9627fbd1e20e2

    SHA512

    9b839a477994b84a4f79b2f2e2aa99c3188dd1953e36c4ea64a12d1f63fc46d7b95a3af8f61633b233382b62bcf82e42f42f62bb8d6d6e39b753420dafb0042d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5ccf3ae6ae63a705d7fe4e567d53fc86

    SHA1

    13a12b8fac60af0b5afde2c5cc33ca932dc12a73

    SHA256

    bc176bb7a4751c7659e67b325edeeaae7754ccd15a39011a24fe6e3ae835b3e2

    SHA512

    fd33d23fbb8934dc54fcf28f0ba245e6fea67905a3e9b87da751dfbb4d53fde15b705774d785c1018eb6ab79f860d5fe03d89f39596f3bfb1d239ccb250046ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    df7feee0b798d38eb6f1dddcf8dca00e

    SHA1

    62f086314d69f3b45dc2c281f6b77b6f7bed2eec

    SHA256

    6b780eb88f0cc2dc74d2b77cce3c6390a58e48019297aa16ea5988e32e435b9e

    SHA512

    1108ba8c68a844fbd427ce8377847c91f8a604542d5a9507dc28dd4121518e2d9c255b4d632a9042176c905428db05aed815791e3184c66cd8df4f35504ccbdd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ce31940a7a778527d8cc5270be0945db

    SHA1

    f73f275a33c89b8510da1a78e87b3edf4c070b28

    SHA256

    efb851ad9fc0e9e54fe53bf91f16cf8e7e696582d8e74280c5b44a0f0b167fe1

    SHA512

    d9e95fce112b9a614786742f39032462d834379d4ee5bb7bf2b303d2172d5d663595d3dfca2836ff788915e36419e8cb35df246a3765fbc83e9a8512b0c33da6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d594d94d36509510b45b5eb1b5921f3b

    SHA1

    e91a78a31da0da8c73ef91e327d9c4f7c242d8e6

    SHA256

    3e7bd2660a698139923b11f3db6ac92f687db17cf0000ae754f4b5852a098ff1

    SHA512

    95de69d7c6bdedaa9ff8834737186b84630e05a3e59fea65b194cb1f4b398085643d6401324fa18e18c4543b0dd11db3a5be10f3ce177b993d92c903169fbc5c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aebc9118573621f6506f760511b83ccd

    SHA1

    6b12d31b9f080080b1c107a1f4e816dd1a370c36

    SHA256

    263e44f7f0521f2d074738a997262b2a834b039bce2b645468235124b5703dd5

    SHA512

    54e3e24a1129e878fe5bf55e35cdb03e9bfe4a8cb71c4da7c094f7ff94bbcdebab360a7bc84b4eaf99fe056a976d99f7f770d1bd6f35e4df2fe4edc4a3eb3a72

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    113c4213e9b6a154c4facb009d25a148

    SHA1

    840c93fd60977183cc062a048285a1478dc88e0d

    SHA256

    5b9ff703ebfae39de07d9a3d3989b74f43e54f5638b9156dc4ea264751536e0d

    SHA512

    20aef775094ab36731a1602e29fe83f4112e25543eac2c4ab7d2ed892d456654112284648134a08c58572750e86846b32ce04687c4f49491400ad987372aedf4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2dafe8e252b565e49aecef2ec939cfd

    SHA1

    aedc8f05e37a3efb517d3e1b3b41dd223c4eecf6

    SHA256

    86af9eca0c8fcfbe5c0e0e1768b5f70bc337125368f60a38fb170dff2195f181

    SHA512

    af0d005da0957e5071dfcec66177496e5e484b66ee48d5064147c45b5c04666a2756121caa36ebb19c08b92e6ee578b45da4888cb7df89374cdb84306120aa32

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    01f928775896b17e9d43f78328337206

    SHA1

    80b43d4e49eac242e845245c0e25593fd6078635

    SHA256

    ebde16b9ae92095850dc7b55227dce7600c1da6dc576b928c169147298f1ebdb

    SHA512

    90741a5a5a8b022100a5ad4d24beade3df588ab3ceda140f22dc13073ed57910bbc5a0edfd27875fa8e01f4ed603d2cf0818b54945504c0474d5eb26c6677eef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d63a0d28137aa5abcda627038b07d52

    SHA1

    28420ad2b8993c65be8f6a4d074d804d39e75a13

    SHA256

    8765a1418ffe9cce5ab7475b98989ad97ec75fbeb888a8c7c3a9512a746bc384

    SHA512

    32ea1ff558fee5c507bf4611f7e9118542e414113fd832fe30c697b6b8ccf9615ecddba517125d4b446420fb773285297b0c4630bf38143644a7b0b4c232a4ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e42d53838456725e3904b248cdd42ca9

    SHA1

    4c9961d39c892f2359e028a4c81338c69bf0da7d

    SHA256

    5391c194c4bf6a003a9931b7fd146500d32979a2d3ae1d9a799a6d7f1f4d6358

    SHA512

    83735a661767c4e64c07f87452081a7cbd1b5f7be2740f9c999a6c6bbe34a0c042b04ee593da7fccb1b250cd53a91bb393daa636bf9b0711f73091767d6c900c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b95feedefa811dce2cf2b5b79b2d21f

    SHA1

    c622f283607e89b124cd44bf4cc2586da7091dc2

    SHA256

    82434ab0f24e6add03f7c023a79f887fb0ffc87481739eb683b3558b252b0d91

    SHA512

    489d3b981f54dd2334f37ee3ddf51ea1b4c3542c9687856c0020641314c0db3f06f5940b9f4db9690e54ceb6406f0d225e5e34d742723809c982a6d82a6f0487

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b63a4cafaf0f70b4a5fda8872b5898a6

    SHA1

    c63060f76cc0d41a69ea6273e3860514ebe6fc2d

    SHA256

    b0e5ac381b79cd5d450f7f6ed62943a2bc629c308853829a168b4bca62b02509

    SHA512

    8c59def613600b630be3a666370f39326c59285b442898f643165419f2f256211c5544c986cc2e484492a51d9aaab48037d181cc0c0223b8c80f69e88d50b01c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ebe5155d11c423426be49ec5242f1cda

    SHA1

    fb66ee9462d99c46ffa58ea81c8ab11664b3d0f3

    SHA256

    96075dfe808f7d00eb2ecea631df351a86b0a4859420537af7ffa43b4c442dbb

    SHA512

    2aeacf3e9626610b33ef2b96ab63428fbdd800a0806789b5ce7582b9a9cefe4ecf6d1fe6f2f4893d4b7c8b737c498a816ea402d0cd1abd7023c7a4e2be131ef6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0361bcae52919158e6fb54ed54a072d0

    SHA1

    0dea7465fc0a3d2c428710328b7d215c9132853a

    SHA256

    613390c9bb4dd704540251d35ea5e8ffee42bf5c3b84e627edbf8fe45e6ab3cc

    SHA512

    d1897f2567ba15323d5f5d7c457be3284b302fafdbc8f8e550948c35b2ff007e14a4a6e257059dc828d1fdb29735606f3a9c408e73e802dada4bd7691cee0ccd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    39c8ea976a150b59a2f06f9fc629685a

    SHA1

    7a03d249b1282f358eabf9da431cd12e705561d0

    SHA256

    8aec6a4ef0809d17e40f26ccd84373eff2c3be284fd7e1b9b82dee069e69345c

    SHA512

    6178a746062a33dae780e76311d72d0fa0c0d4c66778e73abd7c60e1941c80ec10567e568230c344fa024b8b86027cee57e4fc92782170d8a790e9f2addbf451

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0725e44a0349bb8b9358da678c9481a3

    SHA1

    7fe8055f8af145295fb59184c166825e7b59a95e

    SHA256

    5d45ef1382190768c98986af0ba8689d0f45a6657c06e642cbbd23c9589b3f6f

    SHA512

    598e04e43704f0f494cc3364f76a12ce6d6e278a4992cc26be4b32ab72ba9de09b1d37f7079a24d022a1b07cb683b2363ae7c79e081d3b9d9201ad78caf9e390

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    62ed6ea5dcbb6cf5ff0c6b825dc1624f

    SHA1

    5b697516a494ef92ac8151eda1caa9f4bbf7b9af

    SHA256

    9f1cd4679e5faf5aa9a3a97127810a374a8b3deb667e063f624b6aa5ad9e613d

    SHA512

    cb5db4fad70440e525c981af6105c9fb2a5a64288f1cf0ac8bc930c1de187a0339e4448513c0ccc97955997f0b058ceecdf3e7ab7e3f32b6a7a372a03098bf57

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f18c713e97a668ef4b58fa0feb9c096

    SHA1

    d070f8173b6e7e18620a45d6ed790722e04c0801

    SHA256

    a921cef1eb5feed7efba5c3e142299667abe0055090e70254ecfafc9eb01b0b0

    SHA512

    2c34ae1ce1b602db75f0b4c7a7cc7f7e41303e037178850af2090b7458a4dd90e78fa0207f015d3d2c91c2cdc25fa53671900d95beed2dd5766c9ec11d50424d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ce4c384e18226e78876004e6500b25cb

    SHA1

    180b49f7352aacfbb0e8a6be2c55730c435969c7

    SHA256

    f6aa82d8093569169f91e6b15f0a36fce87ce7dde6dbf54e4d0e5ea1ffe8e6a3

    SHA512

    32c24e8045097af49d183a4cd9e19b0ff56b3330144b17c8eab1ecb74caa1510fdfa53f0948f31444a65e4f13e64009aaff87284a943df09c066ceea09504849

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5597bedf7d205e9a45c8e2b8e16e1f9b

    SHA1

    382525b6fc8544508889db0c2251a1e08a35ef9a

    SHA256

    60cba8b958afabc541b49342506ff32858902f8e50bcadeec406270d6b7862b9

    SHA512

    7b6971c994f4a3b168a74f0db925ba8bb05393006d6591e9b32e026098179eecabbfbca06511a42378aaac797e4e8709971358263f82548b6f7d10ef9e737341

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TNPG4FQ8\28616404_10160148454140578_1901066303915416974_o[1].htm

    Filesize

    167B

    MD5

    0104c301c5e02bd6148b8703d19b3a73

    SHA1

    7436e0b4b1f8c222c38069890b75fa2baf9ca620

    SHA256

    446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

    SHA512

    84427b656a6234a651a6d8285c103645b861a18a6c5af4abb5cb4f3beb5a4f0df4a74603a0896c7608790fbb886dc40508e92d5709f44dca05dd46c8316d15bf

  • C:\Users\Admin\AppData\Local\Temp\Cab3045.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar3048.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b