Analysis

  • max time kernel
    137s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 06:27

General

  • Target

    a4327bafc04d45ac17599e97c62065dd_JaffaCakes118.html

  • Size

    23KB

  • MD5

    a4327bafc04d45ac17599e97c62065dd

  • SHA1

    dfb77bd430cc48dec7497ee509d5a9f5e7f5704e

  • SHA256

    7ea7d268333d82bc089b1e884fc6c3d0f6e08f0a420081fb5305f9a85c4c3be0

  • SHA512

    babac821b5937d4f80af19e1d866d19a10e3a2623f0a134e289b8843f48c35fb08d382d7e663516e42d9fa3ea6fc9890267d2b2658d13eec8a7c22f8afd8aa7d

  • SSDEEP

    192:WiTt2oCTZBTa1T9b5nfHnQjLn5G1mf6nQie7ngnQOkrnFlWnQTbnxnQJkgPMNnFR:3Z2oCzm1LsG18f0C

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4327bafc04d45ac17599e97c62065dd_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2860
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2860 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2548

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3fcf2213045daa29205960d9da2e314c

    SHA1

    925efa76742843cd02e7c2247dde83d40713daab

    SHA256

    f949ea292356e64f276b0b6f271f376b5a0009309e352506a59f6cb529f91c12

    SHA512

    8de90ac01a5cd4da21e88ca72c56fb5c1af80828596b1e0cd37aaa03adc00f6648ed2f610094f02e150f1e267c73ffb54737fcd4deccc61c616c64dc1b848414

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    360889497d4e7f49c6441de3b1d3a887

    SHA1

    50772a0971d81ef97698fe93fc81e4ca9f6d6fde

    SHA256

    b71ad0932328e30fc73211a1c3a0c3c476f33441eb292455b0b49410d50ae092

    SHA512

    32c1e918b9cb9fcf1fe7a99e51dee392e4400eab539a9223fe6c014b526f9d9e5e1e867788e9bbb9be358d1d1d7e447a47441c593a2c69519c4d503ffe33fd23

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    91c718e27b32fd77afc08515ede333be

    SHA1

    ff97c64738af00fb039810265a44de6eb45ac5a7

    SHA256

    cddd403d5b82525082bb7f3fbc2a7ad8b54707bc8477c5490a94c2e6977d9ff6

    SHA512

    e0b636da7d1f7a5537ecae56852e29f7486656020c7f760113d27deb2ecb122c0c5b551013fe897f87401f4315276ea48b6e8468547100b92a3a6976185bec59

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    44c7650124dbaa42548a2f62f73a12c6

    SHA1

    18f0bc09cc48d0f8958a03deb584d414adeb4f08

    SHA256

    0d29008822baa1a20a068697ddb05851aa268d43476d57f4d9ceaedeeb599bc0

    SHA512

    c4028f895abfda0c47f0aa8de448380b7acd69a60e409b99e5065a024579859a1b744473196e5f1163b796ea3ccc42d27e1a2efda0502a8a21ff13f626bcb9a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d916f312204dedba1c5a469bc5b8b864

    SHA1

    78ae17aa0ae5a699fdfab2699ae3ebc12d0dc18e

    SHA256

    5507013f71f9fe1bfebb548d9f4b46b833a7d778d45e9cda0e30159d7dd4532f

    SHA512

    ee9ef61793b4cffc9f12c78f6c603ebf35106bdd124c782fd8545be60beac66abe7b7156c13b5480ef796b70349ca6670de07b78fdbda97838293909ba87e241

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cfc1c2633ac0e5557a521d8d892ceb86

    SHA1

    8fef9a47a3d19f5b59239857bbd84cdd598f4ada

    SHA256

    5d6a5977a347e90081f67a3b89061778268daf0a2a9129fe7eda1da08e17b42c

    SHA512

    08770eb21cc29b6c21c83d2e41f2b932415fc00cee775e377ca00a5709b9ec3946d034c825606a5ad8febed845c26cf8515e381c15129b60c5b62e4cf8cf0bee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    06df0c1d13b298ef9c825ccec3c03782

    SHA1

    2787b4c8a78b51533f9433b88c06de0d79c72e20

    SHA256

    4a91b987f7b5c38721002ceadc34490c5b01622da3fbb9b90549d8135941923a

    SHA512

    97154ca2829efc0bd85596739a48e6f7b09fd53faf172e34f9b962e128025103857bfcd42eeb675b799b0fe1142859d8c9286a3cfcefe76e7c00fbfb8688fdd2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cca67bd911164d8f05374dbe65ca954c

    SHA1

    22e8e37c4e6aa72c8c11cc406f8ca01c67677b8b

    SHA256

    798bda35ff1821f63619020eeb51f19a181c1118d398765b3b277fbf5cf71c86

    SHA512

    66b17cafde0883cbef1c096a0202c37d60fbfb6f528025b4150993ddf259d6f339ea6f9b3d42937a43be1739be3a6d94a55ce3dc37cfbb76ec097ef7b7537cfb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7376bd1775be5acb23a6c5d280701372

    SHA1

    f0244f0dcfa0ff1d7095c6395a59af747eba7a7e

    SHA256

    41b522a0e7d130248656ed1ea051399cc69a182b3dc81c78f22465c0c2885db2

    SHA512

    d13136ac619769d1fec91ad5afd0ef6e9590bd3a3d76d3f5a06098472cd42ed923bf74f24f386774ec4dd45529a2dd35d8f37e624e29d39dbf20147c5be51046

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    33b649354716bb45ce62f00e057f172e

    SHA1

    ab267dc9fa215638375541dc527b18d0b4dec0a0

    SHA256

    a5dfcdc7935826a964b03f589b1f2395a11bfda5f9636310c086f9d9bdc4171f

    SHA512

    e3029dee4391c506b59a4375a44c470ae5760746ce74292f2045189700961610588e6328f21c2199096ddfd310455896c2c9da8a6394cdd7f81642b66375c21d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ff1bd831b689311dc8ff37c01d8b3c8

    SHA1

    a0a3afeb03e141da5263f6c9373bbf849894f478

    SHA256

    3198f2e7b8394bbd7ec6d1180d84083111557ef84915b4fc40545f2e2f4d985c

    SHA512

    53de3a5adbad92478a8953c4bc15bc0998696ef6c0f489983b827f067a3d5a9a9fec3aee9a69a38e46b6c4bfee27ba6de4ec3669fc7a669ccfbef8e67540ae36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    64a6c7678f0d17a68cce68602c5efd22

    SHA1

    aaf1c06cb6229b564a25b7b3d52f17f92fd3efa6

    SHA256

    286e0b66a52349a5225dd6e591cd4d8aa032dbc31b86adb9574c47386da449c2

    SHA512

    5f1d5978e4d42f4602edada2bd8676a7deedf82350742f4740aab3fc666ca849aaf68b9985c2f2af6395757263c3df83b50f5404e134450d53c06c44a018882d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    53dce1914385732d5b6af59629152715

    SHA1

    6ed0202c3f71adae11ab9e2b65bab91ab0b1f8b4

    SHA256

    d4be66689dff8cf0bb9bfa7fe8d26a3c078ef711e289cd95a68e980de1d73d7b

    SHA512

    f823db7246551caf42af67fecf56d7712249d4c4b9d83e449c3665a7d2b5da3287fd2c7196e3c124d6c119a50e8277629f72f95937cbd8ed811b384874875fad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b75af150b3fe07d005d378305148108c

    SHA1

    437fe9d1f93ea66998ab6ef3a41b660509b1e2f6

    SHA256

    103d56823551507e6397e30ab148cf091b22b329610480b2dd1f5ddb0748227e

    SHA512

    24be366dae0b0024c13a0c7e9f2d635bcafd2fa9fcb78d1e0cfc880ce2f402a119ee3057578a7716cbae1a14ded0c038e257e859d5550f70cb8a8a9c6eae5651

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5e7bab3405008a9514318d73cab6e8ac

    SHA1

    3b07f18b7a70e1c46a520c2f69034722f07606dc

    SHA256

    94601d946e8ff2a6fd76d7ba56ba8ec462f31ebe2f613f78413de84f58746c69

    SHA512

    3a133dfb732477ae66783ffd2b9b31a96eaa68a42f2d5c47972d4e9a4b24b114e595e79df2dbafcf1ea369818d8551afd47f0e4679984a389c4ce4bfa94bc901

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d82bcda5fb09ee97d6c427ce05c14b00

    SHA1

    17addbc5d774b6b4f888f3e935112ab274283858

    SHA256

    9310999447eb473da60fa0a555cd1411129cbf472fbcf6587c788303c4766874

    SHA512

    a49dc93772db9fd32adca4b29703ce697146d6f17b013f09d5f4071353aa81c84248722fc89733b8698eef1d35acdd48c6b82e042cc0f803ecd731b1c1ded5fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1b11b25a9c3fcdba2a6dd0644a8d464c

    SHA1

    d0ae62befae1d012c31219f7572eb654d1be24b4

    SHA256

    668eb108f7dacd3d35c599c22cf08c3e8f3e9b6a48649a5dc0f810fd673d9c5d

    SHA512

    e040fb2b76b25fcb05a238496a1fc5add432b977aa3edff1b18d2ba362cef1498cb1e3bd537fe5427ca490599358b0853d81b8b92f3aa8a7491134eaf833f0d0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ae18e3026a1e0b93563f807184c5cf94

    SHA1

    179a015bd6819ecc59866c6833e2d5c5548bbd90

    SHA256

    5565702b895b1b91fec7c83a871ca09c1e0c6810f8ce390d1dfe654a0d9aa07b

    SHA512

    2b1331d870514162e5eea75714a843038e977619d321f57272e178d39c1931589317daf444e6e200e123c41f6322a025cb51102f6ed8cf994a5f395268b3a157

  • C:\Users\Admin\AppData\Local\Temp\Cab87AA.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar8897.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b