Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 07:33

General

  • Target

    a471bf288aeb378db8b27850ebfd1c94_JaffaCakes118.html

  • Size

    31KB

  • MD5

    a471bf288aeb378db8b27850ebfd1c94

  • SHA1

    55461e3ab19901bba529d6986369fd2c6c1cd141

  • SHA256

    deb42f9483cd71430609ef425deefa3830783d842e885e30148ee81a041ab810

  • SHA512

    1af17c6250a70a71a5537be3b333953bc5192577cec2de672b795558de5bd4eee9784360bc34d0739fb75ef4a2b8810417903992bedf60f772c63beb197b9c69

  • SSDEEP

    192:uWHaYFrprUd1zPb5nmNuClOgAjM6O1g0c3nQjxn5Q/MznQieo2NnL1gnQOkEntqL:rQ/Tv4R6RivUMNTBb4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a471bf288aeb378db8b27850ebfd1c94_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1684
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1684 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2156

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    cafa92cc59eb6da8b0abcf251c6eb4a7

    SHA1

    f3b38fbf2f29b19362908ee11cd932236373ca13

    SHA256

    48a340d55843bdbcc94bfd6d2ce3046cb0acbd97a710ea842206190b3a286589

    SHA512

    cc6419dbef947b018a2d0c748c8701f925f0d46f3fbce12f8b1ccbe7738667883cc7eec064f642a8f590e95aa9ccddba0b698f3c89a5fa686d4c3f37009c693f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    60c546edcc152ffab9ca63572fe1f0e2

    SHA1

    72e91e959e67a220f18a580855d5712a8cb6e5f0

    SHA256

    798a2124156e9fe03a2af39f971a9ce968f059359e5f97d7b49a0c5072c7c679

    SHA512

    734aa1b63c06b21cb6b97c6a0b91ee87acc7b24a70f4fec948d6eb8e1a7593cd1720b249dd935cf110435da4f6ec40a307db2dc2548c1456ad5d26e112fb430a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f8ae2c1d640c6e5c914807cdb24213f3

    SHA1

    eefb4aff0505b68295cf07f8db86467a56575a6d

    SHA256

    2f5cf773aeae6e2a19b887b02682808276474d5a4a31cac8659963a62bea36aa

    SHA512

    6ad05930c25c9e6a92a6816a9e45d63b529196062edd28418d395a0eea3b18dfce488b39a6046757779da341f8ba6eff23d28ea92088a7cb03b0a4d9b959b24c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    588ad2f779076f9c64c9cbbe115f4784

    SHA1

    13a71e1576e4993d9e8113c48e6ec3cf04242f53

    SHA256

    b256c8d46d0089844aea7d24ca909bbfc5608bc035581b29cbcc3a6902bc8836

    SHA512

    fcf0524cb6bddd55ffe3df6124f76e6175d19415f4cdaf49e55cda79603136b8cabc2a6ab98a65e56ff9cd1b3569daaf963f2bf5431018c13a15c112ae54addb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0670fd8bd75f495a3638934161d5ffe0

    SHA1

    4e0b0095eb9b84e24f18afe10583bb42176c9d49

    SHA256

    b3f115e164e9f2116bcc84c8200edb55ef2d4d252b9a70774df17cc04b643531

    SHA512

    0790c77a87e8fa1f712c6463e42d16618591f1b6e02f56df2029eb0f881b3fbf59061b5534189228c8a97ec5bbd575dc3adfd75eccbfe22acc4221979bde778e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f82939c9c637869348e6a929b5262b64

    SHA1

    fbc61009ed2b3b546aba09f69515ee1510cb146d

    SHA256

    0acd9e4d7aa5077636e7f1d9574a12f6c2a6d09e8e3eb5ddaa46f29fda2d9abc

    SHA512

    571d53642177740357c07e1c859a20b50322841672f8727a3e1e22281ffc159513321ea6f0fc8088026b7e087837c8e2ccffaad97b468a7c1d3b95c88ec77e82

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2852fd695967231bdff4282fc088e7a2

    SHA1

    31fa603ef0f8d0e4d97c3aa5b093d92c844d1768

    SHA256

    c7fe9a60d964899e2ce02ae7b48b35fa9d56cf6f5b15a8f02c034d3c73fb805a

    SHA512

    ab3d7efbfe992eb9bed814e863be2ec5f434b2ff4fb122a43cebd9dc7969084c3f3415ce1ecad2e7b098523d491e0f47bed834b1935861cd95d658a51fe16798

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e1abdbdc133c12d804230a3a84d64cc

    SHA1

    fb2e48281bbbe644a5909901981279d82ad44b0d

    SHA256

    d1bf599145c32fb9b0df39b24a13747b2dabe46ff7cf8b54d5d45a60ffaa4d91

    SHA512

    b0f554a2e347ab05498b1dab906b2ab5649f2bb4dbd73ccdb8c84c8df555c8ee111216c95d5e8b88b6bbbdb4d08a346daeefd2c07c48a2527d91434dc1fdb470

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    133fb4cb4a5d330950a132ce84d7d4cd

    SHA1

    89ec988c0d482f9ea530426d8055df76190eb361

    SHA256

    b37a71382a1c376c993edca304e83bd5e6b75faa6ec16639c96a08b727496ab7

    SHA512

    ba30cbde49eb149ea72f251661a0fa2ec0c57ef67c957ffc2fa33b14760f6cdfbba17f7ff5ddd7d5159836c7d744f10458000c93f2e5fb00606ba267e345a7ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    383ef8dbdd8e057e520becbc781f9b24

    SHA1

    3d64591bad8f06571ea65d0c3fa0c434bac4df9e

    SHA256

    b3c6c64d850a08e422ba262e91023d1fc9c5129eeb3ddd06bf5a7c4ccadd87d1

    SHA512

    ec95565a929a98ec05c1064508c0c193701bbc9a5d2c40ee5a4625bcb4c8a6c645ea70186aaeee8f2f5bf123554432e4c37856d4c7ecd6a84d6c8550da5e4979

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    1d0f5182d0689dbef49d7483c6bb0d4c

    SHA1

    e6cc3098e03f7619fc9658754fd8f5892eed6f14

    SHA256

    80460a1312a3e6ed7b07812124f4be9db4022911c8149b18005a0356630f12a3

    SHA512

    ec77109d4864dec650ec1e040a437a24f60f1cb03feeb5e774713b65d350b4724b03d98048ab093c526297838e1850377b4c2822be12096f0cb6eda04164f63b

  • C:\Users\Admin\AppData\Local\Temp\CabDE6.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarF42.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b