Analysis

  • max time kernel
    143s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 07:35

General

  • Target

    a473f4244670db36468ccc20b2c38d42_JaffaCakes118.html

  • Size

    139KB

  • MD5

    a473f4244670db36468ccc20b2c38d42

  • SHA1

    aa94238b7784bebccefa52ebe91288e6a5b11657

  • SHA256

    a79c290936e11017221c391717fc0c720319413b98b14512907c9ae85bcab5a7

  • SHA512

    6df3db9e366fe234b4d2b6db9e119e77ce6fb7ac9ecc51d154cfcda1d8f32f2a2d0acb57c7aa326713b6fd6f1c360aa1eef87e626e057f3859a89b9393e4fede

  • SSDEEP

    1536:SsWv8+ziTY8vl9yLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrk:SsWcYGyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a473f4244670db36468ccc20b2c38d42_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3052 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2972

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fbe4521ad949099aeea820334e5c6894

    SHA1

    35363f89acc36d0ff79d6eaf68c5f8188fd201af

    SHA256

    95c053695544a00aedc805c1ddeb120404e13c390d187e89515ad4667af8b0c0

    SHA512

    3be01950e6717ea726651f0f783efde9383f4762414470da409da322a607504bc01639925f5359b5ded0a1143bf544ecebc8bd52d1e53bb09396301796e4c4ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6d1c7bc589195922c6a6d2ea4d89dde1

    SHA1

    4228496ca48861353b31102d4d6f271c5c0ae661

    SHA256

    45cbf79122c7f06fd08964b27423b35859571c4835532077954e31169d5a1f35

    SHA512

    58214fbce6753a7cb37a5f994c41d641933622021bd47a3756712d30a36c6f813d9793ef2f6bff886ad5624f67e277e63b4a3c25bd17edc3c3eb02714d7b998d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    93c84e5cd6752b9d9fb3e025cd505dab

    SHA1

    4253475d63350541fe4526ef5d0575f9c1ead559

    SHA256

    dcec92369a55dc217a9b4b843281d03d81b7ec8e35e87c65cb96d786032e8e07

    SHA512

    769df86e9c7612ac491ff0f042f65b905c0598516137683e61c7ddbc092588cb42f4584034d686b4ca54c7b91146b49f2e866000d206c6595abf3f0ca9e05364

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dd434dc0f27700acaeba1d0d3f991905

    SHA1

    a77d6af3cebda98e35773f01b0f1f5933e01873d

    SHA256

    c69c02c30cc77d106cf1c3c37e30ece89a68fda9a48709e89d0659e3321666f2

    SHA512

    e1773a4f5e26854f79709f258ab8b6791d4d3055475d76ed81191bb04b1be08fab1ff4f3b5a7dd59b48b76cc2c157ad8d674d03580dc8068e2b7429b93d0c104

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d53925221feff315982b64e727fe82d7

    SHA1

    8d5bff48891169b31d0e8fd4da0ed71da2c810d9

    SHA256

    4c89fdbae395b95fc1e0711198fd4e9942b422066c16e8d3f4295db423d189e7

    SHA512

    b4528f2bb320c95463fe93cbee56f936c0bcd88aa4e38ca90180dde6cfffa68590ba88faf4fc8f9dea63a7b5cce197b42e8575258c0eb34ed7973bdb6f93ce63

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e7ef8125d4e84e141ee325bf74757a77

    SHA1

    0a1db988b0b7a9022aa9a7002009576b70e414a9

    SHA256

    1f8a9fe5fa799cacddfa0ca9e39dac1de02dc059f2383399b604fd1a235a6b5c

    SHA512

    a14c972002b667befefcdf87816023969f1d31ea374ff03fcbc242615437664be953d2d87081efcedd05ff9718dd3872baf1bb26d89e2fc7a5d9522680eaede2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8d38f464e2c0d164a11a4794b30e740e

    SHA1

    cc1edae571742c1bc935680c3ec68e4ba350244c

    SHA256

    bb6ad9c1b8f68faf0e2ab15f7a69fd9e3822ebe52fe1d0a1ab70e3dadf1f7b29

    SHA512

    046ade83b37ccbb929c310437f9cbd69fd48c25355c1db4cd79c3a5f91c95eb57066846615795e3ffe1cdcca31ada6d3b54e49e386f8d3c2c680b87a178c086f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    44cd52385d277f84d132995522519873

    SHA1

    6653d1892de829fe9ea8f33274caa8c015eba4f9

    SHA256

    8b239fac1df5f1ab903706707e01a1095ecc1a6569e36947d971d113b98cebe6

    SHA512

    55f08a5b84b257e67043464fc3726d5e1c20c5261abbfc12e7e5f6d47f2e796844cf3479d97a15979ab4ecf6db8be64045acbe8e912811dc53c312e07bf47db7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    acb2d6eaddfaf6aa10de875ecee5ddc0

    SHA1

    98828804ad7b03d15d44f333a17ebb50328932e7

    SHA256

    7f9e91b83e8f1155d8d1eabb05a3c3e17fa9a81b79721263e54e3fa0b430e84a

    SHA512

    ffa81344570580fd6cfafbe3d960026c9fca5c20bc0431ed0778a016011a1ebca022ae6b678e65373e243d45219f97fe584e0ae4114c2d04b9be7021b0d99894

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba24d1ed3187af0f094d3a193e092752

    SHA1

    0f475c705f3d18a2bcbc4a018cd704a971b67cf4

    SHA256

    10eb80d6f02bee6f0a24af47229debaa918779f7f4e4d6cb8157b7e4a5df7479

    SHA512

    960d7621e327fc6e8e695c4aa6cda316eb12b92326678dfc6d6f8327e4a06133dd8cd24fcc0b20eb90ef0b88c138124482f59f06d0c17273169fc136cb4ae2d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    423faa994f42bb78f99ef15914bab706

    SHA1

    856e648ba95d98e33d108404fc736bf859135d5a

    SHA256

    e8d814792aed8f0f28e3acbaf77dc806326b305d08a9ed7b918b83d31578bd86

    SHA512

    ad1cb8e8d893d34c077dd2c5d76c8f5407af1b237e8969e95936adb499c4af9bcc0fc36f0025c1174a7555b170c6fa4dfdf5dda07ce290443f754072bcb694b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    266dc9ed1bdc768c4b3a77a2ba3546d4

    SHA1

    0989e89b704137d1235953ad94a31540d3113f44

    SHA256

    ac72a57276b913ef09323e4bbdd4dc8884f515d7ff490bdd35df7060fd118995

    SHA512

    83d002b59997b9f728049e4c1f67a1c15eb1869a9ca30eaed8a35543df8c0847307443b1391bbcf3f35742aabbba95e4c391da81c580bd5e69e5333c5bebbf6e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f906c7224e910e04cd5407875652b820

    SHA1

    463096affee7dbf03d745c7fc88400de7de74f91

    SHA256

    1f723df3d5dca9dcf4d16a57fd28cdea871705d9110ad5de933218c2f7f2a530

    SHA512

    c4aa039cddd2b896b44d50e644bcd038ad646330a4c11687bbbc87e14f4206c2a8754db5c87633b4d4b88ff78da1523a184af1b82547d43f3fabd7e328879b5a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    22cf76554cc01018db38c45c91a607a8

    SHA1

    457cec4c5fcf3506ae3addd8a56a4fd840ff8439

    SHA256

    11d96751d2b8682d6b7e2f130415f6b6f464851adbd94831d41cd2b0ddab65b7

    SHA512

    c1c93e277d1cc64a8dd9e1652258f418207e57550310c361704265779eec3f80f66d41446eb85dee85b31b98d9308bc65bb3b0b723ef8e4fb4e0a3e7d296ad48

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0275774da9fdb4cf0c291a2e1fd0bc3d

    SHA1

    f9c854515309c286be0261d194f107b363b016c9

    SHA256

    e2b6a6f1405324f807c65be997810351380cbda218f9ce48f532a9e56948658c

    SHA512

    a5db9262070579261ae8529a828c49131bcdc54e876dd4f68509fe56fe63f4bfb07974481bee5e999e25f75bdcda55fced8d854486c1ff6101a6083627f7b743

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a7d120d703e4d5cef9f71a28e4314595

    SHA1

    3168546f3eedb69e1fdd44ff27682a09c4279aad

    SHA256

    a745bdd20bef85cd5797ca63f8cc4130957ddb900f581a8e0a621e7abd28f554

    SHA512

    7e2140886620b028c0d0fd840ba83d63185ec1d03e688c8bb2a36e336fae4ad2f4c2746b98ecd738a8715e6e172449ae3765a6a6c4cefa6c7404e732eff300e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    04494f72c190984ab1c86d739e0ac431

    SHA1

    358e27c238e8322db071919e1e70216b71f8e934

    SHA256

    5883fb3d4da2e87717a1211896079c828863469f4eafbbca294211fd6f513e96

    SHA512

    c7ed5ee0781ecd2445a5423663f7e77bd2bc9f03153b016556b1bd3ae6e4d474eb1711e60e084eb78f8dbcd4c837ee5cac7e87d189674019490a9dfedbaddb2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b079d5ae702f1c0961e2f859934590eb

    SHA1

    99b8555bf52bc82a1efcfca0e4247cf061be2b8e

    SHA256

    fc8b6b6da1031b6ec984d2087d5ee0118edc68f1881db57f91860e32a8b6e9a4

    SHA512

    56210efacb9d57db74d762acfcb54b808e4d4581a9f7026fea733a8ffbbf2d6340b73f730fe1c69cfe2633c94d7aa1e0fe30ae87169aa78b3f264611654451d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    112fd1db9a44f604ace18a26bce62122

    SHA1

    b7b987d7ef1219f647bf763a97505a5551e7f5ce

    SHA256

    99723887a33d168b7964a1168cd25648d97bc4050ade5941bbe3025d35ed4e6b

    SHA512

    4e8bcd84b7f595f1fa9536468a72e06a52914913029b610d9361cc2b978fc05e4814c9093127647fd5a55fd7155aa7017d4e23ad849e9e79f70bab27465666d8

  • C:\Users\Admin\AppData\Local\Temp\Cab1566.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\Tar1619.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b