Analysis

  • max time kernel
    142s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 07:34

General

  • Target

    a47310be66bd4df3e9a71cfa8a8546e0_JaffaCakes118.html

  • Size

    139KB

  • MD5

    a47310be66bd4df3e9a71cfa8a8546e0

  • SHA1

    d0240add187d311740bc09355437e1a418a68c88

  • SHA256

    ccbf9a85ad50abb6bccf22811c035b8292924b71c8ee7fff3cbcc9bc223b075f

  • SHA512

    9ce1eacd43997e569f681daf6b31777e66085d218d2b27563caf657d91532e1625614a305dfa55a75fc0c4799738a4eb6b4b3c519d31cd0be3a8e0bd6a657f9a

  • SSDEEP

    1536:SMXA9n+sO6tMltHyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJA:SMYHLiyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a47310be66bd4df3e9a71cfa8a8546e0_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2932
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2932 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1920

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f41ac3ea3a3161d64906dad6340662e

    SHA1

    f2a7490559e222cf5dbf8cc76f50e52830ad701c

    SHA256

    1145c929cdc9d69daaaca6b0c467d62033ac0d729bd46b209e122e1d3a87e714

    SHA512

    fede4c4c9253c1d4201d84dfb3f204a75ac370d25bb0b771744c4d5038ae0bf3e380f7cacc0bba8b692a55276b415c605f6970ebb4cc90262cbd19dfb934696d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    24d3e7e62eba90b49cd4a2f30a34bc6e

    SHA1

    427944a7c6f5e31133fec025a4f8152042c4bf96

    SHA256

    feeb33c332717b038c5df076ec090b46393e378fc0051ea50975c2ab40008349

    SHA512

    9e9e0120582bec858966e50eac74d5e19c0f37b3d21f14ef501379b5f4a011c2ae4a7b1b7f2694115cc890012737598eb1e119d74c17fb4142e9c0f2e11b2101

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7b60f85709ff93aa7965484c80dbf90d

    SHA1

    5bf404ceacffa24093d128c53a3de084af69d8f5

    SHA256

    eaa1e6440b68d66d9b6e65ba5357224d4cb6f9b9480901b3bd582cc19b38938c

    SHA512

    f7d54dd7a188088961b80d9f2da2a615a259c87063b60c2a9384f70e4544518978a3afc530d2dba044870cb7d3468f3b577bf7b53892d2438ad0c22bc2b06c77

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f04fe1649862990e254df7233b117cb4

    SHA1

    95e7d887dec45556da8d4cbce5679599549a3bf4

    SHA256

    5a08952aae075024a0002c1dafe8f71e2932b23b80b23c6a6cc681ec2febde62

    SHA512

    71239e76c2457bfecd75ac4d91f8e750aaf56b537acc8b961d0a78f45024d2cd5cabe474f001790b463e09a7e55e235917e0beb6286be1e5644b6d9fd4de88e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    191d8093741e0d3b9415b5db95f546fe

    SHA1

    57dcbf0e34089f7fb23d5836b7a1eb3f8f1bd346

    SHA256

    79945f2de2aad9bb011295e7bcd39272a90190c41e3a8b5f5f060056ce1b8da9

    SHA512

    0e7ab8196d93e5d3edf08ff2edf021304c428a556afd3b71519e8f4c8841620d39a6523ed9885be5128ae020e96691e9a4d8ff9808e2fd246c4d707cbdb9bf50

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a38ca6feca056ea5f46df0dbce086190

    SHA1

    fbfbe045c5379e46e543985a38ab6dd65e19a4c7

    SHA256

    316339f1ac2b4ac343c2f1af7b5100d08dc7f1320a3d093bfe45c269a71b67d7

    SHA512

    eb5ba48ab3a1bd3e3431a7f9fe11109c447ae5f3dd107514e32dee51a923c6dfb4daad1acbd22dbb7c0f3a7690f08a4f8476e65889dec9e944376f76a091f663

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2b8acd8fec6043565250c520cf93e8a

    SHA1

    9731236e769712b2bbacc0e939b6fe2f16924dec

    SHA256

    b741a6ba46a0cc34ab882f21a06f918153d9265035c9983289ab561c244240ab

    SHA512

    18990f6027c86a3071e779c69d7b858aedd17682adfe2371ac0bf0a6110647528d6e6b8bb40c796b496732106d4da3cdea04853495ba2c044ccb7a1fa8afc581

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    974e75eb1be544300b50277a90771594

    SHA1

    0b797eaf970bea8fcd67b9d2d47cb7bf90adf80c

    SHA256

    7eb4271e281f203d5e9787c2b01b9098d36dbe789457b57415075c4bb72f397f

    SHA512

    ed55154c68cd7b76d58af1ef8f85b2d85e7fe4ef354a633b1038218f5cf161f64b050405e0dc84fb6c52e34d67f99ad8ca489a05a175e0848e6f057cf501bd8f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b7a9c7c6069c16d5b0515196d61b40cb

    SHA1

    1aaf9d2483cd4df90ded4c62fafaced439474449

    SHA256

    c8b133e63db00be109b575a41e9d671da5ce2b9ba28c74ed3a3013d5bbac4425

    SHA512

    b98b8ef1a5a146ed4a1c63fd864e091bd1a76f4489a9856509c49a201b5edff710933c123e1bb9799c7948857b0142d7ab5d6df126fd32ece92d01c88c85c709

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f63610e614dcef4f72fc072bd297b927

    SHA1

    3a17688a31420d015ad90ed4ce696615073f11cd

    SHA256

    bc32e1e78c78c59e2aeb30c61514c9acf30efdf1fb716472b1a381480fa34c7f

    SHA512

    d77910984f7036d8cd2039c0cd162889df2c81abf06e7623dd9e6f2705b2de575eb85c4703be5049db512798df47fcda6646207405b632cbf6c31e28735617d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    38d6031014ff87b26d3de026935ccdeb

    SHA1

    e72fae8f5272b84b1d501486e929911fa6a9479c

    SHA256

    c833277c5f449c7d0a3c138a03d2fbd755ce5611a5596400627f8b50c14ba5d0

    SHA512

    a9032bfb4b2062a94e3bffa4765f97202d978b3a9b5a21bd557fcb8848e2c9110550d1c3e477ba5abccf3eda89741eb3fae0e37bef90956a0b5d35388bffc538

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4d1d0d5081ebac5f98a1677c5d0da80f

    SHA1

    0c282e2c5131198aa7d92bfdaefe48c982338b54

    SHA256

    3084e6a6881739b44e464144f434e8efe8ed11463de8a7d70bce6002f3f66151

    SHA512

    a42722a02fa24d9a215e496bb86c95a72c8f9cd07709fd57a664afc08465ca2734f2e7f6b25e4527b1766009b29b1208710e441b55e91d298191fc946a83ff85

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    25312eb5c69007d961a01a5b23cc6190

    SHA1

    f98c89c1f65b07916ae05c5e08e0c6bd1306928e

    SHA256

    7f3393c9f99784accb6cb9bdb3894760b20e86e7c215bb554a5385d5d4aba667

    SHA512

    439ece80f607c686f8da74254b7bc8a6834fbaedfa3833a8451e5b38b174a4c9dbde573b90a6243a8709cb8f285e72d407d7b297879b2b66378e1ed2ffa8a304

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0a973fdea9e800da6cfb4ddeb8e732f0

    SHA1

    f609e5d5dff681e6b1a764d453b2b8c1116f7407

    SHA256

    3c402c4d77e86941227626cf9a8086428b6d1cd64f78a9302d9cd2f52b413db6

    SHA512

    b55cf2c0a5d1db4ec23190f25f1ca7b74fec6f2562442ec4af6254cabf5005a95189516f7bba9619f84d2395f797b412c8af1725dca5a322a0dc1f24c2f3b483

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f1310f2eb0851f0e60b1af097d911d57

    SHA1

    880f59f94afb7bd939990e5e494f40b8c2788ace

    SHA256

    c818a193219f2b8f6da5cda1ed397b6294186f198bc20d400fd7b68bdae4ced9

    SHA512

    2014f89d365009b530e977b85e83ecc98079d64c6b272ed77b5d97ee81069d99696f24d55d45a31a3d8791c25b5276218633827bd329de6e0c8e6aad567937bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ca12cc46665bfd81e770edfed72e445c

    SHA1

    609248cc678a31e2db2adb66ece7af67f20ec36b

    SHA256

    c81fa2ff6c29547d399ba0ae12db2ab3f407a31b8409d703f937fdfa337fe0a4

    SHA512

    5521dcd591cbe97e8892680851c496ddd326501c480d3f78efe3e339a6b229aedd21829a36f006689717bba23464290d30d1fde20e33aece2f214a6aec2d47eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4bb8ce97906adff64c70ee5e948d7277

    SHA1

    03ddb93b67a5d83dc11a6850483454d046b793c7

    SHA256

    ad50debfd4cf343a637d6ffab2a59309b60caf586918b27719346d8f94bcb313

    SHA512

    ae001cabc0b91b271859bdb00156949d6409b8c38ab62790103df1c4e2b7fdb8b1485f18d0fbe3ed51d83474214d8276de69470c68b6d068d2c0bbd91ea636aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4af0aefbc3fbbcfbfe98de0e3e1feaf9

    SHA1

    264dd91c24c481ffa939f41144970bb7c856e1e8

    SHA256

    e6f6094056a05de4dd0082cd28cba59f93918b5920c1dc5831403987e8228ca7

    SHA512

    8488148a5d0fd41f79cd4d250b57a6e6dffdf2118f985af174162b4ec852dfcdd8f784d24004f5b2decc497ef650019fc2005c2622d1e5c44caf228f1b4237dd

  • C:\Users\Admin\AppData\Local\Temp\Cab9905.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar99B5.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b