Analysis

  • max time kernel
    120s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 07:35

General

  • Target

    a47398ae7f85b35dee2d46b12f9b3612_JaffaCakes118.html

  • Size

    460KB

  • MD5

    a47398ae7f85b35dee2d46b12f9b3612

  • SHA1

    dbdcee6734688a0836199cd5ee7b853a178aca6e

  • SHA256

    dfe90504702933a551362c211a5a147cf35d0754fa2760962bcd748ae5687df9

  • SHA512

    4d8f9c0415dc03ff29f4014e20c514a528f3b21064f87dca817bf6ee4e242ff1b7fa3d5c3b8b08fe0480eaef770df0b2681ddd18f27b1d76e68a68b624a56d57

  • SSDEEP

    6144:SbsMYod+X3oI+YusMYod+X3oI+Y/sMYod+X3oI+YLsMYod+X3oI+YQ:Q5d+X365d+X395d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a47398ae7f85b35dee2d46b12f9b3612_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2152
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2152 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1904

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d17432236fc9994c800a4e9fa961bfe5

    SHA1

    7f7dfb7721f7043a8154f7e2f7fe613e23f04635

    SHA256

    7f011ad224ea770632ad26b799df36d20861bc2dd15eab99802982b74936d99e

    SHA512

    050bbfb11ae8d4ffc7e0fd8cfc4b541bba506bb3279e8922b8b0d9857785ee941894b6a1d2fe42d574c77bf69b20206e5f726dc9ec6d482141104acee04cc97b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab931ff80ecee3b3361ced0f464a7841

    SHA1

    d8987ba516d06f4b3b30c3eb4e43dc75649c8d9e

    SHA256

    3547521c04a6e15a2c9ae514f2a6ea59534e6415fa0c6dd23a677e5abec9de65

    SHA512

    b805b52e66534d32304f0ed5ecd85119779f72235a23de4d122499145c2858fc46e68e8df339fb71adff9cc211ae34835e2103bd4cac16e1735f6e4c2933b970

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    312cc50c6e89468dfae02f0eb53f80be

    SHA1

    1c2f4baffd6752c9a382219124e9d2d46bc3fe76

    SHA256

    b6b0c9f192922577f8d23dd10d4200072eede3eab2280f835e61a337dfca8739

    SHA512

    96f06f97db5df074754bbcc7b31199cd4a2ecfe83752c7c68c287caacf0aa269ecf6eb3e8c9bad42654df01e1b14fa1899e1212f16b10d57f8ace5adfc08ed6b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9692cb8ea7fb71f9771430bb9030b976

    SHA1

    426f6b21bba8b39be2b84558e359436d61d41e80

    SHA256

    541e56e768dd596038c25bebaa0ff913804ae28641f7e2fc816a4f80bdfbc9da

    SHA512

    3f541e39c8a6faf0424590c12de9eade445cd7e5d87f5eb81e0cb98c3b677aad93176e394222457f5b6b6c557d247692053af87ba0b487faf52cc11c63fe0873

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b6cff788e610c39de311c705fc29a27b

    SHA1

    7daa47f126f6ce43c79ad59becc578a801866226

    SHA256

    439151a6c6e9c744111913010d3857eace927c7f471dc79eed64ea3decdb43d3

    SHA512

    3696bf6c839d3cde4cc92c502d6279bd9309d670db38b507b3d8c98f92b79961bd703404c19c7dd8bcd9fc8c3bf36ccdb95e88c5c0e6a2ac0ddcfa7e69ba590a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6b0ce8542fffec5626e19958f68c740f

    SHA1

    6f086109cd30529900f1e6151a88c712b523ab58

    SHA256

    bdac601e5fd479fa19d49e48ee10fcfcb646074d157dc093bb8ea06cd012f424

    SHA512

    2c433b826c46d6d196adca52d749aa1cbef00aa389f4e4f74aa6e5cd534407b47ea571853bf40c941a450d7bb62f95d660c72d5ce579a5cec6d02b1ac5a345d8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bed7f88befdad84251efa47ebde72786

    SHA1

    014c121b156fb05bfcf61e763bdb9982e9245ece

    SHA256

    535e698bc2f84ef034d467e6adbb41439456d37b43dbdadc75a2f624215805e6

    SHA512

    922677ce815d1f5fae3b51984641c4579a80393e0641b4a65143b9d2209a6d15660b950f47adc69d6b56f1a9b4c4220c114ec88874a535b317eead0263840f5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d77928fad897b555355e35c176605476

    SHA1

    24681d67e56d4812a8c0c933bf3b9d83d740e734

    SHA256

    75f23e4a5deee52d4f363f039651798ccc520f32b8131ad63aa384b98076b1bd

    SHA512

    27addfa863eeaf5395ca96ade691813e81dce41cb309216cd782c8f86449178b1dfb19b823ec65c764197b1ef38015dc4f92ac1e64e9c75435b5792349fd72d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a89add837bdd7ca5527abe99783f0018

    SHA1

    077255d686ae85a788f560f9421f95115167c0ab

    SHA256

    74c2882708e1959ad094a07c1ca9fbe7a7d13d912af7e3169091e43e7fe86174

    SHA512

    1c53b8fff9c64eb293bff0b4f72ef54e523d7479f690183c994630c3d729c98de7d3edffa1cdcaa63c141c5dd07973ace3ec1122287a4c20f9b8eea1d6311ea0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d58eef8315dc3670d9e383ef12adc8e8

    SHA1

    aee2472e87987d7cf8dd7b3c6493d38ab09da220

    SHA256

    24094a2e9e87a4cf74f0544f908fab6e0a1f47cf1be2d2d1caf92f564292d9a5

    SHA512

    ab5782efecfb57e336a6651cd6e486b9a7870092420f6887f9e583c92618b0da27b84b2965b1dcb9731380cb34c873c6ea1b5fa4f09d2f995359d4534d6d4ec6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    34ae3fececdc82399687421de7d91364

    SHA1

    4e4356f30d5100fff82b56ede9bfd358fe90f8e4

    SHA256

    54627e9a99a9e611d93fe2ecfd955287dcf65eaf8276cb434a412fa8290045ad

    SHA512

    31f0e7f0a2170b060bbaf4f0a1abc195c6fa613e65ccfd4577da3585024f02009dc7f02df08b7cb28bd0c17ec16b086eea89f52741fab9a9a2af6810bc21e985

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    395fd666b069e46dd314014f0e168530

    SHA1

    270a461fc34e6c3cebbcedee28e34859353661e2

    SHA256

    c6b880b3a034306543621b83eac52016c5826c48c3fe74ae8392b8760c6985c0

    SHA512

    5b09aec5038d7bdc69b3a4c4801ff0fcd5bf84afda75100bd40133ba4e1281a272452d7212a424e186d4dcc08ed376a286a41d2117a961407b5f441e2d9ada9d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d15f13c0fe2c89a43b9a29917706ec8d

    SHA1

    42d1eaef63eaebd18a84baccb1437516f8899c86

    SHA256

    b3b93af635dfde9100f91074f05fc776baa29b9841d2953f0f3c71a0aeedf320

    SHA512

    7b4bf15552f33538d12d40a0ee17c179ca535d3b98aac1c8fc5e9b68ad1a1409b072a1370a5e999ddb27878777159867a2975aaa3e5d418a497e1acb5a7cddc8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    78d85ff9701e222d4bbb723e2833ae52

    SHA1

    4d976a0138bbc768e19dedd1c1e8c34dae846771

    SHA256

    c8fcbcded4fc8f1bd18aeea6f743ffcf61f8941347535ad01da2df93ed47001a

    SHA512

    6c51d812c39a9e43fe8fcb5b7eff2923704256fe2f0585771a3f1b34de6c61bc8685d38ff8b95304502280ac687bc5ad05eabb55c05b8297aba5d7e5bff15e1b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5dffca0a937c7017712ab7ee06381707

    SHA1

    e5739c8eacdd96196a9cf34732a8a5e3fac9a2dc

    SHA256

    54f2cd734ba46fc3740771766542eca0daf514c29d1a82e222eae83a14d83f28

    SHA512

    380d43d4695a51347336bbae08cb111c146051cb2795ddba0849aaf61680763c27bfa74c3ae3f8fcfb86392da1df6021bec5871088ebf14636a1bcb62571c3fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b5324d32cffad82d19c4790ffdc36ba

    SHA1

    610c984861905d8dac2a3af861415241f6a5600c

    SHA256

    a24ddc3c50f952e25965db791a8992011beab9194db7275000d27e7eb6150c36

    SHA512

    fb7740bdb3f53eceaeaaa2aae0c535174b839b82a5c46f91a0533b2c50f13c9aa25837e487e71d82f0c97d6d30f5cacf41989d2b03bfe168b111355c3de28549

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f6241a4917021b1430405be3afdf660b

    SHA1

    b1ee2eab8d39d8c6d123bcb4ca3185a15fdd3bc1

    SHA256

    b116ddef5242783ab5c6158eb881ecff4319e48463d071f8d789f8a3fe6cc0d5

    SHA512

    d881f06f6bfae30c93480bc40bda1d4919c72cbbf09bca9fa6e17d927c19c0372d36417a66399d49014093961224a0b70a2d93f235a23fe0ad38cd1adf2fe65d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1e3b5dcd166d1d34477f87c6e6a957f7

    SHA1

    dc7f0d11437f73b4117f8939033e811a83d576d2

    SHA256

    b7a4189416c6aff23071cdfab9e2df987ff0ae87ac583e381c1d60ba6e66c360

    SHA512

    5f7c7f4df68dea7771d18493066e324382adbbae2d3aa815b7a98a4b605ef9877ed7574de098b2e9fb95d6b5b139050158e6ca32dcdc862a73ba6069f2d3eb0f

  • C:\Users\Admin\AppData\Local\Temp\Cab8AC4.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar8B55.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b