Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 07:37

General

  • Target

    a474d79a360060953b43d801faacfc29_JaffaCakes118.html

  • Size

    19KB

  • MD5

    a474d79a360060953b43d801faacfc29

  • SHA1

    8524fdc42127c9260cf04048729d116d2cc20401

  • SHA256

    ce487e1528e8b426814f0bfb9c3f3996c790fad6cbf14c825b55d4b07ac577d9

  • SHA512

    9f354e7134fb26124c41f2e719f6d5263bddc2dbe5461526c794c61a96f31766d4b5f66df0efab52e6977d75c00cf85eed4e84d20e14d4ea47fce579d02b0960

  • SSDEEP

    384:34RRXXVcPwEpwlS05LLqlLhPFNmqQOawFW2AVpbHwh2fXSm9l0PT8OqcFbYXnIjB:I7k1pwln5LLqlVNNmqQujAVpbwh2T0P1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a474d79a360060953b43d801faacfc29_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2204
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2204 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2276

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9b47ed5cf700d82c0b751e9bbc8fcc02

    SHA1

    028adde7105b16259c64ecc329f3c1264bd59d32

    SHA256

    e065779c4c86f2e852bc1a90eba62df388fe7ea006815d5eb2e1ab5710ed16a2

    SHA512

    329cb7e5b463b3cb899940965e54638ca03d23b85da7847e5b3aa3b25a1ac90d9028a9ef2c9da24076a26461eb04071b49efeb1b09b750b0f544e9ac22b0a6da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    948eb6ee4a3d013db12a3f26627be869

    SHA1

    5d2772419a66b56e92a0eb0321ed7a1bc42c91b6

    SHA256

    e7e73011919895e5320b86c8540924a0203a3ab66c8786430e2bec4ee83bc726

    SHA512

    0d883f3056ce339a083a78cee5ae16518803dcf0143dfadda42545dc038b6292a95aa413db2be71328be0dbde4c51adf0f02d1cc9e70ef35a349c0ed953d8190

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    27b10cfdcde9fb14177dd11259b935e4

    SHA1

    69f3440405123d0f87b5e67cd76a6064ca2475bd

    SHA256

    0ef7bf161ebcf869be1d63cf7c06ab66738151398c0d3cf5055a1fa1519e4f50

    SHA512

    0d85e810e256fe24d515223e14cd32036d27d4bc2fb637db46667638c8949a996addd4012d7276829551dc30a90b97497574da716a63385d59e98e9229d6bdbc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c90e147be6a88d779bad243ddfa81b18

    SHA1

    a7daded9a08a75a521bd5256946f16c39e01166f

    SHA256

    bbdb0f4c66f6db776d2fb4d7e97f33ed0b23b17aba5b63fafbaf75b81ab6a180

    SHA512

    316055bad887f5027a658ff7478fbd9dcdce9dab4e949f73e4b5d33e914c32e6e3e9e986ab59e1d9ab38b9686109137d983c913ab48d0fe20600a8b8f88daa36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eca383b1d6dea97eb6624cb2a656ea4c

    SHA1

    12f7a16599d738dec96c11b14e14d3cbb9747b50

    SHA256

    dedad95ebccd22ec6b7c45c69b3ae9099b3e73227f507bf84fbde94ed83c4e15

    SHA512

    af34ae4d3876ef5d4a9198658df976b7c6490456c48f7cd43b0e430b77a5c666bf4b0ca74ec7c711800239754f02c914a7a2017de989c0deb724f7ec0de14fb7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15fa3ea0f89800a110efc65e7489fb72

    SHA1

    9f7f732159d3be5d4be1c1b65e1953ad0174bad4

    SHA256

    3fe0da03f91e25ce65ae73f109b10d622612efd3a8a21d11c5748496fb180498

    SHA512

    59fefb6d0399b0af48d1d4571a73c73d9740c7122074deac16a6331630404ac481f33d0542a883909ce5ce1006c3a77ed1345400249c1663e4196eaed5f770c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7077355832fb350496fdbb4571946864

    SHA1

    e5301e636fc49215c47b2b7a28e26c441714259d

    SHA256

    6b2f21ab457345758df93b05008fd6503c2ba718820413adf0dacff1ed2796b2

    SHA512

    571720ae2602a1a46fee3de4a42d56b0f88b6ebb09147762737745cfdb8ccf1e34e0e07d05a1c2d6a66377acf0c843723c900f895ef5e0585f538568ca9a2c01

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0d1acde8daa5f6c1cea837e9afd936ea

    SHA1

    2651ee1b31ec6778524596dfa1f57a9fdc1082a1

    SHA256

    8949ab6dbe5b8f56394a2faad515dc4c908f76c24aaf125e41dc64cee2ddfb10

    SHA512

    6ddbaac8b8c5d75cba06b75bc9796dd7f56a0ef020e9aaacb044abc9d6ad0d61d740e7d7ab91945a5d01e7295a95f37862a9d28efa93b86f86ecc7b71a6cec6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    03e504ad287c14de183f480e26922e7c

    SHA1

    585a73864897c475d6061daf3b20e43c07ce3dff

    SHA256

    d2adffbfcfe65d18fd6786f09cd50d5a3c0e70e7fc8f7faf62bb38c7d4bafd2f

    SHA512

    8981f968b374857110eddf3c25e578b0f1c6f4b9ca0fd9de3344d7c43d04ec7edf35406d680f93ec9b1415746d07fd95cb20154e890a6416096236c475cb34b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    387a0fded61b307ace48571bd9fd6c90

    SHA1

    3ed3489d1839b1e10f6942537412e863664d8100

    SHA256

    628146222ba026d06b76fa2cb08d157b717ef1b8a9ee7137e13125a3d662229a

    SHA512

    f6dab9844d6a35b2c95512643e7395df08fbced193d432e0767c848487fa69e7358b04a692e4a1ee9183af945e98ba382101b7db763f2d19ed2294452d52440a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    73395112083d39269a72567256130319

    SHA1

    a1f25052ed7d458c19dfa9f4bf1738294567d4a1

    SHA256

    afec2c5716268104e11582b3e93087cf691e2325361288c41969621ae07b848e

    SHA512

    27e3fd8b54fae12f212efc566667d1b6995e86f2eccc3318c4e54680774c07af63798db48d4d4ac841d7bddf855adcd10d606d02344d47a4a10b406171e03e5c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2deb1217b1e69b0e2ac2ce3cc4da5d3f

    SHA1

    e27a9e2333ce08ed0245d66afe70e713625d8629

    SHA256

    6ad658b7d23e1339ce23575536e3be0ac7178fd0f0e63b1e6cb21eb3135e3b52

    SHA512

    7bf9ff08b3357e85468a6f7b9dcd48120ba1ed4656e2c029e9d58ce73efaf0c87bcba1edcc4aa214ad3a6d4bde1f937162659d36c8c7a237df8cab56803281d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ea698e34246b5f1ea25f2b4576f419a2

    SHA1

    402f446a276e119570ee809080fb6d098d150e07

    SHA256

    1e34ba42a1b55da0723551f3ca4740936f8c10fa24d55d94ef40309b7f49ca7d

    SHA512

    a10abaab0ef3367436ff6dfdf0e5aab406659fc8bc94d2e96b80f9f15781ad5da7508593d4e54ca38b251544db95004b7dd15f430f1dda11d4d52c36940f3565

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    95b8f48881be08e3b250f8adea9b7edd

    SHA1

    1dfdf987ed2fc50699c81d674c68afcb78133bf5

    SHA256

    f7ebff333e77d46b856df201e8e7b1dcffeea578ec6bf8f09bc6257c32fa8831

    SHA512

    c3dee6bacce56c1350142d196f59fdc6f961dd582533ae6f1322791ce8f30ff2c6afdd6759dc61c4a115b3a9229aea326405c2dec95262d17e92c352f1cc81d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    735668a43f450082c54202c1d6c2ce1c

    SHA1

    9f9e0a595fd0c881a7a8360f04048f10cf2256d0

    SHA256

    f4d69ca510b66b9951572be2ae6bbdad3b7be7d602d3d7bd50b610505265ac7e

    SHA512

    ad2a350e0e7d2ea343815c6ac927c886e04ca07b941f92edc54adfde53931958697c65074a5d41fc0b398d5db03181d63b05df3d2397fda337b114a4a9797700

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6d11f1e43169dbca51eb9885050f0b90

    SHA1

    af69c3e577b6725d358c7dc362ecfa6a3d28137f

    SHA256

    85f832c8d3fe9c31a96f550aa0fa0b92c371a9b35fc999633eedb451bba7c59f

    SHA512

    99b0afdcef306eda261eb72c62abcbd04d184e5bd9d888d940e97198fea805679fea19814f0047a56226db897f92e12dd7fa17822811c0e9d1feb2cc1e27efe8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    74707ba87bc5e90294056e7f10ef9419

    SHA1

    fc1c35d87efa7ab975785de233c96302e5d5de80

    SHA256

    31f2564bc30981e4e4462571a31816e7f5584504791b180ddab4f512b628bacc

    SHA512

    d240d37d7c56cda067a636c1d1ccdcec60d21366c0b89f8e87f1f4eeeaaa3e45ffe21c8f2bebb9c0dd21fa764caff95dcb4490bd9769ef836d9a3cfae0a7584d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    61d2c01253c5a521103a99ef8a70829e

    SHA1

    fb410c3f271050b3e7bfe6f0368c883f10971dc3

    SHA256

    73bd7350257456749e474436e931bcc9ddd923a42ff6ef9f18a410f6c72f612a

    SHA512

    58025c632bbb3181b996eeef79aeac9ae2b13b008f496a8cde5f4afe540b1db38f11bc803782ee6689a8bab1797d81b3dcd1e0b044886d672344097044860021

  • C:\Users\Admin\AppData\Local\Temp\Cab2695.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\Tar2749.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b