Analysis

  • max time kernel
    119s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 07:37

General

  • Target

    a475efa3e017f7f1e1c94771915c42c0_JaffaCakes118.html

  • Size

    15KB

  • MD5

    a475efa3e017f7f1e1c94771915c42c0

  • SHA1

    b8e1c3f20847cadca2b4d2645aa229a8e0fa0134

  • SHA256

    88020ac52e2fc7fbf7e4c57bcbf4b2dfdf2de1f67885fb04dbb4bc706ac75d89

  • SHA512

    362e643b948fdb30f0c410a0255e5ff80e1eb7b70fe188e7337372489c62950c3fdf546452271bf2d2d3c54932ae72011d0e118fdb0c5229fbe259d491a476f1

  • SSDEEP

    192:x60Ua1HCPp2r8x3qgtvW/OrUjLsUCR/tm/G/ecaWxD6kDK1jsVNOkdzldlQi+UdP:MJPm8PlG9tjsN+AM/a8jkE+MAEM

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a475efa3e017f7f1e1c94771915c42c0_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1952
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1952 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2672

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b74779f59e17ab7955812297eff56bab

    SHA1

    f506f613c119e357983ecb42ff3e7704efcd03a9

    SHA256

    1d3ba653a3b943475285ec25f452fe1da86bc3835a359ef44d6633fe91508f25

    SHA512

    d9bf70f2db8e42a4b642eb9e4ac971b92db29da4de14998b297c46ab62b290d2afefb6040d01fd3fbee1a3e476750d7042da0784698a7578602bd7d22bfc18c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    211f733cf11403591fea31ef3a566779

    SHA1

    89dd5145b82f3e394147f85c2597539652c25a1b

    SHA256

    d62b70c9c23b75f78fc0254f4d96836013dab2046e1b6272e19f1587e46a37fa

    SHA512

    d9b2b58e5e2e9b0ab703eb7f679b3407687163648a9cd8a558b65483926f42cd2c138226868992c663c41ee6e27e77d9296ad8b6fa58de0ddf70ca1343aa4a99

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c11afca746252367acf677d7b6545ed5

    SHA1

    faa1cccc18e252c429ad4c4e0c9ce86f410eb9ce

    SHA256

    113ccd1864deec1d886560c32531bad4cf1728bb8d54237baae46b99e6b56f42

    SHA512

    a63964ef43c255efd2662d835ac8898a6ce0c9993ce3a4847db885a1f7a456348f2073e3697e5f6dffa2e800726d2cc3e8172ec2db60021b673d8ce01a57dc0d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    274d5c91de517d543feed9b5a6ac75f4

    SHA1

    6c28c91cf7b243d70724177d0a4a30ededf88923

    SHA256

    4c08b70a4cf957fd19c789263f91e1a14233b40b41d7976bbee72056bcffc0b4

    SHA512

    0f1e54616f7be22e364f59934170346a29da4e91d4db548e15d4909d7f5df72b386ed50ab333da48eaefe02a4d4ddbc20ad3ff88b6cb646434900a7443c0137c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fcaebaa0480a48c285de2f73fc46dcb3

    SHA1

    019277e8afc55cf48cc2136e7299b0c13ce94099

    SHA256

    54a675d289620aac62845859f3bc180a11f3e1618e8d22b2e357378c868e7cd7

    SHA512

    8a3227a16fe48a950c5a8ae6c09abfa4d548ea83fa737f9a417dc85dc1f98579d75c58ff9e8dcd0da735bbdfc9b2fc15a97d1e88a7db03f015d5185ce3a06ecd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1efe4379691ece1254cdf72c35b3597e

    SHA1

    bcf2e007cd918694030586eee69fbb4fa6f0c17b

    SHA256

    20d3a523a75fcfa0726a4cbc1a72256fbefa6761fb2f5999a013f8a32e3112eb

    SHA512

    d334db4920744af256eade0be8efcd82c0af01809c85b60c917535a4ca031ad9d979a44bde43fdb8b27247a6a33331f3e8671084f301ee8107fa9c7864faf377

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7d1dd1ee4955d6ce1e90ed7fb92efe6d

    SHA1

    1d2e814a7d89483bfac4f6ea9d4b5d5f3039fee3

    SHA256

    187f860b760b1ef342aa28e3aa9414a5b183cc6edc625581ffc14e64449599ab

    SHA512

    dbffee8333ad40f918d045ac75f766802bcef4b54d6e1f20e089bd642626a3b9337254b380665a3c0c47cbb95ff09033623ab5c1fc44f22888349fac5a83f9b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5a08939d30b59e15749bbf86bb88da08

    SHA1

    1f429c3c9aa6e3042c76a1727b3875f79c635e97

    SHA256

    74f79690acf9b640a74ccb79c4e8d07c839d62ae3c0fc7a7c6f684a8b44fc5bb

    SHA512

    92f32f85763b0a4811c5c4824ec14eba8f0086d69c8cd16c559f49fd8f3204e9cbdd0dc6a6a1c0719e3c1d8c120f4d45141710730887f5968bdd6a5b678b2818

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    47ae8e67953801c951cb4917560e03f4

    SHA1

    c5995fdcd9cd5860a9d4dc34d0c0df481dd2d7c4

    SHA256

    822ccc32773d1c8389f4ea6a1f3865b74c4788df9dfef19911a66a3a0f8130a3

    SHA512

    52edca565d5ab27995a626df4c2e3e8b37488f43d2301350a61942ff76137e2b416f52d19d028894a0af285f1e8f84683328715d81757b97ca57f438b2c11a80

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ac58dddd739ea991a9b5d57e8040b9f6

    SHA1

    9cad7106d223fdf18829e5bb0bdab1ed942a81cc

    SHA256

    ad59f9bbb0a747adff2576554d6b741f117d30ed02a451f607bc62bf0cd495cb

    SHA512

    1ee706c4b2d0cbf9a5f6cad93bcb02cabc7b11b7e91d7184ee7e3d555c3b9f11366892ae6d788277d8f78c0686d057b971e4bcd166db3bffb1247d7ad85c4d99

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2d97259ab09b8bbf4a9999ab5834dbd1

    SHA1

    8dbea6756faa524b5a57c692f9bc766aa09abb14

    SHA256

    c0adea8315dbf87fdaeded9d66f1e773c30b5f9d0a85ca1d760275b547cac6f2

    SHA512

    42f2ad5ed71389dd8f7ed8d01d170c1cce137f4a6bb8cac9d5a18e3c428bacdca233e1d566bdc779c4ed4ad1561db1350839ec9956d1e38f45563c952cc23ed3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9e1392cd5ed2327e037b4fe526a78583

    SHA1

    215b0803b0cff17c86ba14b07da3f8554843bd91

    SHA256

    8fe44b3ca2fec8468f77f5efa00abdcdebc3b25f5e251311d7f4e5b9a9d68149

    SHA512

    3ea510a94fde47d34b04412bd2a4349e34f77361271ccff72aa8510270751accb8198244d7d60db5166496cba32c12bf163d5859ef471df48ee52dca965d5867

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c26fff7c4c2a85b1e5a4f5d5a29a56f

    SHA1

    ac2035ddfb7f8caa575bb97878fa1065dc2d7ea3

    SHA256

    1c63db3491e4ed409cf093bfed10e7eb0f4b3a037061ec14278037b5d422f7b6

    SHA512

    b96071b9da6455656a939f2b4ff8e3eff0ce058fde3ef8b1959310f7384f613ce1369546fd52b69984968741c80ad6c9ad8d58bff21420e5bc93878e100fa201

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8da85ff75566dd8ee15da15db3765dab

    SHA1

    195796b42476e9d39b3cd8e0e4c82be31e7a88cc

    SHA256

    3239df54e0e9b58216cf769ed9a19a362266bce4530d8a39f5119c65b1cb7872

    SHA512

    9e3fe62f14a4366d8e26a255daf7a2c71992fc729e64f00bfe17326e21f4538d47ecb532107c62da9f107d6e6e698ca45f6695b42e4d6f8b796855e118a6e663

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    16d41b5af09be65b6668ed488a1c3422

    SHA1

    778dea6cb26f3297efd1c719b664d4b70b2b72ad

    SHA256

    ee2984b77f9436c49e07ed8b753bb5767ea365c19cc8035e0c1ae13b417862b5

    SHA512

    ad8e7be106ec42e4fa0b7ca432c2211cec2eb2b034159c039c29fb2f9cb613e8345c94a62d8714aec160b1008b0a604514238b5497aa1d62429128b8bff1c90c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5612b9b8d1ec187296b575f52e9e3c9d

    SHA1

    1dd29d9b8c1eb45a8ba68d17d9f7dbec6f3df469

    SHA256

    406c96012dd3bcb6a4829837faa324aaf6c8d90d4728fec7dfec71319f9e2917

    SHA512

    2e40c00f5cd65a878965a2a4df90a70d7dcedf23998d7f42027d1886a9585f9a42ce82347d13b111efbe3cd8e478846ad94a691fa2348de36d5ff7f7ec5fb371

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d56a00df49bb01a78c17c72e698777bb

    SHA1

    46c26e24156dba7c629f4ba8a9c2908baed53cf3

    SHA256

    1645af4b5aec1db5d8ecb5b751aa111b8fb22d6f25905525327f7e4407f9044f

    SHA512

    ab35ddadcdcbbb25d3bb23ce0ae5e53cfb6c3fbbbb60732dd49edb5545ed378acfae786d1fb54af052108e67841352d486a71e88012793de04ed479e3d27b78e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0735d8f4b87e4add47f44e7e9b49fe04

    SHA1

    3cf6ce9bbcb8912f7f6e376d98e3e5f82079cea0

    SHA256

    2e7a78cf52f9dfe9a5168ea98cf191867c512b8d125b8a62f7e8aa0839da3d46

    SHA512

    6d3f8c11ddcd7dc34eb85f7a8b57cdf90402db71869ec77c4f1c6eaf7aa9d9949cc0ee55aa96fd4aa9aeb30a2b4a7f2845f05062ff272404d42ab6542082b329

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    581c04e469f03a0fcd8ff4fb0974063d

    SHA1

    b0c9bd9df74729d42cffde302950f87e83889122

    SHA256

    3df94ffc477f8042616ec555c1e3e082a5dce2f2c1bde53eca27e0e7b78cf254

    SHA512

    959464455a5fd45ddb87242b808ae1e71629964846ca69d48de4a35b5e9a43361d0166eb34574fd7f1526979ba7ba18d27ba7e1dccd2b381cd6c5c8cbb4899e5

  • C:\Users\Admin\AppData\Local\Temp\Cab4193.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\Tar4238.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b