Analysis

  • max time kernel
    136s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 08:24

General

  • Target

    a49da02e29a9c12d9214ef66f65af307_JaffaCakes118.html

  • Size

    4KB

  • MD5

    a49da02e29a9c12d9214ef66f65af307

  • SHA1

    620ce639a7f40d4bd4ef1c034162b28bccc580ae

  • SHA256

    f3915b9928d7666d076ab560d5daf81f782eaf31afd9fd4f0f3230a3939b2cb3

  • SHA512

    b4026392d8577c7c5b2c5c27704459e2376eeadcf9e73fc8860ae6583707d0bf29e8faa490c8549e0aad4dabeba1f1ea6f7a4e118c5743205e03ea8ee01b2b5b

  • SSDEEP

    96:Pk7yJozTGknaEFHVKDZTBJl7sNjtXATIQFMA5e3fhrvDJUgwa71D5iJ8o/fGd:Pk7yY1aEFHVKtF37sNjtXATIQFM93pDZ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a49da02e29a9c12d9214ef66f65af307_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3020
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3020 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1460

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f49da720f9899a320352fd33fdb04596

    SHA1

    4c99a14cea8af237cbe3060bf21e4d0c3aec3459

    SHA256

    01900c66220f5b2870487f13231e6acfb1005aad2bcce16b2c9084ef8b003e48

    SHA512

    a46021f1c022d3ed9cf98dd2a0ff369c07e35ef0db31cdc3d7c30622c045f917dbceced718b684abc0cb6943b64a3da2d2a5f3149c367978c1b57a05d8b01dec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b63a4936fd4e9bc893f26e13c5a02f34

    SHA1

    7c231c628262cd2086f742127272941716e62da8

    SHA256

    66511b9e26adfd8969df56e96e58b4330bedbc1cf0ca2632a9a76711159f2352

    SHA512

    070c57de6321c451c16a7ba5d8129651ba3aef14488cc630c61502917eebaef08578fa22b96c7070127d40aa94d958d3a930f6df54701f65f9d08bc62a39c1b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    736ca187fafb1faf5ddf90658c8799f2

    SHA1

    529ae5eee3b89881273593a1a42eaeadcddd8482

    SHA256

    b4bc032e75703927e5d6b4fb0cb6d0fa0505de703c8b870e7ef884bfba3ddc95

    SHA512

    0f5c39798754595120bc9ece5cd07eb5475b9e9e3db0031477db7fe7f91701f7ca546f9550300a4ddf812046d49510fa141d9e23a1e25e8d9ba9f640d22b67c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d6a91b111df1b9da07d11ffbc7bb6e0

    SHA1

    8b40c6ced07dca44050a166459b66187ed363c36

    SHA256

    6a303dcb2ea404365d083c63ab4045fff28d7a07fad1c6d3e82c3592b8eee0f8

    SHA512

    780d8fa1ff73a308790cfa61663ab42b40251d606b99380b56893f9cfba196e1b162fec6719dc728a4279b55ebfb925841da75d594518240bccaff2196cd54b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d0e144c658528f54abee953b7f1f8de1

    SHA1

    1c206c175773fff933ab6702bc5266efc74235c4

    SHA256

    5e5e3dcd1facfb5bf20e9189e1745a21e62dd762b17338ab6a2d093a5aad006d

    SHA512

    f7ac4b149cad6dd121d86b9afcb53eaed6bcdd852065b7e2ef35360e52129ad1f100aba759580204bd5a1165becbf15db901d6a102623475f05646790f77fc11

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    532067682f7e61c7604825d7780739d7

    SHA1

    02bdcba29cb95d8aae528ad7d5e730e14ef08158

    SHA256

    0e406cf042cebbb2fbb4f24a825498501222f3be47c97e9e76ea57d15664b642

    SHA512

    c5ca585f5440d8a2077ac856acfb657900498432bd8ac7bc94ed20d521ff408e898499114f7be9063cb266b7d119c604b51243d73f37b567c584c116eec14c89

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    49a329f3e5762e9bf42c9538d10f4a3b

    SHA1

    dcfc7effe737c461e22b993f1a1fdba272b81ac4

    SHA256

    13f6007be5defd1cd57b6d29acbb49f0467c7d1d068f1149742fd8e94225719a

    SHA512

    ab096114be174f4abb8030601e38a1daead30bbedc697609d78e8188ddd7ed96a11a893ef25d47b30930767fead044335e0b5927f70f34827d3451da26179ff5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fcba3a398a98651c0bde07f0556aff9b

    SHA1

    d5208676b5a9dbe547d50000212dd4319434af05

    SHA256

    fc685a8c820bbb436a65880ab406134a1b79836f26e6aebcc3138498f52aede9

    SHA512

    4b2ce48e1c8941afa0c17f1eac0132d983a6d871ab985c35d067d787598cdc0352cb62755314425b295abbb39b23d3a588ac4b4af0be1d8e6c2dd15a45547244

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    444e9fc13cb85d77a6ce784070045d64

    SHA1

    05d12fc7faa257f31223127b3936ab486ff23e29

    SHA256

    d29b849f325f2d2667cfc6edad79d9fa673e544a66c0265bec552a14dfe3948a

    SHA512

    9d21aa1ba3c3d188ca9d47f72c68461c60b02b474b7dab4efed0746d598f7410f520f99039a5d0cbbeeb508fbe59b105f25eaff3cc5c9146ab9d918b8d89c6d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5926e0dc130c589a733dcbc1ff5cdb16

    SHA1

    61d4b314163f4fc8880ecb4198c396dd3e8bea66

    SHA256

    c7005e5160fe3d72f68b1c3a0e28f2fa9c641fbc5ef9bf0d5f8f973790b13f0e

    SHA512

    d2178042a82b9d66e6ec8bab4c6c528ecca0f2170cccfcb755dc662d8a39e876b0ba7c711e53c8d816d4e7fb1b8242176b193525ad93a53b302072d896e5f771

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2bed9161c66625b96dad7ce95c39eb74

    SHA1

    bba3468885d44bfe71cc5cea85e8117d0ca1e98a

    SHA256

    8ba43ef2708f7f848c7825e7ed9505055b5c0965ce956fde7688c6d8f78802b5

    SHA512

    7ed138ef3047f2a867543dec92d735b17a5e3ddcfb2f77e4d8e056ec75e1969e06fd5c3bdade22fd964a3b05b8366faf568cd2fe79e972efb22324b67b53413b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c0e0caa2967a5f53a8488cfef1e5949

    SHA1

    9c2d99c4fcc455a0b4e396c1fc307f088501589e

    SHA256

    23706460640cc9fcb3c5c3073e11fccd9f4ecf05c710927a0aad590f3c3eb88d

    SHA512

    f73408f802b9dc3a07ae2c8d9f4e6ec9e81150cf363d595fa270e336554715c1a64e76f7891396dc2d792a5063ec1d4c3160e3a83bf1703526e0f7c9b80471ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b97637b5e22d98bc6746752fde3a26c7

    SHA1

    28553ecc07b62ae24473b1b5a12baaeef58a3c9e

    SHA256

    9789bb22148a25ec50ed690de2764505eef57bcdb97ed3184e981b70c7893513

    SHA512

    921bd389df4fdd095000e5bca0c600ae60a9ddd36eb82c75896ac89028a4c437328321e3f64af45d62cf7fd2498eb13e0cb58500732852a12b3465baefc151dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9c26a264d996b60f5127aa5dd83b4c28

    SHA1

    d8e8b9573ef1cfadf27f1a3fe5f5a480b1790343

    SHA256

    3c7286095922e1ab2db8726cb33c88bc9b33308c9cf7ab93d100f190d5e566c8

    SHA512

    86d32843d29046b0cf09f7480a3c40c2878d33ad1c299ae33d5fc85962f83858f303652f297d29dfe42f0f191fdcea4f33ac6ef028d378eeea3c43ea99e3ada7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bbcd2c5bc6e6ba6f3bda36db41f41ebc

    SHA1

    81c65642a7ad9828a6fe022cb306110c41b397f3

    SHA256

    525c42c5380c82820d912bae65a4fe00e2790f8c1c519d84914aaa89ff72fad6

    SHA512

    7bd57a7336b48d9f34dabe49ab85579de6b378a4491ac31090c6416182802bd770e275c7c4ba7d8b6afc1691ced20abb0f307b418ad727ff1337369c3fff427b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    91238c363e42a67ae2ba0cf26bb3fe2d

    SHA1

    d353fa303c92e8e8c3d9c7eac99d2a84c068034d

    SHA256

    107e98cc083a77bbf84241a90d5ba9ea099e779ba340b29c17175b8c8bfce41a

    SHA512

    f61d641f6c20d18710e796583208ff8f83b8cde908a70bc531a1c80edcb9f6211c184011cf1f02e69f36ff3a373bd5e8b9fbbd90082c57269c7ec7050fbad2b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    24d5ac1c7aadb3e12bd943d7c6ba7cbf

    SHA1

    ce5f6ff2f1bfd06bfdd969634d3727bf20a9d1ba

    SHA256

    a7187700b02476d3e2d1a745617f11e810556ca0bde5a3faee2514b0c325341a

    SHA512

    4051ad7e2d654ebcb6c67617d491758122dc24ae5850a965c4a29ae018cd1399eeba4102623c81f3802c96de7d0fd8da87a251c5445e2ead1a4349ec7e0e2f94

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2191b5299ec18391a8559d9472ca2972

    SHA1

    4b1441cdee69ccfa28e6ac80464c8034311e0952

    SHA256

    a98ea364043ad15511b3b6c04908788d45094ee650371e354702df435317339c

    SHA512

    48df4b13872e90a0dd968b4d82fdc4d53f169f92bdd7b9c125f3b0f00025a127efe3657757cd6271103305dec659d7b9a4ebf464724052b5aefcbc06ab454eb4

  • C:\Users\Admin\AppData\Local\Temp\Cab76B7.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar7796.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b