Analysis

  • max time kernel
    119s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 10:04

General

  • Target

    a4fe091a9b86d4e439ff74edc78753e2_JaffaCakes118.html

  • Size

    461KB

  • MD5

    a4fe091a9b86d4e439ff74edc78753e2

  • SHA1

    f12745ae080764349d6c1ae183755a018f503a67

  • SHA256

    beb47ee8d645c794f8bad2632fea9878cac5bb33d091ed993887fe674ea95485

  • SHA512

    f47b6492f619965a50be825a8210916333e64b6b0b7e90ac07746630322661c50f895fb72b62d6d19b4439899c67bb2a60786b5f618df9d689ab4bf3305c8e9b

  • SSDEEP

    6144:SEsMYod+X3oI+YF2sMYod+X3oI+Y4sMYod+X3oI+YLsMYod+X3oI+YQ:p5d+X3PU5d+X3Y5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4fe091a9b86d4e439ff74edc78753e2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2368
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2368 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2948

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    09e03067c5620d1cedb1cd7d1023a424

    SHA1

    5bfcd429791350bb0cbc3890493f0b05058072c2

    SHA256

    bfb70bcdcc1bd8553f9c4a22eb4f14d0dc78bddfacc105664a43875343b44bf2

    SHA512

    90716b493a228bb2e9c742d99bbf25ab666338f3966b96db126bd58e36f67570ee7d2163203a2d4c799c474c6e72631bcc35c1422152a077eb78301143e7e07e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cf48bfd9aedeb1ef14a5172b61be502c

    SHA1

    552ae9c066f6ed0159d5dd4e1799d9946c328847

    SHA256

    67c76c3783bad99c3d74440eaf4ab6d438684a0b9f3939e765643a4f2464e00b

    SHA512

    0b754890753ab68db1d9de461e9de008c7b493b00858864a9c492abff6c5a31e7b05d4f70e62a5640576ecb9e8fe8966d6078a4cc061a9227dc632618e7cb146

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    da1b63f36bc399455ff8357e158678ce

    SHA1

    1a9fd0b69181669da65ef751d6a9ead863f68161

    SHA256

    07bf9a09593506c6f0625030a4f5fdd0cf55c8c8b55d45f7e95617dfdce2b08b

    SHA512

    3c1cd973cbf2871ba5101eea3482fa4235c4d676c39d0b9c6cd582f3f8459722ddfd62f5fb622d368ccb248c7759ca7959a89816a2d174a2bd4a6b983d2a12cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e4d955fea72973323c7b075947371ea4

    SHA1

    aeb6a3e744de3366757dda0d0b7905591857bab4

    SHA256

    71f74f4435bbd4c4a7295ac41b830e6c7f8034cb788229db24f40f4cd58a3172

    SHA512

    706b47d34ada7f283a315e2756f577ef6223379136b99f998e0bf97f8145f96c1cf7ce1e34e923d2e69aa455f933b5746ebc6bde4e9c64d0f9b0471c64f3ff9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    70b59db0abd1511f9788aa100c2345ce

    SHA1

    ada5a398ac494c0dd1adde380b2755d23c2369c4

    SHA256

    3f7978cfa39c18e8f7a38d965addef933d30132873972e9187062e6089d0408b

    SHA512

    a6f86958a9c51bb442610581bbf512fcfaeb6cf9c13ab487454cb914f674f347fcbdd959ba177385ed1cb6cf507a303f8acc223a189a453b968c190e2df8d5d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8be1cb5ae77bbb93c7a705485548e0d3

    SHA1

    f7fca45bffb3790cb7f4a5c1e62d655ed4b54a64

    SHA256

    f8c83b7467f3c5be7156d2455f691b5c6a3910b177d3b502f3abb80574fe84cf

    SHA512

    eabba91c2bde68399fd7e79e03b654b15a4aee5927f2f82705b84d2e1115b1d3f76261208dfccd1616ace3320c3e2d4bafccf77fbf66d32cb1e121bb848f72c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3eb5cd322a3cbe42f56407fd1671557f

    SHA1

    c69fa588256fe82a53d5e6179612b256b0d19522

    SHA256

    09b8a6c6815bdf56b5c81b582c8725e9a965f734211fe5b6827f23d9b2b7e4bd

    SHA512

    8a9c4fe04f4e5fdf974e638a60084d7db61b91e65d3a0a0bdad6c863915fa5343565bf455a4e771af5958609f7fffd4d3ee136367c2cc9b0ae5bdc8bffde425c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7b66d0d5d304101818ae03a7bf4dd5d6

    SHA1

    6c482ea2c5dbb42653742db2a00e069b1089806e

    SHA256

    6f1490cb3aad8248556ac12323ef670877255dbc2f9b62066f91c94ab791dd90

    SHA512

    04bb45a7360e842d9500247e81bcf59a4ddca3d8ffd7b872dda7fda2d37ac8097beea808557e700415420a54d3861da3d4bd99b9d213768348e342efbdb09fde

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7b21e6cc57d3cca0ac474ff650f83c9b

    SHA1

    7bffd56e2cac3cf8635d359eaee20c99775cfaa5

    SHA256

    ffaf8696de09c032c0f4438c05a0a4a2b58c5949cd8c7b07b140e71f2dd57ce0

    SHA512

    83f77661b1cacea1b4e9dca55281778ff9508579dfffe7ad3af2d0e258b83a2715dc328917462fa74d094d2b082a18a78a0b23ace4e694d95694653ed707d6c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a4d3ebe9c80557b5bc13625de4e1d20a

    SHA1

    fd41f2d85cb2e2bf64ba0b8544f1638735bb0525

    SHA256

    72e505219e85cb2c478e49b4efaa01eb2e1d69425eb5b5cb36a4ff10a7139ada

    SHA512

    c5e7d24848d70661c9208b37e32d9fa51de225d20fcfe3f003c92a118244b5940ef7986543574ad4e07e8894b515048e39f2ba1a4a363d62b1c60739e757d736

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c04d39fd312e45ca0630903f8262ad9a

    SHA1

    8272ecdfb40346bf1f4e40ba2b7278cea0cd4612

    SHA256

    3173f2ea8caf0283c3b1bd422dcab29e007b72fe4f3fef9f28dc32e6eb3022f9

    SHA512

    d65101e3bbc6c8f473195ca8b623e6e48f828da36695a3731ce26c7e8c85f8ed3c3ac50b99ecfbc2a2b0ab14512d7afdae570c1c4454ba825663b876a54c153a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    677ead543fca1bb6305f331000a71709

    SHA1

    2aa2352938693d49cdbc69c7cff5b64fa30bd676

    SHA256

    4a6ff24d19c26dc5f3a1da3160d372b14b07fd694d6deeaa2084ab93d39b48b6

    SHA512

    1890f81bfd9c5354fdb61bd32fdf132fc9cfc6be98cd8be4193fad4f54b9a118a6deaad45d2580105e9502a43fca34671ad7fb2d7b540dc83d4f9d37983d2665

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    68f0c4fb27b9672294fd773e36bad29d

    SHA1

    86b2f74c369ab5e4aad1b98df5ad400c7f25680a

    SHA256

    592ea2ac6aeed0b9b7f669d31877cc149c1b63cd05001bb73392940c68ff7d2b

    SHA512

    f98dda03ab6bd54316fea302fe63ddc4543365d7f4de7a46a1b2b22d3e3f8a9d06f57d4db62b2f450aab3a09a927f9bfa3bf7022ec49f7723e25b7d24fc5b92a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d75ff00e57ceff172e2b6197f5964d23

    SHA1

    c730d8fa8455cfd562c6ec633d6a23031d67445b

    SHA256

    ca501c1f4fd1343de9f5412f31783e4ac46c6948bc65c797ee001e215a2cb49c

    SHA512

    2056a8597374e77bfe1ffedb106fe3b4d96533106b224c61793b38f8d765cdb527454750ece87c6023a90d54cf0969268e3d2e0f4ae789627b1503a22dd4eb85

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e7ef3e309ea98b9dd666af67b0d4e65

    SHA1

    a774157783d813ac327d91ce484e31a092d68943

    SHA256

    6643e94cb130f8b49ce43215e941a8d0d8f1450d3bc0992c167ebe3a5cb2af40

    SHA512

    53161538438e29a9767e4d31724ea7b2bc0fbf58ba84f75e678611a6daf4fbec1de60efefe5c78e7c59c2db276f87384fd08d217d12a731823f6dc86df4d54b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6307bd3ad8fd86135146840d13ea857e

    SHA1

    65e259a1cdb5e36dba7f1c257e05218abcbf6390

    SHA256

    032d1133f4df5a23f7ea13eddd17695143be2aab2dc4492d31abead088780320

    SHA512

    a124246afedc17c6e15e868037883dc1573a679411c47e909f3d140324df8eb7e9b3a0284efe87912226874b91593e1ed7d1535b23e509cb304aff2b9f86a488

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c140954de59ef1617fcad92efcb82a7

    SHA1

    0fa85b1cfb00a5defa764b8cfd79edf9237cd59e

    SHA256

    57314bd04d5fa26368149afa8de620acc18eab1283762ce74fa8e37e5dcdc67a

    SHA512

    1736317575265e34bf01ea554063ea6d0e35a9d9bd3dfe326a055909036eda4bff862f96916ae59297d4df2d8e272c2d3a61edcca4bed7ad34c46fe058d75b2a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    871cf9b5073cc02ec130826ef5c39d49

    SHA1

    79b51c084f8ecac4e4aa9abcdebfc525e8c7461c

    SHA256

    1dc579dcf82a1ae50037575e121743dd528fc97c29a87917902dc5040d6e6982

    SHA512

    37f7332e521aee59c2b5c82f821d62172b1e42e2ad43e2b87bb2ec4f8614e54c34393e316275297e35f8dfde8d855f2a62663c062c77d2afb80196c6a3eb4226

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8b6cf7809303f7ac210a2776ec510ba3

    SHA1

    f0f0ff9800fb19263b5f6fbc4e63727d2e96af0d

    SHA256

    9662038cef429b556069b9add28b69623fc9a26a7119b34998181e04457d2151

    SHA512

    af3dfa8bb6fc422eed8fc2d59d81eb2780da44439f167796b426dacbdf5aa414f23bbc5b9889b8c9f68308a08ee91d9a7bf1fad3a45da2764203523e20af1013

  • C:\Users\Admin\AppData\Local\Temp\Cab3FA0.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\Tar4045.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b