Analysis

  • max time kernel
    142s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 10:08

General

  • Target

    a502b664ab74906318a3300242d69c11_JaffaCakes118.html

  • Size

    21KB

  • MD5

    a502b664ab74906318a3300242d69c11

  • SHA1

    bf0e586b34b939252c02c2b1f2c9d827879607f4

  • SHA256

    0b0de2e87d40d208bec8d6327b41ad61fecbd386c9e0fee7e3ba91f903be04eb

  • SHA512

    5ada1370c766a5bf885a8e99f11230f2df2747559801c0f9457e71bf5dbf6ab2a0bfa684bd0035d6aa230f5f41db879a687388d7607dd13bcc485091cdb37496

  • SSDEEP

    192:Hqvl596UDLvWudYsEEb9eo2UQB7z09Vea9bSdNVMjP0kuf:Kd59NuqEEb/2R9aJRP0kuf

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a502b664ab74906318a3300242d69c11_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1932
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1932 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2888

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    01887e5054b8d0b424a7cd23e0d07393

    SHA1

    681dd50e775f5c4f4c95f55579a930a43fd5b087

    SHA256

    d7008172d9c6c4d179882b01e6a1751c605ee8b6ae2a15880f75452117a0ad4b

    SHA512

    dba96d608eb5594683f30d5fb236c1d9fd03ce00633b175a87074d31a714076b9648d49381ecff4de1b27407ef2ec9aab887b06d616838b26c99018e4e378baa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b3c20a48c1131fc575452fb849fda0a

    SHA1

    d0837eb27cdac76f73d3bf72aa681fa9e63ce05e

    SHA256

    68db9ce66a0f7a389830f79a32b2e579957e65c26c46e09751e9616567bacbfe

    SHA512

    009360fd418472ba59699a45cf880029b79fb3a9af1789455c8357d08bd5e15aef5a771e6953734d827f87edbbc6a643e38687d1a00a6499c9d7b1577c82de80

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f13e92c06e722fb1c0660b08a8d743c6

    SHA1

    9c7f005bd001ae45af820ab79be284f30e6db2d4

    SHA256

    9b205017e046230aac18acc33b49ff148447d201124553f672519d96f36d5cc3

    SHA512

    659a7bd7a6a44ea55bcf4431c6bf6eeb6c52835b8d1a73c81a2f73eca1ea5d5d5307593baa8b3495aca4e7e04b07d04698fc80be932599166e8ff615ab471142

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3bc0e8eba89f9cdcfb7b400f17d44d51

    SHA1

    9432d9e6c96c9c474643aa2caec79dda3640137a

    SHA256

    fd1fac51adc22529cf982d1cb353d7608c2306396106a9598cea745c0c5748a8

    SHA512

    dd979c13555153fad8ced7b44a2a22f59b580306dc4b1f1ab784e0596b5f48f7b7c88635f9bf9bf0de10a23afa6118aa1012aaea2117f636bccb2f0cf8894c76

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f1f374ca264ffc6ac658e37ad39f8c63

    SHA1

    7dbf8958ab72dd6520bc717cc9a56975b74a00f0

    SHA256

    0ddcb603822fde564fbb0215b69dbf7ea807d04e05a806bfaafb39745826bdc0

    SHA512

    93ff9a25e0dc7717e3342f3213e9dcbe59cd2d71903ff9d7da4bd636b2dcfc6ae827918dcfc2923cf6eb9327a109c492ba3df94b2272d44d662157a084f980d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15dc26f1fbae144af368c8b338a401bd

    SHA1

    75159356e3856957c34e796f365193855145477e

    SHA256

    808bcd393561af0fc9c709fbfcfc64e79c4103e43aeae3d97f72984bf8aae1b7

    SHA512

    444e1faf300e4f2a3f816328ee60e2437e52815dce9905091b37cfe401dd246c499b8b1b5862f42559aa8823a73bf9066c08f40d12d040fcebdc0dea4551177a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    52f83e38a0ba308d3370fecfc7752fb8

    SHA1

    e25d02723236d77f5ae1af081a5856342206faa3

    SHA256

    acfa369aaf75cf766de9eb84ec6b4d07459b32f28b1cbdef0ceed1d64137f75b

    SHA512

    d47f59446229d150ec6bc6b65a861e39a04b807db43b4a44cb0b4e4288b8f456aba468a8da8ac158fb541e3d1138d4a360c532522e50caf1aaf7014cfd33bdd1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    39091c3ed2fe1a8b3d21ed1c585d34b6

    SHA1

    9b5480cbcd7c0eed2438d8b4d317e52b499bbb78

    SHA256

    2d9b50844f978fdc8cbc3100ace66dae03395ef6454f45185bae1960861b969f

    SHA512

    10c86dcdf942669b8617af3f467b1533a550f59d2cf7a4bf920051907088808a2147dcbb0b570093c719c7eefce7e895674fad08d01b26d6ed11277f3dc9f2f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7d7c070c011c27b1bfa076b568e4b1cb

    SHA1

    95a5beb496942eb1fadbe5f1068439f50caa054f

    SHA256

    426623c14675255c89b4c25970baee99df07e17e8adeaddad1c6d30c9c23cca8

    SHA512

    691056db2929072a25aa890c63acfdadc2031f565f1d38b8f7e5605e48bae8bde5e1cd90f18f4b4a62f4c8d97fd2e99f1a0940593128eedc7bda6e3b8c35a3a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cad9fec17017b1d60c3803124262b562

    SHA1

    df9e034b9dc533173343e65a13b17055f91ff80a

    SHA256

    40fdc9b20b65fccedc2918b02e08dbf3cbc750cb856d8a40db8545c085ed80bf

    SHA512

    d3a771c046ec81bd2da3379dd437118ce1012c1e48b63b223a67387b5ef7ad47036f189687a16da28a31ceef5c673c6e547a8547794d0cc60b4742c20388933d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    580b1e08bfdee3d1294cb664b07fb384

    SHA1

    0c979c2550486fa611b84c1d910b3217d30cf16d

    SHA256

    901d50fe91f8be77801fed6f6676a528a5d6463f1afc24d91458b02ee51557e4

    SHA512

    130490f64d4c921673b515e5e42c2cfe7a0cc730644b4d9d7c77d7add6c066a53c02d76e4d2475a6736d307e403599e37cb55c43649be787a4f7f31c1324e398

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    95d8dfbc3dd50fc6b77e9e36a85eec4e

    SHA1

    4413b47bbf15ba31e61b9b0fd018d670f46c6de8

    SHA256

    66a4112194d9809f7a6d9f4c6c325aefc2bed1644685941946521686be381410

    SHA512

    07cbc35470e21c5af6072d2ce624215f2c272e055a998472f401e9ff63901dbbd29b426289e0757f74b574c8cb68d9b5b38467516fae1314d8920db4d645ba7a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    83edbe132b7e6f0c6ecefb89656de21c

    SHA1

    c7b3a3a29270ce94e0cbb156d3653bba886508fc

    SHA256

    46329dae9bee814d4950f7059a5921b53cead526f1a3f55d69b3ddb7d7b8cfd8

    SHA512

    e3dd935a371f91b3ae356499f17cd19425ce7721f0a70cd9cc8644aa20b73aa2cdff9e38db31f959e2612c252b3c6fb4729acbfe72d6f3dae13b85305a7a1da5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    de4dd82a02b922b5c5a7b59372d48a5f

    SHA1

    1fd5416c8499bbacf170a18c98997db13e723038

    SHA256

    637e6b3c3d5844f7caa8ca79010c5f9090e72b024f4acc1ddd7991047a9175cb

    SHA512

    3478aa7880dcc4c16316469f80ef668cbd2993dc0e0169174cd10c6e26b61d53a7c08db86ece23b901919b9d4bdf264b817a6fd521497ad57f9519e255c316b4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9762780ba3ef9641bc7e2c81f410243d

    SHA1

    9df45d90c5e0f11e40151c544f5d79c032c39035

    SHA256

    07348081e3b8dd42e1100354220bdcec8cca0316cf345d7a29c33e8f554ea16c

    SHA512

    ce740ecfc7cd0d6f559a5c45ddf3c9bcf1cf42ca5c07552ab5645db5b150d905d94e86af48c3dadc09593b95af457bdbacdecbf61a71887522899a1a407c8fe3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    85906b925b247c7881e1602792c2cd80

    SHA1

    911b6506ce8447c334dc74c0dcc25e7cc8e737ee

    SHA256

    13d08df29440a16c4062dc3e062b6d6d4792a4251af644757ade408e61198a14

    SHA512

    5049c940d868ea58a8cedb3165387aa937611648dd314a2464da9b9431eae483f24f01d7209c324c4fe4882b0f54e4ed5c3b8733e8c8f08eecc13fc1a08909a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a81df807196b41fc56b5cfff36b1848d

    SHA1

    fdac33b1e82fac778d1c6c6258aad1d19968312c

    SHA256

    83d42d933911deefbe8e691d02852d173c98cd886e7aaea4a13696575b83fbd3

    SHA512

    aedea91200e220f9868c54ea63a4b938d89a36d4bc76977577dae46d81469059209fdfa7d3aa5b6cd170e141cb13aef3b50abd3c38e8c6ebb31d2a7dcaefc0bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    26604331d26d7092fa4d5234673e9a40

    SHA1

    d38328355b54af8532d9ecf4875b477a3d0c1979

    SHA256

    199d5587992c0856f2ecb2952d69b8651d3dac6d23fe85de45a37abcc264ae74

    SHA512

    eda5a9da68bb9eff21ef49dca4dd9adc72e4884d56a4e92caa40da1cbee54ac4db184232b0f3a5e8573c5b1ca2965b1ac07b50d83d9d1eb7dd72e67d0d64a0ae

  • C:\Users\Admin\AppData\Local\Temp\Cab7A6E.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar7B6D.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b