Analysis

  • max time kernel
    136s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 10:14

General

  • Target

    a50798f650ce4219205adebe02630ade_JaffaCakes118.html

  • Size

    461KB

  • MD5

    a50798f650ce4219205adebe02630ade

  • SHA1

    1fb5559cc9b77a25b548845046b9829d56f4d067

  • SHA256

    bdd98f8c5057afc668e3bd8e2f39196a23936b913889f5e181c7a8d3c1b75812

  • SHA512

    b2dbd0347ff9b8e7655e6da55d7ed7e0e5ff2358dd33f7a12c27100e5e38fcc94f66f41fa214c86decb4c3a688642a2b3dab04432d049ce489ecffa7c86dcbe7

  • SSDEEP

    6144:SAsMYod+X3oI+Y1JsMYod+X3oI+YwsMYod+X3oI+YLsMYod+X3oI+YQ:95d+X3d5d+X3g5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a50798f650ce4219205adebe02630ade_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2192
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2192 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1532

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8eb604a320cab73525a0dc0a0611c32e

    SHA1

    4365f12286624a5319841321199205f60fb74f7a

    SHA256

    33f2e358d697766a58fee35d5b45b4403f4718fbcb24ca2da298be83550796a4

    SHA512

    d1595ffe3327185b82c7fb317f3b1243c9865fbf300408be83ac736a036440eb061d6ba66d1809564896181f06f31c942b574ddc27138bcdeed38677ad155280

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    096416c5f39a6aac49acbcae11eac378

    SHA1

    dd67ec40c5162e2bb03401ad8f710a45cf4a752f

    SHA256

    c96075034f82e55d938cfdfc08a3e378c4d54b0773c4553e26d48d454dcd3e8d

    SHA512

    463f390130183e938e71568223c9b64fc3b665c2c287a5f052c2d7c71f7f56178b8e9cc524ef75e73b382c78a045523515f13430c9d65b24a7beb4e69f84a65b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    10444bebde8c94269204742a63dd0d63

    SHA1

    db84d563bf6b6306c6a9c3016454bd7b9ad63ff0

    SHA256

    2ac91a0bf7b66265dc669a6b3fc07181694605807130006b3b6eebf99b90cc92

    SHA512

    d5c1c95bc9d43e738f9dcb739db26dccac1706a789e11de19d954b28b7780f47635bd38de28238d73c1d609dda32cd8ed33c2d9ce2053bf90c1af3aab1488d29

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    915e7c0babdedfbe1315fd936a5c8cfc

    SHA1

    6f2eda0d54eea33ca072f90d13fd79d12999188a

    SHA256

    d31d16eda0e46dc4dbdaae70e836dfd7050057d53b1a64ef6d323ca4e491bd94

    SHA512

    f34e3ac0cb3b47fb6c272d81ecd8058ddc1a7184a74ac7918f181a2a433e50dd1a10aa75286d8cb6bd7a30adaaf941387be8d5f961bbafc0301c4071a1a10404

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6507539133f6cc78580201aa93386638

    SHA1

    e21a1071943d70c0f3bc59d56b8f887c762a0608

    SHA256

    993edce94e0448477934afe5f1edb9f236ef453cbc4413607d940e343b5a6cea

    SHA512

    e7bf184765a0f44a42226769f002294842e243f6cf2eb9f3693b03def9f76823e1cdbfeb43f968f8beb34a72a9911464decd5a8219d093f33f4d33e3f29f2cc8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    024dab26e09fd31cd06a20cf50367bfa

    SHA1

    b42920703fc1f748a7e5f3f2fde4b78793ee7834

    SHA256

    7c5af9a1ea8cf2c763119e3bdddc1b15a0afc577eb0084d638f18fb008d2d1ae

    SHA512

    4f99c66c24be619f36ba64b8a70fbe69b4c994091cb571fd39ec3c8397eb7898bbc98c788c71d973729a947ba512b2d3ba57e142faa7b66b3c2a277478f2b2b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    38373672058ae4aa38f593970008fa4b

    SHA1

    67f17ddc3f314a77d4e7ec6b352f088055ac07c7

    SHA256

    993d395259aa63f9af90ebdbceba860eaee8849a052c2264204652ed1fec874b

    SHA512

    e9f754c1bd369868c13b3461bdd6659086803a80233b7dad5ac8c08a87d968eb27d996d34c353f6486e859f49d427ffbf81fef9a5794a614d8c9a93b83891fca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b8cc98d4629889609d66ec0222c3a31f

    SHA1

    0d3b087e1d4bbb061ea70162b9e41d8b9e04d885

    SHA256

    d700eee1571f743e2bac0cdbd1f4f9cc525b40bc80cf7ac56f17830e27129c34

    SHA512

    ae94106e4645e6457a63e997861c14d25608253f924746a7fecae1a1d123e7cb2085ff486b7295b22b976907c25df782250f1a3609e68fdf7c8de1abef128fa8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1b0520894408562196905b0b6252d4ee

    SHA1

    8dea7987c456cdc3fe846081e4eda1ae327ed679

    SHA256

    7d24c0a191292bf8054a799637e07275ce44366ff27d8abcdb742c06b32bd357

    SHA512

    34bddb3b9e22c09475a28d9668e762c27b5e82fdc999ed021fd7d1e6ed2ac06eaa6102cf9804a27335f7e04eee9044a7d92846cff6fdc0583604a31a8aae07ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7144288f9aee95ac72b9c84b3f29fa13

    SHA1

    6fb5f27652f2e35afc339eb1590c1be95b90a9a1

    SHA256

    f7e9c6fa5afb8970b5c0f945d3fa032e02a52518a96c2f6f5bbf4a3a13b5cf14

    SHA512

    b360d687889fdf323c9dfba9ce42ac125309fc0ad4728b7fa4943faa828d3185f1bacc1883877518c056a06f978d2516abd4a3834169721b86c2b2800a2a92b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fd1fbc78d00ca68858904b8d9445db84

    SHA1

    07c9b9e1c0244588d0d0258af653cdf2778b4868

    SHA256

    1400ff0263a1f2e6a5ec94fc7881062813ebae1667e8c4f3cfb6f863c9594fa3

    SHA512

    1f69f3c3d97b77508c1ae401f8be874fa3728f4e4f4286bcd369f683fab7be57393b6e8a5e1c7dab3d9f5a9088d0a7b1af1772f938cdc95762be0a74ae8b0fd9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7cfa9008b134529d8e6bc3561fa63c42

    SHA1

    cc6ded9ef74e030529cb0d68de57b9f19ad2d1b7

    SHA256

    2a3b32c3043267b396fa015cc84ab39938d217fbe2010382a625e8a91ef29bf8

    SHA512

    f21bfba97ce95c58a8e60aa7917b19bf0dff9ea4494c941693f594224a52d114a41f1ddcb8bd65fae42613b862b68b1b0575c042d0fef47e91279ef514de1fa9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a3254527f8942f9d593f9385788aaa39

    SHA1

    b8fe24a603c77d89587c6848c3e0d3f14d2dc14b

    SHA256

    b9384f582d5661a2a561c3629455533d936d4948a169b59b614bef00cc8eec8f

    SHA512

    4a2d454bf4b20f3256a1db9364aa7524236333777b442e3ad180dd694873ef74880480cfe6d027f2c1fa7886c5dcc9b2c93cf64a5e8d2a90c41ba4ef0b0603da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c333d2c0a838d69c953ebbd4065ab587

    SHA1

    f6f88a3a7557fbbcb41e978ac9350311d7331f32

    SHA256

    8819629318ef0228d9394118f514d518255c70ca9ec586ef0fde8c3f4bed106f

    SHA512

    47049a95ea04957e6b9ec74fade32194282e5d03fc3cf7b7a1250f788ca83a94eec1c9628db55558d843c84ca1bbd2b5ccc0b705bf5b7311761289b5f099a59e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    926f0e415fa692b630bcf4110eaeeb9c

    SHA1

    58fc96021d711d9ea0cb3820685d16db110aeefd

    SHA256

    e6e66286173ed30f0336c28bee75d5254b34784d62e442c7caf4a81c315fac27

    SHA512

    84996f8f5dd4a993606e8831efbc593b7953fd6e34a51da9d9f3e87d5d92932efb2edf541655e7a53e6d081873b0405ae3b1f8d8fd069c408efe1dfdabf5385a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4f8ef38bdd324f0e276cb0b210d85b4d

    SHA1

    f7d80311a27a6195eeb73bb928e821964d26bf9f

    SHA256

    62c79d2d995e58ab4b58a9981d6944919b4c5b13e1da8e3f5a4d40dfb063ed7b

    SHA512

    eb238d122f429e3b799c1acccb8197b38bfd85ab5c282378407c490e2fe821650b2473e9429cb79864e3503f000d774c2a2b137d816613d66752c14ebdd66106

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8aa59aed9ca3a281b89fb7ef4bfe747b

    SHA1

    a25aa24813d216acbca0a0b75d9f15329e0b9524

    SHA256

    d184bb55f70351327954d815b5864d2210037117415d5d128eb337d95512bee1

    SHA512

    560b3e884277ef3b2915e4d88be5cda43ed60e2ab0ed855693843f08ecf7e60cea0344c21f22ca399f3b6a9b2a47591a8a9a083f7296f2f482be790983e20dd4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f3fe54b1c763decfa8b49d9edbb06bc2

    SHA1

    9052d68c401e5307b60af31ffa1ed24c678ec35a

    SHA256

    8f7b2cad847019d25776b8aafda7a114a6f613493b46edc9cff0dcb498e935e5

    SHA512

    ede87258eba5894726cc87816d5bcdb0d3cf0c661a05dfd612939973344002c352f8a6a78652f774e7c552c75a608e04151263b83eda71806ff00935578727ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec520d5bb60ba0e6c9a16b2666658dd7

    SHA1

    7ec86795dbeb20dabe07dead17e5ee0eeb8e92af

    SHA256

    87a82fee2175ddfb3290bf6dc0c9d53a10c1865c963dbcb3f622fd9dd902e11c

    SHA512

    fa285ba297ee919b0c6fdc59f244fdab8fd09d3f71033a9d1e182c71095947be084d782ce25c04f36bbe751f4ea7f0d6fc711a95f75179d3b298cf1fd3a2d49c

  • C:\Users\Admin\AppData\Local\Temp\Cab82CA.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar82DC.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b