Analysis

  • max time kernel
    134s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 09:23

General

  • Target

    a4d4ebe003057938c30ed3345127bacb_JaffaCakes118.html

  • Size

    26KB

  • MD5

    a4d4ebe003057938c30ed3345127bacb

  • SHA1

    3ad858fb87e2a6addc8c9a328b2eb428db492944

  • SHA256

    e20210b7c404661f14969e4fb4f342a6de565e5c4ac62065bcbec273f280d07a

  • SHA512

    60f905166e0918cfccf19783b36ae93d0c3e5a214caaf416b015dd4f0bca5f38307c3ab2edcd43d7122ea4f4dabd9c0bc5367174167233c3678dbc32e4d13bb8

  • SSDEEP

    192:1ueAoACZb5nGnQjLntQ/ZnQie5nvnQOkrntrgnQTbnunQkkRo7Steo+EwrNvMHnj:1xAoFpQ//K6mi

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 30 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4d4ebe003057938c30ed3345127bacb_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1800
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1800 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2192

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2e9e63636c9d683151098bbc89faa1c3

    SHA1

    fe87dc29343f2eb5d5729b0068526b6e2f121b7a

    SHA256

    e6a197517b10a33fc5c16f4062020eba5cffef4f17579ae9d5b7bfc1c7a66186

    SHA512

    776475c8f4bd72ca89ce989c8400ad1a6a0068403393dbc70c135e8ddda0b24aa94d1431768f01703c8ee418f2fd8c33a828029f402e2ede272d5fbf65dfde2d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    60e8222a104fc81494dd903922ef5b44

    SHA1

    bd7ee37a219bb8af9c7f7d42a7e3ad53c36f2c36

    SHA256

    2f5bccca651d803032ea203da4afceb166d23f09bcaaf2a3343a7ae13b94a844

    SHA512

    96a65fb3dc3a6034d6831dcc6eaf718f4ddf1ac54c19af4f8d5634a78f185c8e783fb7cac78567f3824a18b317e3c4751fe2cbb86de3a91a408a264a15033277

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    381ceb6ea97fb08c3c12c7a747938b03

    SHA1

    3d86a110b21e44eadd14a69e8bc1b2b37ac94c33

    SHA256

    a3c206b72fba053a801530d48260d79ab6a9a5a58138fcc603577e99a63c3b43

    SHA512

    7cb4000b5d677e85abdbcf3efa74c5489d4b4ae2c8e87e96939eec21419d44b8bc94e2a5d944025d3a5e5f5b089a6e6b86610ff95edf183c53e293269b412ddb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    892f800d246a861a6287ea6997119d25

    SHA1

    401282bcf3c8ba190ae1bbc5e8e7b4dc5c041625

    SHA256

    cf7c579b2ed6dfa2a3e2382c6882d6bee7b7c66f2eccccb82bdb1efe0c5be4c2

    SHA512

    56ca27de02e46e538933e728cdd4ca39204354761aa1e78f864249b6b01b33789e54defdce0a51c49ef43e29bf965ae29df70d356fbfba60879db48311ae01ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    de1e93fbab1eb50e85b8c57d12486c0d

    SHA1

    10993a6fb44e86b3ff84a0decb8cf65da5b0e3b9

    SHA256

    d1b88fa24290e2a7cabff3c54b4e04baf41a29734032815d94108343590015d5

    SHA512

    6bfbb3cbc03aaaa950370906180e40e0e7f440f787ea956431a0ad18378f41a6dd2f3f1e1e9e363efe3b4c49eb08b9253166b4a20f14982b1e2ec0a9724b2d7b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    af58cf17a44e4c6893e6a12eb66ad00c

    SHA1

    3ed67a354884b4e67ca15c0476e255faeea94681

    SHA256

    4927a58d47912ce013fb74e93dbf4c7f86b5b7f14fc05f8a18015c45345f3789

    SHA512

    5c5012f7b7881c204ac4bbe4f746a40a8b11d3c0c69e924aa069598acd852905d60febdda0ddcb2ce625b2a9a0d2095ed3ddfc5bb6d119003af131db3478f878

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4f4dfc86de4bb7209ec952072a14c0e3

    SHA1

    789bc8d6569bbaf71b02434f5a32fb2af614944a

    SHA256

    1e4c67c557990bbd8f1a0a09b683c23f8a75d7c6af4ae3392e6c1c31096a4cd5

    SHA512

    e8d6a0e953f689a5d51b4933c593da146f7d81ec21f0d54afac203dd3b88c4ba38e5a28e8a85ac3f3a8bc3b949d79ce7d015ed066eb29cd0a117a49f464102eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    604f41603414d5ba70ee2d0631a386dc

    SHA1

    ee92224cce77ee3a29806aafcc4965eda2eed309

    SHA256

    4411a3da3a230546c8348371bf81a5c5c2df86e797487a588bc1ffdd148cf1c8

    SHA512

    89b0915dd466916d00ce56e171c201eb2ddaec879c6e94ef3dd652a5fa8e187f4307a5c9779851827ea5bb1426030cb336540205031df74a87e3bc27c3b6e67b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8e5e9bd4ec7c4288b6ad3f7095e8f710

    SHA1

    1b5341a26de94c5070ed396e2244328c7c73da60

    SHA256

    abb2f4641bb4ba52abb761b9013c5ca4b7facedc60f3cbacb389bd8d247c838b

    SHA512

    6728e9ac6976e8a508cbe9e13ae9051c547209539b397d29f20ff91993e6c50ae63d8dc4e31131950aba5dcc6806b62b474cf04897d8acfde448cfdd6276e8db

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8f657bbec0b4a093786804ab12792de1

    SHA1

    d1c6de3c3a6cde8337091eb9209f4a1fd33030e7

    SHA256

    e2ab27b28de1a69146e43da18b0ff6313bd17fc5eff77bd60fd0724a12a35605

    SHA512

    dca6a7e022b8980f19b18b4494adf42b046b26e00efc553e5fb2c18f3aaab1aef8ca3cf53f7e855c7fd1caf741fd38d065b55a74d43868ccc13efc5e45fe2223

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c434a01e8ed2532192a290961c5a7392

    SHA1

    4b36356e7d500ea16b65051e1026bdfd1ac28ace

    SHA256

    246c6836dc11551e4d53c34a56f062122f6211ff939bbb1ae662cfa7b5cec49d

    SHA512

    88425364099a3102c2720bd58924419505c0815d49df3fbdfd2d331afe0f12c777d1ea5ceac8f458ce08873273e11132df2e0cebe3c13271fb41f57e0f791345

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4da8184ddb9901537a0c77847df7eec7

    SHA1

    ee1bf740382e081e265717539ebc9d61206580bf

    SHA256

    23bcc84bc6b2d3d02f333160793e50fc56f04e0d5c9913c9c1f02c8edf30a970

    SHA512

    4e6544983f85e5b08b9c8108db7249747f7256f0229ac4dcda262d0c5c88025023b3755ed8eb4d372fd9ad475e0f529b57323846882ba024c4e951d2b9c0a193

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4424bbd949b1b0b92145adb75a929f73

    SHA1

    1d248793329d7fbb791c7f012fa4853c2f9cb1bf

    SHA256

    b023395eed92c482e1562085940a779abe901e43a7425dea91b7bee2357e12d2

    SHA512

    e5f9874b6a2993a73057cdf334448263704c1c389f8c12acd7b3313abc10c7b0d09f55b528d3882b6cdb9a3f99d54a20cbea16d4b3038cfc92901fd730dd2fd8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    df2bfbcfbc3f98b206a7953cf711313b

    SHA1

    61afd9068e351f2cc3a8bbf5f7037ca58def1215

    SHA256

    bcf5d9019a4c9c551cdda995f2870b29e82890178b1059cd4818d333425ffe44

    SHA512

    83f95a811f598a6b8bf832794694a83ec2f562e38118252ad6657e94dd7a92c19efc7896fa853cb6b757822b28de8c1ca67a9b6f37cb89f7f6d56207f0f03d9a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8dd1c88f1a14427007f7f23334d5450b

    SHA1

    969f55a1323fec3cd70a2816b8958971111a1a3d

    SHA256

    7e3fd8056ccd2fde46778e2924cae5532629d9ac7d69e110f257370e31c02196

    SHA512

    ae2cd19741eb20c63b32cba85bcdbdc5ddebbac6c652edca8f09e9cb526d7abbb027afee0ef4656e4575798f7723de4d22309d8763297765b721a55c94eece03

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    09114906247756e88677980f246958db

    SHA1

    b418c4679b773954f0fbe0290bc24ac06897f12d

    SHA256

    faa58ff157964cee8fbebd483c7e7cfc04520e3afabe53b632647c1912d3a093

    SHA512

    73992e78894c6cbb8d51da827a1889a543838b60176f425ee39a8a229766e8cc41a88a7406c38bac2336547e087e2a2a6d189334ebb40b0ddc4716ef01b043bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    79fe78ecc3f203fd64bdaba988f57cf1

    SHA1

    425663d4420a638d2954b68db2322f690a273898

    SHA256

    e56713062587aa4ceb889f5cc4bfc4ff20acbd531d5f7257d19fdf8fdcd23f7f

    SHA512

    6eeb652b97a6d4990ea9dde723e1e33307c89add5708fa9759d871b35a98a113478b61e47534300ad94de4d030dda4c9d1ef82bba22018dc56bdad38e41a63e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0173a5fec2f9189256a1cfb6eca3e3a8

    SHA1

    9de557db169ead16daae3d71ca0cda4e9ac9dc7c

    SHA256

    635ab14bded434aeaf3ada5b22451866064ebd0545be61486a35f4bb6f89d222

    SHA512

    ff10ab84bb68647c12ec385e378e94114f1436866daca9bfdd542fadf9e28517197880cddaf97309d2b4ba42304cec625abd728faff397152d5a75a581c404a8

  • C:\Users\Admin\AppData\Local\Temp\Cab121A.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar130D.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b