Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 09:23

General

  • Target

    a4d504e108f58f5ea61aecb9d1f8ec86_JaffaCakes118.html

  • Size

    184KB

  • MD5

    a4d504e108f58f5ea61aecb9d1f8ec86

  • SHA1

    0148b8ac8e0ed0e9a69db1ce87f7ccf052e45469

  • SHA256

    271ca1ceafa459d700e33bcb372854bf11cdce239c91e15152309f3e6157004c

  • SHA512

    f1c841954b7b47607803518479816bf6fa52923064bc62136bc4b7da4fc4c8d60eba223b713711810d1f5ca94660ee38446d8809c26a354166227d9d659c29f9

  • SSDEEP

    3072:SISaaxyfkMY+BES09JXAnyrZalI+Y5N86QwUdedbFilfO5YFiM:S1x0sMYod+X3oI+Yn86/U9jFiM

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4d504e108f58f5ea61aecb9d1f8ec86_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2172
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2172 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2072

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c6be99c75d0344fe33fc9323de558232

    SHA1

    25d7919aee14aa95abe9b5bf0e7a4fa108b03b50

    SHA256

    bd5590128e854d0be7cbee4e9a47a418fe40e7e725953389b7c8a0f2d1039d66

    SHA512

    a574171c62e90d9ec20a9d6b693f8de68e4dcb2d6379ba30d733a87e371a7dc4e1a881c9d1064a7e716faf15e05dcf54bb9033e02d88cb24de87ba6376770566

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f6e33ebe92b8b35b9bc0c4ed0c0d642d

    SHA1

    50980b83e1642c57bd048f4ebd40497973c30a3c

    SHA256

    b57794ac1d29671f17c9b3c167dcc0f381d7c792b3ef528dd7f9941896e7bce2

    SHA512

    ed6fbc4b3d0b22ded5d051072467700620f063b331b7236d05ef688090674c423c44a716c3b422d926234453e8ab3357086bf46d9e8b1e4dd2f5286f76b2c923

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b446b28cb5eaa92c5af1b0fe28fd0903

    SHA1

    fcf3acd59dfd23b7d484574aa4a5994a14a5b20d

    SHA256

    f94e942f9eba51970667c3fdeaefc4699b08e767a41de3b8a8ea4deffa5e9c01

    SHA512

    496cea4be6400731b481cf6c986045ea6b6be618b9803a9c024480db77031996fa2ddf5771ea0767112d7b018fa114be5b28bd2dcc39c1300c87c6a7188e0fd1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3252d26ef806d108f59b8ad2193d6a19

    SHA1

    6c1559c2e85773a79a86b2014fcd6d531baaf439

    SHA256

    ce085f37b49f77fa0700cc1ba5bff96396484dafbc1fa67b26218928b2eab394

    SHA512

    2a9e3f25f1383846e7453ab1ae089ca59afdcc17464b1dfc384379d11dfe550addaaf25e50c2a8d66951231bf1d43b9dfff5eb6aa31a46e6fc7ac92f373d5c0d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    04485460f45581a110123e54b5168ddd

    SHA1

    87176c3fdd3859b35c6f30315db7d8a7ea60464d

    SHA256

    411304ec473b63c17ae349ec2af88828836cf8bb47e03d41460ae8e32eabc835

    SHA512

    57e85a933c5e8f3ae89cca948920c03a58a843482a719bf7f2da5f33bb35769d95502d8d045013220f5545761f4c658d279a7a089a3150c1890f602496533d0f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    238e8f6ecd877575e4743eb425eb0c51

    SHA1

    106ce78f3e878af29d7634f56d1cedba40fc360a

    SHA256

    cfb27d9d32fa44053b793fa957318da79819c2f698f0b17970a79a719a501b76

    SHA512

    5114761e0d33198280395948366256a5d4e5c00ba1003d7f2d4f7187b886f4d9f0602d2b046a7accdc5605c3e2f1a0b17b7fe986c5f488d93c116d9e5c254a60

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    997d8bf3f8aecfa25e3c34b7e378a681

    SHA1

    4a311fbad9b34c5006da4d3e8d5bd7ec58a1711d

    SHA256

    43103236f943f4dcb823419951efc332187902a31b1b8c8b0ce4ebe30f28b2ae

    SHA512

    ce6bc4ee53ede70667744847dde2688ffd108b0252ac9c07ee7ed04d9d7d603114ae1427aa64febb099ab12aea79ce0d705c400131b8c6f3c6a45a971019f10e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7aeff0f5cf23f5cad7b39db7be3c599d

    SHA1

    da2158364fc59f494e316a9110a4235e1cc2088a

    SHA256

    b8f888d978d9f273a99dc04c6cbd7c589a562e1669b2abf85b2790bf487b0fa9

    SHA512

    db9d0ad617d6a9b4eb75b69a474f3824093bffe60273922c07b123f307851bec3215f4f853da12876908690cf7101a8c6e877625d45934cf8172b179cecb78f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b1d8da93d9401e4bd542124df68666c6

    SHA1

    0194687dc5c524e7ef8368d941109716031b3f44

    SHA256

    2f4de256d3144dc1dc14690b0f4d792387ed3842c0b450289b37c9abc53b008a

    SHA512

    4ff461c85eff90c4a79cc154e7977d5819033024e45aa9f2aeff417bc8a91930578cf9061ce45694d22b9c194f10c65bdd5c2cb372103a67e570506c77499352

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e0f900e376d09caf9a903bce165023a9

    SHA1

    681b69b2aff08813aa27356dfcb788cb20c107ae

    SHA256

    4a9005fc32591ad7a8847aaf41c89fa48aa1a972509f548c4f17a567e65ab34a

    SHA512

    661b57f490841aa9d6920c66e7ada32a15f1ab74fa236b4685247ceb325b36cd683a3e896b79cdc8bfbec9cbe415dffafb8b83e390783fec7c6e66adfbe5d53e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dac63ee61810a448f6b1389b87c0a53a

    SHA1

    2faa89f331e1c92b6bb54724bf2a1c024f61b417

    SHA256

    c1e2f96862d26d5c74e4d0d1ed5981c121c2696ef443a3d7814357f03ba2cc31

    SHA512

    66c6811bac635bfa9c1eb1bc9ad94ec76789b237a959c28bfaccfc59b2bb320dfe8e87d4ef92974a2dd22a0d6a79ece8de80da862bb03e16e42004a7b044a131

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    811bab851b73b7eeca176124d62f2632

    SHA1

    7cbbb94afd71829bc83c9403c46c595c2fef88eb

    SHA256

    9fba4085f4835b4e7ac359303c0922a93ef6001e6361477a900785f9d658ce3c

    SHA512

    9207e3cc71fa3f75f8efe752fa55a4a60acd64ed532f6f34340d60714e0351a9c0dade39717f368d9c2d0082e6f0df50a2844601aa01acd5214e1a499181b9f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    555541354a5646afddbc7a6609c7e4dc

    SHA1

    a9cf4eafe3f5bf4b92526bf402e99ffb602e8ee6

    SHA256

    743dad4cab8cf68ef4c2377dcc53ee9ac43a3a56685ac332a3258b05e6d83df4

    SHA512

    966078acb94e153fc558edb5939122713353fe22aa1341e64f9ade02ae084b6835dc9b7959c26d42e5b766d60d75d1a32c48bb2c553dfbe0743a758b9b61edcc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    969f36d55ac2e062908ac659dbfe3c16

    SHA1

    489f78bae67dd5a4fd398a54c530b6de165f5365

    SHA256

    261f613ad862389426042b3736a274922d7189684361eb81c0a67080798a5d6b

    SHA512

    c874f59b4d507d89422aa2cb07a190edbab6fed7dd12f1b802fda4279fecf04529d363a32caa40d45b11107da449a17fa55a1a9538532d6c5283484dd46de2e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6600c9212ec7e3fdb73e887dbf48f189

    SHA1

    337ad12fb2a12c650f1a7e76c8272179d51c0265

    SHA256

    e855c27983142bf98f76b5be60eff5850fccaaf68972d51ad396b6d0d0598a8c

    SHA512

    85b61cccb5d85a2bbfc370696372b2c70ba33944d6382feac0b38d6b562097e38445e8e45ec382ff61acd71be5d77a5f183d264ac1805b556de70ff86d17b8a1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9cb3edaa9678ee365727e6e1ad4491bd

    SHA1

    3d18eebf4a1ea879b08611070ee7f975634109e6

    SHA256

    3472c87ce03313b148be02f97bdc9d531b9e5348ce184f458a95b2b0bf2a76a1

    SHA512

    9460f454e24dd9fd2e9039282dd81c0bc282f688c9833f3e3f287dc5a7188d39b3d767e52cd966b9cdf5b1b8aeda77edf2111d2748a24f08800e1539d2055e90

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9cdfe8ef33ba3e823bbd65825664ebfd

    SHA1

    fcf896823fda985d2f40fee8b83dd72d2b0b424b

    SHA256

    848e27427cf74127f441999ea2b09d6b62611c0db1577726a7a73dfa282b503b

    SHA512

    a9e067bbba6f04041f20b3bff6b540921d953c750955ff81d0f282cb0a1e7b26e7b6d616ede0671ffd0bf70176c0528be2858c0122d8602bc61a600ac509b9c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b38b14365231a6241c05cde420abdd34

    SHA1

    99fb7c2e363db8c4416cc73d0dd94afeefcca7c2

    SHA256

    7d3b4189a08e58af13779514b282b4c0b4c4647bc67e405e7c1ec64b8dde1803

    SHA512

    6a2d4a6cd32c9df1feb19e943aedabeab3924705ce97cb8a0e423725738f43f12c0cbb9ce9ccc58db9c4e8dd1159c1d895b4134b19b8ce7a4e8bd24884f858bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    58543ee6460de7c2c41fe548125fa1bf

    SHA1

    81bad8beae110dce9278cefd034e2c76b2bb7d35

    SHA256

    15ae6de1a7df715be483b0159e6cf0546442459bdedfeccb5fbe7aa2c60accc1

    SHA512

    b190bb01abc43273faecd6330092b7c98dafac48780b46895ec6d09ba1cbe422b06ae560297d98387e2b696dacfa4ca0dbadde338b5c26c915d16aa059b7cb58

  • C:\Users\Admin\AppData\Local\Temp\Cab2CAF.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar2DA0.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b