Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 10:51

General

  • Target

    a52a7c4b0a878d608ae5537a6e1c81c2_JaffaCakes118.html

  • Size

    15KB

  • MD5

    a52a7c4b0a878d608ae5537a6e1c81c2

  • SHA1

    ebe8295a0ace359a908c87d6b684329ddf501e1c

  • SHA256

    c88414165006d83b8bb0928edce0fa4b68534311932e7a935f37475c5291d979

  • SHA512

    eb1e046035dfa60a0cc5023cc5d4639b85456a78041eaea8a7ea27a7b91d5dde1bec3f19b364a72feb717a63ec7b2f797cfc931e3f9a4bac1999b4c08ba5c3a6

  • SSDEEP

    192:x60Ua1HCPpNLr8x3qgtvW/OrUjLsUCR/tm/G/ecaWxD6kDK1jsVNOkdzldlQi+UN:MJPD/8PlG9tjsN+AM/a8jkE+MAEM

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a52a7c4b0a878d608ae5537a6e1c81c2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2968
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2968 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3020

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f0807e74b97500e1817ce0eb64f30838

    SHA1

    5c7a06cdd0f2cb799512e6a3f2742bf4e43d8e75

    SHA256

    6911bd2b4b791aefeb18e1fd5bb6dcfaf11107829d99799fd91339861912489a

    SHA512

    e0c394dcb3c7fd22a20d514b7df9e0a41ab01253b1234a1071a51a0c8ea17d2aa81f3bc62fc1048e5b3ba525f0bedf200892be48b81988095aefa6a82f84f3ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8747773d361c334b72008cdb0eb8ebd5

    SHA1

    be1b07a1eb6eef03378d95cb1143155e79459f9a

    SHA256

    25b6df66558271ff810a664ca6c4d52517c7c9f26db40cd7162c3f7eaf771e27

    SHA512

    9623bfc00a83e107806254fc8d21d3da4832414cb35ed8d5546bfc95e96cea2997d0d8891a5e1f78639b200fac46b964a5ac7e609143d724536b0a3724f92b7e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    edf480a07d456e808600e4413f25436f

    SHA1

    8cf844a9123c1f2d5bc1a6d53d590dea938a4c03

    SHA256

    930b16e129da908eafa24d2b80990f906bf1700075f98645b2c48f98d91564ca

    SHA512

    e571193b7143a704eefc0f334bc9b1202cb30db96bab14f0a642b857e2c346b087a97d153a67cc888d3f424efcd2aaded93b5646fa8ad302b2cf1d4186507d71

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8865973a287fcf79d8c4aa26b7a49d05

    SHA1

    b0af428d743d99109a371819591f41a9b1cc53a4

    SHA256

    c01c9f588e852e16404e847baff76983806f56dc9fe8e5202042c9a0fb167fe7

    SHA512

    a6ebc47e0ff588c799d3923cb46abf39253647c66858110bf1304662a10b2f880a4fe75fe809cd333aa102409668a5a69dda54153f669ba9e1187971e8fccead

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d15a9ae06347ba82bb4a3cad41bcf730

    SHA1

    84837176d046fb4f0f97e2594bf5de85c51e0002

    SHA256

    400ee8318b1c56efc6c1e36a3a49e10900b9fccf531a9ed3854b44465c7ba492

    SHA512

    ff6a5924fedcc2d11328ebeb82b29a88bf858822ab884cedfc2fc902c4febb5cdde0ed8897da702297d0100d3d2bb034191a1a3dad5544c5d2d0e10fcf1a6840

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5306bf6f1019e131f1c555c49f25dc0c

    SHA1

    b00c2ae80c281fc2c04511029ed9f3f31e1e1142

    SHA256

    42cae86965c2ceb926bfbf4e093f1a80de62109be8e9146d0efc3e36ecfe6d52

    SHA512

    2168fd8f31c857de150eae33c2d3ea3e8e1b74c0aefd132c235a5678556b925435a22e34ca27dc27371c0cdfcfadc626a5712511112af4f86a59f59fdc327380

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    01160068b02cecadf8b17ca400b6118c

    SHA1

    c13508fb7adb343b141f6eac61e45c75eef48d66

    SHA256

    8be1948af65ae0dea4c17a9114ff80dcd8a31858865ba0de7af70c1b5b8ba579

    SHA512

    3ca2d515d948d5b7b477e4e753d9f23ff906837006ad3b20e869f97b00ba40030d0cd16ed93f3ceedda515dfb58042a6257fb4db2c465d725943aee0bba4411c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ff5455eaf8132a718ff535856ed2e63a

    SHA1

    c4f758dd2a9986774b3a1a435e2b964d39633fd2

    SHA256

    aa92473bd8c9167d4e470274457b4929ff96c761ff7845cce2d85e6fb23389f4

    SHA512

    0376734e35019a23eecabff7e69696e576a1b32e2b7f2b37ffb05a5e2de717d08670fde05360a4ee90e68569c44310068393d0ac92f392385b76932673d189de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c82b3f5ef6daf24a8f8090a9cd7a6653

    SHA1

    c4852050b69966e035a72a8be4b3395a8b4166e2

    SHA256

    48415b457206729d1190dbf5c43dc3cd5365b5340153d41271990512b8282c81

    SHA512

    ebe6093159ed26414d2d15e7c356a0c4527d0fd0ae22372ac220927d7f81da7db6ddbd563c92ef4d6b588f8ce47c7c270bdc853d38d220b5588d584eba949546

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1275dc5f0e5ed3203eef5ce04e85905d

    SHA1

    0dfb7c3fc1130adef9d66c61ecf0de40822e55e3

    SHA256

    d96fe071450ec43bf5a13705575c1090f7c385900a9a6c6bb65df5278753196f

    SHA512

    7edb70ea466e26dc98bfdd78f76e960f2dda27a26943bb8f969ef5594085c574efa2bf808f100827a8db2a13ea95d1e8fafee1958714baf4fac2229268a352de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e5e399ec68a0d96b0133e42dcad1d761

    SHA1

    46953cc9b795ae49330ae61eca2740375a9b9f1e

    SHA256

    df8ca4a4e84fcdf9335d32b29015417889517a5180b574349a7b623cc75f3849

    SHA512

    f320221ba78b78b15b26e2661ee991ba9aefe192cb4b55ba6fa7901b58c39aedd3d8eecfdda04ab910e13a1fe89809c8e24eafc2a7704f50156d9efe130bad75

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0bbf3988f0bf1c9eed9a1c1ae33fdf9e

    SHA1

    cc6cf23678421cc90412addc52a247066feb49be

    SHA256

    2fc97b469d64e5498b5ccf1365a351472e6d896ccff09ed8ccaefe013183269d

    SHA512

    78b5b8a71d8b85b1cf1f10fe973fd42097207e194460f6b1d64c2b31bca4b16d7484a0acd5dfccc4c8b8182515c49759b6b954585a78c38067a60a3199b0c3b4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1a7ef4f2b11a924d9e4cb3132eb5a52e

    SHA1

    35febe3764e4117b85a03efb696e2b7c433e929e

    SHA256

    5769b48e356573cba16f9170cca2c39ff86e5d941342b8031b10ee99dc0944dd

    SHA512

    ffa677e8700bc1888b321cf76fe3725bb7fa27d273936dc743f6d67b640accccf56660eefca33cc353270cf27ba3f69706c029c1edc20a8f33a9aa72267dab35

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dfdbd79f40c22e031ace9d48a4c47053

    SHA1

    95f25f68d52a434dbd470b3c1f22844d9e8fe8f0

    SHA256

    d111c9e626d645b1fb63f9b015aa40de9c1435d42abed757d956c934cf76626f

    SHA512

    2106468157c4eeea7329a07fce19806f7f11073e18fd01b65f2fd04a7b406f086c20daf695736741ca1c8db1e978a776a11c5d53eec2f4d9cd7362b379df3c70

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d3d2a802b731aef02ab878410eabbad

    SHA1

    8cf94580723ddf82ec9254e46bce41b612e2c730

    SHA256

    5f5a9636bf0695a0a2b8befa7589edbe3dd6fb8cb57cee2934a4125bd74d3288

    SHA512

    804109e0294d5eed578d293eb21fe61f4fadfc8e8dac2efef909050bb9be2ec47a60747c64748c0d71b435b6d94e4ae18e3397ac7a38f8f133a0d6f99acb92c6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3828aba6ea1ac6a794b390246ed8c224

    SHA1

    23cbd785ca9b2ceb61ff2af560f2d995cd3fe774

    SHA256

    283ef703f521e89b7627f6d6dc2fd5d92f5553cc74cc29492dc839d6efa4fc60

    SHA512

    8ebdeb21d38327aee4774744799634f47db218f3d8af75f18094818c5b4d03dea02e1a4bc74d38dab5358c7325ae40dcb7dd781b3c8b905177671f91252d9211

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9be771af8d23e9cd7dbf4a12a89a8204

    SHA1

    5884ac34b282975d5774ee4311939b990e2744ab

    SHA256

    1c93d409e68aa8357fb738521892a37d8a0d49706b4f6ad21ba8ae24014c6055

    SHA512

    d42ede40d5fa8b052c89defc3e41d77208b2f53c3c1c8ec723dd42ca79ad32aae3d4786cd2f70ade81b1d9a6935aa0db623c2e22feb5b8b1a40de9d154a01acc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    92584efbce6a95903395a33a87b3da72

    SHA1

    13f096c110ac49c88fea811b6bb399d99d58b69f

    SHA256

    3523825f47128aa8121be37488a5cba01f362d08b45fd531228facbff714df7d

    SHA512

    d01822504ad7be3c8d3298f2d467a0ddcd3c04cc5dc8f7adcd629b4b1ddcc2d108c3e4f37ed3186d66a38f61a1d3a1766a688fffa02bef0200a332423284589a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fdd184aab76f93c3766ea8c91e2c5513

    SHA1

    fd85948e399d7bffb5e9f97f4f7f89af23029500

    SHA256

    6ae6ae94190468dd41150455f706449ce0955b23ba5b4ed4eb96c74d0e5b77b6

    SHA512

    9ee9fdd7c8a3b9ea2b9cebb8840f01bba14e59dd3ba3ea1997b1441d1632c3f72149b81e4ccb6ade016999229b754bd3bc1b4996e16cc6917a581ac63bb0f7a1

  • C:\Users\Admin\AppData\Local\Temp\Cab3DDE.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar3EDE.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b