Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 13:16

General

  • Target

    a5bc0d2373b83cce15901c0eccdb8e18_JaffaCakes118.html

  • Size

    116KB

  • MD5

    a5bc0d2373b83cce15901c0eccdb8e18

  • SHA1

    a981be1c7591a1b26b152907f13a652c60dbc7ec

  • SHA256

    7c858818283adb703aaf14b12690192c66e00a5a7f5c85de9abf416c276cf87d

  • SHA512

    0657ebd248c522cd00d3b9a3aa0154e84f8d0a664d133843ec7840b4fcf4df4dce3f07131e09fd72ee2da324975516ddae022371516960cc9fe220f5869dfa25

  • SSDEEP

    1536:CSWLyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBTOy9dGCW:dCyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a5bc0d2373b83cce15901c0eccdb8e18_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2468
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2468 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1724

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    71af28d16f3d17afa708060474caa45d

    SHA1

    3463105ff8e34953059590220a8bd18a754101d0

    SHA256

    625a4345e632f78e9c62a6590f1f98e5ea2e5e3709d87fdccdcb366fcc1f1d2e

    SHA512

    c0eee19f06256ef6921eacd492c9914c3acb1a285b5643f12953859cc34d9ab832d67540a78374defd5b7f6c47e6cad9fdb8dc99d5657455a5748c6d6d38c294

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3a0abf561f4c31152674a0b196d0613a

    SHA1

    9461b0077e697d46656e33bcbee90e43eec17780

    SHA256

    f8f1f6c10561e7b89dc10f295897eff6743781896eedc1e176d651c6139c82e3

    SHA512

    cbd80b7b584ee7b9bd33b746ce423b8aa208c32b0431e9c82cce796ff5d97814d64d385487cc26166601f320621410e60402964d0e82cc3914b7e322d62ad012

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6334fa17faddd462a46c55edbedc1526

    SHA1

    9029de897f5d9edc1cd12016ec9077892f5b2e9f

    SHA256

    d290f03156606e061246db4d93dd166e9473cb105078861de2c25397f4eed632

    SHA512

    9b37b085439f842685b0cfd1b63048d9acef829d95691e923bc073901fddfd27c835d0815aedb6c8fa864b03d6ddebd7357658f005aa77831a9bd2a017eac26e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2364ebba853025ee4d8c7643ac69cd6f

    SHA1

    281d32455e7bc85b51d20f4ba321ef1f51ff47e1

    SHA256

    3e1be6a6e4369aa7593d4172147aacc8cecdbfd549267a99d76e7710c214b661

    SHA512

    4870dbecab5357d24bc9ea09408acc49a7fadb9cfb91bb242af10d6300a3ffee8556fd268a8c15dda59e235641a073b8b60cfeb8619ea2acf3675e41ac05cd29

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf0456f806d516230302d7d4550439a3

    SHA1

    7e4c6655a5a209afc012d33a220c8a9555a83dff

    SHA256

    d61102e86d72aad3c30bd790288a0c699ff913c6adaa5d4cca02bd444346539c

    SHA512

    30034a30620580c04f2adbb496a00f804501e81cdf7122653c4204ac8cdce3e9e407eefac8de222005d7d59c6b960d221fbc75b6e443383e4542a93a61fc56ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3730f3567f35d181401d82d35103ec80

    SHA1

    91065fdb436183cfa552584f01211f4baffbac54

    SHA256

    059282f0cd58d129ece877c43f1a93d526986c62c3ffa8ec7cbc3950c075107a

    SHA512

    3df12ff7a631bc4f349d53c3e65856f4b7b6715966bf19b29e9284d636097bcfceadb83a81abc3784003794c005c788ed890c1826498a5e6a33ce99bc3647deb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b5c0cca398ffe0682f63f7a0a29fe4f1

    SHA1

    5b869ef0bcf89e02ffabd726a265bfdd43739880

    SHA256

    aac75bf91b8d5bac82e292786c6809b899b9091f593ee6d8396f41c5c32ca182

    SHA512

    85330c297c0bc1fb42051b597a664969728b9a0e508f74aa638e61eb1426a554ed039b8e737560730e2700784c92c7ed04620b74e683d10283ba56e209c1e51b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d23ba01bac5e10133496f8533e86ba98

    SHA1

    54e00df73e7b51f52b44db6d8789a58801b3b602

    SHA256

    201cc36df9954e9bffb8d8ff00a594d50728c76d8997bc646a6efee37a58d4fb

    SHA512

    0891ceff59500a0cc5e8f9a6ad9e308f5e8af9f933fa3ff4c385dff8b84963607f04de1c7536646c905759d3a417724aaa69f744f68ffe0a267b803946380afc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7e27c867ea009ab3a0458afa3698d38e

    SHA1

    e775c789c3305472c16a3c68f9016b221b4a3872

    SHA256

    81811c485a64a5d6ec0d7ec6db2c56920cbac5e6e4ab416c6477760bede7450e

    SHA512

    2786c1fdc2e0e39261a917136e8e73770a318d627d2682fb54d3a1af6cd555d066c7bc4794027911e0d03774ddcf0c0e480ceec8a24dad7fa78b44eb8c54003b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f0c5bf4b6752705e174664e3e638f002

    SHA1

    eba642953619cf898ccb475c5501db9be03a7488

    SHA256

    2cb0fc294c6fbe8f9eccad9fd08874ad40347bc15d797ce96500da16253d3343

    SHA512

    e822f704bc5733482ffb16b40a923d0ab43684cdc392a45ff78f41f68873349d1cd4e89b4744df4496dd6e53e3fef35e473e0a92082ea3f5a94c2d3b3e9a09c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4b5fa28281b18835094b9e821da2ebe4

    SHA1

    e78ebf1e598d436ef22c1ac0fde9d63d483594d9

    SHA256

    137fb141cec70c06110f802cfd9c1842ad3496f36549a182c19ab66ed1aba224

    SHA512

    f4b1203c0e4b91ce382149704ccb8b3c2f349214487080045472c167aee37a62170dcb4cc9823313848f9ba97439bcf16ce79e263a72c413461775ec8d6048e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3beb9b9dca4fa6b1fdd4e0b397d9cfec

    SHA1

    2392c20ad4567bc5117c26598dcee3036d15c15e

    SHA256

    38167231c346e924c3bc20474a1c8907c031a3e68181a315b27101a99a28c86e

    SHA512

    f8d0fc1491b78b7a9047e8b293a8b908c2a15eb7947a49dafa696aa7cf981c00ffb260a9f1f3d092006676e2d88db8af5361dd45a9dc4474e98711bb5a30a45b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9bb2732b7f3bca48c4c170b7d54f574c

    SHA1

    566d831beee0affd51ab78265bf180bcb349af7c

    SHA256

    8b27433a2798077df5a0fc884481dc9346acdd131811f6d11d4e641d6d2f188b

    SHA512

    9b513f8025c3c352b5e33a78e6d6fabeb8b95d327210ea7d14d123dc12de1604fe576f1b6b08763918bfafdefe4bf77fce3395158984b5cc82e6dfe0d1de3022

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    995ce8e63d3a844d61cf068dde333c0c

    SHA1

    8586b3bee2a55baae3f5691ee5e1bc4b09d41577

    SHA256

    a4d7abda785e3cf6cc3069e27335f63dca4e038553e9fbcc71723d93cf4f025b

    SHA512

    7886d34b2935142295a8c8c043388b25046a0889193f014884a8ebdfb4abda1e1ab4692d3641fbccccf8655fc247e0b1661619f1ce588ae6332ec8ab8746f95d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f7e556f59f1de2f3cfd7755e0cba1951

    SHA1

    bca540749ddbeddb63058d4586ced38d6bab7b42

    SHA256

    372bc9418c74989a04948db34addc6ae21e4c44717fba29a1d79e456cf82e271

    SHA512

    4c5680df24c112d462b4b4407544ab0bc5bb2f233e9084526a22a54db79583d8aabdadc388b53646eb7cd33e772e2b2d39aaee05ea24a9bec08e95f05129fff5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6efdbe267a5ca3b086dee21e94c8e7f7

    SHA1

    85b55e1b69c47ab50112dfdffd29de0c65be7167

    SHA256

    3a9c1a97ba5696d5fd9cb167cbfd06262c6ab613e4ec343c3c1c4485908ab6ae

    SHA512

    1da142760927c19cfee92d7afafa707c3a628c11dad7aa2b61459bfb3e5bd448efcd2834af413ff51b8430571203fe9f3dc446dd05e52820c31996980bab5463

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    09776c945cad9d2cb5faad07b31b6db9

    SHA1

    760d4f9362c1f523938426fa7bd3813c85e86250

    SHA256

    a903713b10a5daa31251e4e56e7e3bcf19f34fa72247837bfdce857a29411fb7

    SHA512

    4702676843377abf9e5fcf3ddd5e8bb58235f46483d4b02299875feaed210bf3d451e45e1680f2d539d8df2cdf226409700b9f68e62d084eb2a2e2f7e5f64198

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a47dc2493e9638d1afde015ef5963625

    SHA1

    7473394dd762684bd07f791a1ae81a2930b7ac95

    SHA256

    276b4992154b5e252b0203ceb2d967b3f367ce31ef5ba1997c6b8205b3725d1e

    SHA512

    7d7771445723741283f078b8aa828ef9d11a49200599e433ea3cccc0909d4ebf8a9e499450f15127c5a64766979adfceb5241ed40b0cd38b96ffc4488dd43167

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    25863e24d8306c6fb259dc80dfc03f36

    SHA1

    169aae2650156066a03916102378367f275193c5

    SHA256

    45766887d5fbaa4975e5aaf3360a3e2fa1718c9feb020a4c7fcb4781a088106e

    SHA512

    d8c4364736d5d49e9dc2668669e1de2ba0b3123bf8cb9aa7431bbb79b4994266dfffc47711589c28c7974016db0a48fa5d9c74099ec45155cf04b4bda6bf5d45

  • C:\Users\Admin\AppData\Local\Temp\CabD828.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarD8E7.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b