Analysis

  • max time kernel
    119s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 13:15

General

  • Target

    a5ba50cab18cc2fec3a11b6a6b7bad48_JaffaCakes118.html

  • Size

    8KB

  • MD5

    a5ba50cab18cc2fec3a11b6a6b7bad48

  • SHA1

    7b637746801983bd45d9d0df5aa759a7499a45d5

  • SHA256

    670aabb34cf42d89a360dda5411190fe73eff2b8a982977dd87574b5e9df8215

  • SHA512

    e1d976edac462af42a3be0935ffe24d7662de5680dad6d1f49a7f10bea75bfd1dd354d62a55e8f1b28ffc5a1f94d8bcaee69387c52c8e227e585a675008c98e5

  • SSDEEP

    192:+8JJ2mnFa3jakzAzryH/PDGrJoJnMXCC9XcGF:+8n2mnQvzAz2fO48T9zF

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a5ba50cab18cc2fec3a11b6a6b7bad48_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2860
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2860 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2552

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15eb2feeedc2f940980e1cdb78d6f174

    SHA1

    7ba3741da004dccd2ce9e2b5fe64f09916688faf

    SHA256

    aa238c9a5d33ab70001e9cb943ff1bbb05437147dce672f108a9fe851860cfb6

    SHA512

    81978f8e84d9a5459536ab87629d65f47ccc26d9b6d1e3bb9c16b2d7940145275386422b386ccbf3130d6c504e82c5897b17fd9981e080f1d9eb6ebf8fe3577b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    978a5050eed0e117dac3d48f52b3c754

    SHA1

    2e76390b4fc20d295b691df53c9829f6967d53b8

    SHA256

    d4ede8c3aeaa5dfaa04acba79faf62f717cc839b9c99e342b20d9e336a1e175a

    SHA512

    bf96d2f1415906e3e08809b181d5cc79499831db5ce44b4d96f2f8e401e5d2460d74c9cc0f197b0e07df7b051c3cc4ec5bc17cf69c836a2e533bd611f92e4f36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ba11fa4122d796a4c9a469d36b181eb

    SHA1

    61079e77ad1e7e9b568d722325c9022414b4fbce

    SHA256

    720f786f0efe111ef2a3751a012c3fb68751fdef1950f2720a1b9548525ddac6

    SHA512

    e338efacfa0cea372e988d60e6bc94b6d67cd3810ed2fe3e775571b1829acb9c8593039ff00ba6007f4cba700cae16112ec1bac0ad82c3b61b5cd92e9c51c057

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    66053536233e1811942e1dd375fed059

    SHA1

    30f08de02a6467026e94e8ad3df0699d2c83bad6

    SHA256

    8b265027d6fec936f5da466cd444f891fcc75f6b6cf7f3f5a3007168f8367c09

    SHA512

    1ccbda39bb5e7fc97583d2c63343bc2de8c495a3f9d8dcfa8e12e560cdb3bfac75e12ca8ff11e2e46c34cdecddc85f02a50ae168327eb5674846e88706216c2c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d9cbc48eb397981db4f785f9d39f67c

    SHA1

    210a7fe405f654a93e5462e7a59d47d6595f37a7

    SHA256

    118ed9a7466024bb0ddea19b2ab517362b63caa76d0730f86987cd5d9dd6dcc9

    SHA512

    fc4be0905a700ce5a9ac5ac2539d71035eb324b8fdf6da14e6adaf803aae3486d2c3cc137ccf804afd9bde4f0fccf67a3a001e2f62b3cea58cce5399e171034a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b54340720e9625fdcb55366b15fc266a

    SHA1

    619b95bf59c2d7c6d9d673721b733059a04ec149

    SHA256

    39eb7cff9ebddb5a342d737cc8091f28f05da2f030bf764689352049a3ec22f8

    SHA512

    34e6035336be608bc4d763e4e75f0f623d9f3282525493848c5f7a7e223e992936e01ef34c76446f3b2e142b7fa41f322ebe316e8c6aeadf681645f374eb6256

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    258bf11134417e25afc0c9fbe0936a7c

    SHA1

    d4fdf0b71741dc2e916e96b861914bb3eeb11e49

    SHA256

    9c554ec5ca6425b9c6b9ccf4fc42ef62bc9aa39eb06b5b07b5542b5175b4c0bf

    SHA512

    ff678ecd6d9057d2a5d75160129871f33953694ca858c02ec4ca78423fef8abd834142dda22814b71d91e91961a6023bd7f48a49e12ef70cf5f2cd323f3c5083

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    020812ad3bc3b9f2440ceb566e4f0109

    SHA1

    e71a0cea92c4b239cb2cc2263670a020c504460f

    SHA256

    1bbe9d3502e91983f42d29fe2d8b8442ff2d6d97c5df2d0e35d9c3c2ec6e5aa5

    SHA512

    ff396520783088ddcba2c8892e9274fce0704f98e88269a972c933897469f99b2cf4b313133539ed4cd4534030c661c2afec5d27ea4946b8c3b739217300e296

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3ba14bf1502f18dcde9927c190785087

    SHA1

    f593c76cdfa04ab819c2337a0679a54e736bc32f

    SHA256

    2588cf9c6d71c720219b242690349616eca29410a7e174190212a141fb6d8c9a

    SHA512

    7c23c46829f40b1e36d3cebb0cc5bd465a42fd80aa8a20a33bc9e60cea61d1002edbf807f45cab4a4bb1482e59bbb8482810baafb48a2887aafe22d4262154a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b56c374e4103148b70eb903eba6e583

    SHA1

    f2a73cdc3b39e1014c7865fd8c8a0e32c2841cec

    SHA256

    3c778551ddbb1a23bc06745c212b21d15daf1e91e594d3287a8e07bdf07936a4

    SHA512

    2b002e632bba57117702f1ff53081265ffef6ab2a0858ecdb558380b4ed099fa4f0de6225a98f87a471f487b3b5cda84a9dfd62040ff53b3de6700c21b881bd7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9a67cdddced199aef00aee7b590ae834

    SHA1

    ca0ebab6e5a4a12ea991e711933ff9f0e1dad79f

    SHA256

    4a63a11520a4776d2e97955067d03b1ced0817546a3ecb7029faae553131107b

    SHA512

    549842e37c54c40d14beb05b37709e34d4e3e019568242750b78fc0689349f6c28a9358ce6e4f49ca3a2c82a6f4eb0d9a4b85cc2ee12a1120566108af1a74907

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bc693463fd108eca53a668532b8db4bb

    SHA1

    cd9bf6cc17367687e42a6d551ed9101bb599047b

    SHA256

    984a1ded132eec200de0eaea4eaf45a20c78f8deedb54261f634b4c06261d962

    SHA512

    5887f5c2fdb10be3012e71a08a8e04633229b6b62f593f088548162d44c5ee080e4477ecb73eab8b60e9b7fdf7cac0cc612646677266592c89d6e55593a52526

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b3f89f77dd979f77a17b398a35b62d6c

    SHA1

    806ee509daab05bf8eca2e798d8643f3a3390a62

    SHA256

    b02b0775c5ff9d93a10e69da21784bc2ed472057a2b54f4a245aa0572064402b

    SHA512

    d665059cb7231ee3772d3995465915e42acf697cc508f334257ccec3354c304f6c04d08cb19bf1ad63390a4b0f3140f9b8e70c5fb7eb1ff5a76c222369158459

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3712261833f5b8b99d070c86abd280ba

    SHA1

    850635921b8bbe061c15078402b05c4b25648215

    SHA256

    403a40c85f8f0a231f10701171e55297ca4cf25c03fc8282786bac189b8ea6ab

    SHA512

    71ec4c57f90aed2d3de8cb9b2de9e3fe529aa1dd154ca2e7797f6b89e4ecf24567df4bb0202da05645cf7e6253bbc7eb039a286ad91253c08012d05fd5e29e64

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a7d1daf080ac642685cae2c2c69ec10f

    SHA1

    5925b4ea1083f5eb3d6952a799255e82b4f36abc

    SHA256

    e0269fa14d1245ecc097f5f0b20b29f464fabcf46166830e5359d942d32488b4

    SHA512

    e4ec76fb6718474f367325d220c788e0a43e12fa9c0edeffa917e7acb7c5840053925ed45246ca3e3afe99e2d585993b7a04773cb026b4f340e1de332d36a9f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cc9902cd5244779dc33d7428481fa3d0

    SHA1

    6adb63a17108c76485fc2007b81cac7cf12ac63b

    SHA256

    2f9b99aa5926fc8f1f4ecd09a0d319d215c423cbd1877694d998951a3b090ec0

    SHA512

    b2f98d181dd7a5d41a0a0d26209959e87d34c6a2d288d67c278e2ace67fafb8d2971e123cc5c680c42a549a51a7f7e06b6713500dc1e83f4d65dd279a3481037

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e620d1fb226624497fb494d764a50284

    SHA1

    8569b822775628eae8ae1212daffdc2780bf4094

    SHA256

    7f3319b8afa991a75a524403a3b6131c324c51188ce7801907ca52509644ad9c

    SHA512

    47e9475c63eda5260972f6f6aa27b77bef52589729a5ccd1567d9dd300769fd27f9b508917656edffcdcab26229dbf0b3e8afe869811b864879ba9e136e86a7e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4274bdf83a2347b1ef0521a97d0ebcad

    SHA1

    253b45887fdcafb47583f7c67ec05e79e56e5541

    SHA256

    58c27cf9c5cda25069d3d61199476d2a5e28de565db0827ac41a53001ef3e373

    SHA512

    054250151110d0d7d69fa16dd37fbe9723336b3cac1fb23e2822c449476be9a9545013bf07bb08c90269a2856751b070cf1f96c5597b0e92f90474fbec4bad8b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f643fd12b490288beca15e2896b3fc35

    SHA1

    0c191b3347fe71996783ac6f6c9b47d57d25f77f

    SHA256

    2658b396d1573353509d356c8a52c7d8555d489534d05ddf1011a77d1afd168c

    SHA512

    6e9fce4d7b67359a6b128a06deccd8d2f0b71242552924345b2eabd86d112f17cf836872ee006baca301ec833e9745a2b3ab2d5b930f3bb1df4a45efe4be6fbd

  • C:\Users\Admin\AppData\Local\Temp\Cab74E5.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar7595.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b