Analysis

  • max time kernel
    136s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 13:15

General

  • Target

    a5ba528f8bc0fefc2c129e122a75e9e7_JaffaCakes118.html

  • Size

    214KB

  • MD5

    a5ba528f8bc0fefc2c129e122a75e9e7

  • SHA1

    90cc20d3a6817e4036498f98aac6b1389c0a256a

  • SHA256

    5b09c17b86c5f8bd367444527676caf6af8acdd0524ca328b5d9a56f2c63dc40

  • SHA512

    4d9a54e9cd910bfb4565cb775c5b68577f871916d0fe1b5c1d5da5f4b35102ec73fb7e66b28c74c87f826ad578d4880936a9f25cbdcd25166bbfb6985862418b

  • SSDEEP

    3072:FrhB9CyHxX7Be7iAvtLPbAwuBNKifXTJ2:Zz9VxLY7iAVLTBQJl2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a5ba528f8bc0fefc2c129e122a75e9e7_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1992
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1992 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3044

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bbd031dab726b26f880de99ad84d1e24

    SHA1

    182d3fdca8c1c96dc186a4dd6fe02d9d8ee63813

    SHA256

    168e007602a35c284bea6af8ed21973ab04dc563d616d8c410bb478398c1481d

    SHA512

    9db8a3ccd090b3b8a390d8f8c3b13241082fdc464c9efd882471fe5069cbd3a7457e7ce41341272e8580e91070ea59dac94a971f7ca016561529fac04639be14

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cbd18bc12f710ea05eb38363a2b2630d

    SHA1

    f5a8f956b6528bbe5e4feb8791d23295cef086fc

    SHA256

    08d33615f7b33db07908ef61e8f6a2f4d5657146d6ea28ef71b3ce8288d840ab

    SHA512

    73c6d0c2724f9789b3cf9dc683192dcb5432c1e59bc3c430053436984eeda2f01577421e4eb9e6904dbafdda091a9d31c488eed3b2794dea6e3d290e4387c8e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    759eca619bf56e988bf4300da8f738a2

    SHA1

    d5faa678dd9978fc5f7dddb187a7e1e154d34226

    SHA256

    eba785298138c72afeb535cf12224c429cc6eed8eec7c2a26082cdc1517943ca

    SHA512

    0d189eedb2e5852477897bb79ada2f5731924abb7d8444bdf384b3506a88313e9c9b89682fddd7f5e09d54f647f398f596143857114e242c9c62cddc5ce2d4e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    17e0d8a6ec02c8d536ac3468dd7ad107

    SHA1

    5c11654fa80f80e838e0943be310c30375b74869

    SHA256

    72132e6fc4fd95b416a1238591c7a9de5e4c058da41631bb734450551bd9e56f

    SHA512

    185e954bcbf2a2dceb96b09fd42411c41d964d6957f0796441094ba9aadd044c1f2d7bb45d44acc914376eeed4575cd473a3feb51b3dcce1a3e3cc7365d49573

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b618d6ae2807e0715026fc41f31aba93

    SHA1

    77f7c8c9e3a274f709a0ed0e68f96a2b15ec9ba3

    SHA256

    e611c7aae710335613a9aab712926fe17ab6593b32d3760076d2d90f7cbf5450

    SHA512

    1614c5fbd2ae0ba874b32306fe310965451083569baed65a3d133d319bdaad014b906f611d7f8b1bf3ed60318fb7f1827f123dcc0db9bcd4c081901bc1b2df2f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7821690c63010b2b55295a053f4da498

    SHA1

    8d1651527e291417418c50044e85ec5104e9990c

    SHA256

    1ed5a7779bb2429d04ae7622a393fdb67b066eae5b49f6ec8c4ff029ad33c7c8

    SHA512

    0e13e86a83e47532b61e3619a6231eb91b2b17f316f5d1ea270e5db38abc2a89e392d65171ea1965cc33cbe2c8cf23f0d792293662533ac6f9f696b3cd24bb81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b05f53f72882e5d6633a41a04df09234

    SHA1

    08c6f9332808bb360ac3a5eea3cd4f8494c3d7c8

    SHA256

    c65585cf4f2b6551b8f71560025990e372ccbbcad004811caf3d0c8bc943b396

    SHA512

    a4db5d7d2496983ab8ceffb370e02e31074879879271b6c936194d669b95634dc9d47c2150da9f2a49d550a30ba7ba25db0560a821c1abf4291a2d6081181dd9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0ac6bd8feeeea4ca2c6fb38dded54026

    SHA1

    86644d00e6fe0710af53717fc0b2d9ddf35d58cb

    SHA256

    9abad0e847a9b2b2d3c93f940eadab0040a8bedb0a317aa2a26b5c46ff7bb991

    SHA512

    0efd61da106fa7d2136382fbe0bd3b1b461c2b46366fdfefc2c8d2631b6aa5ab61df7a74bb485f463f514b0d450026a4b90662ef4431a56b2dfa1d00c83b5d1e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d18e0be46e4b7cc909bca45e204ca226

    SHA1

    37c0da787283b4a55a464bc2c1f05f15bb2cb0c4

    SHA256

    35b14da3da8784e7bde58a1308a3235fdcfce594030b83a9185a19340cb519be

    SHA512

    91c2399b2b5b7cdf79b7d5a96e2cf373899a4ad9c7da211f98666263e0b7493dafef6f6ad460a02cd1fded8a8fc74c58af065ed0a2524c1cb0cb051ef8096e30

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    82cbfdf16df1a5b0e8ee42cc2ba26a98

    SHA1

    bd64f76407f0f8fc85464c72c3f945ec354c8078

    SHA256

    de4a3fdfaf48f99608d4eb73c93cd57f568fe0b787639089cbf95f10630c36e2

    SHA512

    d947a0a556c9854314036300e016d4511f1b7e78786f12d79f90127350546166a2901068b6d32732e42c79061428e1017d56027b6049a9bbb99bf82b4e8a8037

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f80f99eb02aee5c5b698b8e647e3e78

    SHA1

    10d87364b4186cb7b46aad00362bf083e9bafbd0

    SHA256

    1cfe774bb00162f518bf5992f63ad8f92eac647e8b881480dd9f4d85c4299aa4

    SHA512

    bd0c6add5bd13268c1db01ff36d5107c1cb3edd7ffa2032a7d73950687443e1b133bb94fe88e7806358762afc793ab5409561898b65148bc74811f310be00e83

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    94612492c6a52dfdc6515fead3b3fcef

    SHA1

    99b82668829592d2220c38762c81fa8042a2ce01

    SHA256

    b04132b43d57ace5e720f7dbfbcfbba0260786d2ac654c06194a91ce65a74895

    SHA512

    49704c08f9770199c02b259412de71b28fce8f7ffd788d8374d137388b3dc083f80ecba57e1fe59ee291ab09a80a485bfddd1d69bd92f65405bcc822918b96b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    70ac6a900891f223b0c8f06dc1c62fc9

    SHA1

    4c4e57b37904357a0e571721df02ffc0c5731abf

    SHA256

    41f29a3307c9fb89bd0b74d5cc1d590fa53f634f879965f48f905e08bb0de484

    SHA512

    4f7a12bf07f6734c7ce55605d6a3c2daedaf5c9a680c6ea33fdd13cfce183a86dd197ce52afa4ce248f783ac43083dd42256c183b6f4d1ec690550b45ab05591

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    46bf1a98de46059e250bd99553c28d82

    SHA1

    cac9d2f9b6d10c03e995fae3d5b3f709b925d5ef

    SHA256

    0711d03e447041a11664cc8d35547e758b423dedfee642ecf9dff5789e83846f

    SHA512

    af040e4dc017b47095efcdec81e7a658bddc972372e10de59cec0edd5bed76ac6c947f1d52ee5ed1279bc14ad8655e4df2e54cb8781a930a5ca4d310aee00ed5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eddf053fd9417fb30fa9d43abb9a5462

    SHA1

    bd4af5fc271a662c4f3649ef69976a2e14852033

    SHA256

    856ff40db4f9de10831052297264ffd10fcd45f7325b12bddd86ffbb4e620bce

    SHA512

    b4cbc826590ddc224f2bee58507357b8a49d1589ac6f1fe7c9f9fecc71a40fc56c3931883892225ca5f0d0fc6ca3038374fad118ebafd10e216a132c281cb5ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a9b386ffe66759b17c98708c30862067

    SHA1

    486e26c647f5aa6764513e12e037558ed338a1d7

    SHA256

    b81439755840a121d014d2e1cb6f2519e01f3df557aff2d4ef35090e800a20cc

    SHA512

    b911cc22e40c171aa3156c2c42812ea705d2e7cecd75e69075a53c91f59c88acc4e193da7b510efbf8a681bd5f56a50a2457676f2bd99794cfe3e519924e263c

  • C:\Users\Admin\AppData\Local\Temp\Cab82B.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar91E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b