Analysis

  • max time kernel
    143s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 13:16

General

  • Target

    a5bc63c636a0074984e816564bf93cc5_JaffaCakes118.html

  • Size

    17KB

  • MD5

    a5bc63c636a0074984e816564bf93cc5

  • SHA1

    5b0420f1000c618ffd76b223c4fb59de21d21b84

  • SHA256

    a0a6d6fbd373e86e37586711d38283ec9a52b482633658612b8791a0a6d8dd66

  • SHA512

    ad32175d105d7a42de62bc3306ab1b87a37e259952770dd6877ab9778382e680ae3b12f3c6203119072e97a2e3608929da2a2deb4b64eefc98c0231e579ef7c2

  • SSDEEP

    384:7Ri/Tgpi/ojR4OonuARsSqIpJakaj3zzE4gWywzVKA/SIFukX04QfkU3e:UU0QjR4OonDs1FgWywzVKA/SIFukX04H

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a5bc63c636a0074984e816564bf93cc5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1632
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1632 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1680

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f0c9f9f33d9a5c59d49fe1e1ab090f1e

    SHA1

    9577dbb70f7da93d6bc0f290bb7de430a9994bcf

    SHA256

    8f5933fa8243af6065cf66f0fba24b80dec2a12b710ef07b028c58cc7e1f3c9e

    SHA512

    47a4b0cb103889141b9b780df15877814cdf0a20fd65b8ca67904670e20380a4b7d888eb6a8e5e3e7c589a92856c927aa213220eb4fb3c92e25aac76e2ce1a81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3325bda32d40134eda18204bcebbcb26

    SHA1

    21800a7d899e1f30e9da1704857e0f51127f8541

    SHA256

    4895689268b57d1c5bdd6e2178d89ae1e64eeabb81ee1456585504a165b80fa3

    SHA512

    be965f7e2ced48d155d9685cc916085872aa39e950afc7e22756d9cf23595750d947b1e806556b5632c005b1facdb223703a4abe82eb1f6c09e2e2ad42ad5a6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    88a8decf59fe77ee5d64401fca100edf

    SHA1

    8228eb292fd46dd5182b49d853fe3fbcf8ac7155

    SHA256

    c8ea25a1690a33b9461e1d94ca5c333264be19fcef512890ecc832839c8135be

    SHA512

    6e8d6b6db6c0463eefb8b7b5df9d402128bb019ab305b02cf089adfdd1608804d4770640b745062942adadd00ade65a295ad73d26e5d9f9846787207b1b7a778

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fbaa4660e930d23567e22a3fc838db1a

    SHA1

    6b266f81f1e50b9293267e950b485efa904a6a52

    SHA256

    d488469a0ce998ecf6baa13a54c0e5392052d468088d33b82bc66502651d5f6e

    SHA512

    450f51fc7777bb8583cf146c5e80d1d683ad4a66836fabb5001ea8b90e7e867bba0f237bdab065d19fd2b04a25869fad6dfa810ea996fb6aa886b6b41c2eaa81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7c10145d5d81d8fe5e7b000c4b58a203

    SHA1

    8cf99e18791f5a012ec87ddcc2785a525472290d

    SHA256

    a7811c1160050da586fa96c6eb239d0d0e00f0b6068c2e2e4642ddf6338d1145

    SHA512

    83810b43ae9d11b94b6fbca4fcc97420a280c2f0b0e5fb41a8a6d43e2f689df1906778c28e184b188c48d8a95478f2d6e343826321c7ba2b070a31b4bd7fc7e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    28359a1454fc33745afc6efebc3a7ae9

    SHA1

    87199310f99e878b8ba2ef88ed663ec74f4698bc

    SHA256

    56870d7f0c21fe7c4ec15c1cb89baff310aa0cb1b05a1b622dc3b092c36f539f

    SHA512

    40987ec0a587042db5d9b77b669aa8f8e4467028f7c317d36235b386b7b1ad64162740939f86a4cb0a77c98ad6bccc71c193b751c4c214918c0d38c62b477b2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab6fa0b311a0a652752d1d48af40903d

    SHA1

    5d56005dfffccde46f68ac77cda9d4c8ba8c9794

    SHA256

    f5baaca1495ce029ecfd0a9566546aa8fad376d385434e8d970f41c0d220f26d

    SHA512

    1081987e6fa9253b5812125e3cb9b68b710d964c24f11ca658df2d1a7f59be924fb9df69656d429ed25ce9cc5ac7b2e25eb90720d1a6ad10d454fb056c21c031

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    69caf76049f51638d4842acc1423d5c9

    SHA1

    fabfdf731ea09d63f618e743406da2a248abad90

    SHA256

    3433b7609e3f060e246f8ea8301160ad5c756f352c230c9c5b3b8b87aaac2e90

    SHA512

    f89d62ebe87026e69f0474093f2c3f01f2cd74e05496512378aedf1545408853ccb58e7024b6c3af5048ab4a59e76da2dc1b62d6acc4f857ca456a7c5c83f804

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf2276df839f2259d2992ad7ca4c3376

    SHA1

    44f65f888c458a40f8e35838944fd54d12078896

    SHA256

    8a21b5bb7b1bb24e73deae33f8a784aeeb1624ad1cc4179f4257b27f5a40aca7

    SHA512

    7603fa8cf6e96ccda2f1b310f44e03abfdd88af70b8f52862695aecd0c3790b9e5f533385a6f1bf32748d0d4e259e77bce2c30e8ceb50ce29b44afbff7d30def

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a7eb3e8b87b328abcf34bc24669531bb

    SHA1

    69af48033e91ada144089d9b3561685e7ab1dc69

    SHA256

    aaa12683d0fdeb2ff4af014e7e074cc93d2de85c44fea1e54454108fd59c4e94

    SHA512

    b83bea4148dc538f4ba3dafedbe1f0fdaa7eb02a8cdb69ab23231e2adf749c00154c3426671b0e6a596938304c5f8c0f38812cf8e83c1d2c2075fa5d11e08b63

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    31600f3d822f9779d447936c4d644d5a

    SHA1

    7b3eae7e413a5842557c5872b32207affe07e4e6

    SHA256

    fd8fcbbb52d8c926ee054614a0d23d028e826e7e3ed4d131a0be5291f181d7db

    SHA512

    5711e3d0212dc972337a6471d86163def759355f7a5256afe9e86476c31f3cfe5bbe226596c09aa59f4c27fcbf76567651fc84b879531474421c15075a029ca3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9229610ef215b71f2bc17e9a8ee5f7b0

    SHA1

    c349df3e6214821a5a5584c35ff5ba6987bd1e49

    SHA256

    764e5d396a98865713f062a7e0b61daf2a3481e9f4da97d9149c1b1118c4b7b1

    SHA512

    fc1f85cb36f49780c90ae3c188b4d5576e6ced53f932a4d0769a5fe87269369fed00e48628f50e24d20fcc77af211d1f1b77d44e2e69e7d22d3450fc88918db9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    35d52509b9181806f13ca3747a19cee8

    SHA1

    13d25fb4bd12d268c492e71b78a7a3d1f03e5c20

    SHA256

    5596467614cf8b27b807f58d6676028b31ef0c302a28ac42a4d5ddbb366d251e

    SHA512

    ce0a692ccc0bb8b890db7aa9303e98fccec1496e342efa3c4a6f0e50c3d8e93d7195cfa54e01ca615f172a6a51826e738d8908157fe9eee1cf089a7e541d9c3a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    25fd0dce6ca4d16c5cd567daddc3b3bc

    SHA1

    271a9e6044d855f2bacdea7bc903304cf91b4892

    SHA256

    e1393717a8b5fae6968bfd7a82725bb335c87b8d7003455ea6e400ac837cdebe

    SHA512

    e97afbd13eeb78d40113044cb8892fd6b4c446f088437045d68e786d4c611beb36ee42cdb9a1fd346c42da0ca355aa599918ab1426b220acd4f6f286f701c61f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ee777721c2f39c2125a890aa260830d5

    SHA1

    2a43f1fa87d14d785b327bf9b53329688f980a7b

    SHA256

    9c5c1235162e46798d2819a37e6940b996f49cca8d5f1530ade56638fdedcb52

    SHA512

    c0baa4a5c62bdfd01dceb8b128e77d6bafcc2945c4e0d3c6b12bc738c294e820e36f611d8bd87f3cbcbffbecaaa254900cdbda98a9d6a48fdd59ee2294711a91

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a5af01f75ba30e6ba0c9410b5735c5df

    SHA1

    85ca1334894e79aeb0c2b5302ab7ba35b9e954a6

    SHA256

    b8933f8500bfa5239dd27804518e8acdf52c29b5afd380515b917fcf8ab5b433

    SHA512

    7b00bcca9462850296ba11417083f750570955ab0c3bf3a4e39bf00a6c8150dab5be0977a60b94baabae8774c6a7d0d19da1ab57c2f0dc699b53f56931f2882e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed3854c51401ea392e0d52799ef0ece9

    SHA1

    5d42ca3606fa94477fcb2ede1a2ee1370d624856

    SHA256

    3c6c554464836eb183baeb22f10b677441967fef1e48546bf62f0d3e4bc1425b

    SHA512

    d0aa77a7ccab9aff9d0f339208a31db5ca836fdf90c14720901c8fdeb1d39e3c523f4c3d7a1d45f040a28f7ee3c17884405d7143a3848397953e4028f767a335

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a393d79b892383de51024fe2880357bd

    SHA1

    e138bf7aedebcfc94895eacecd333e387c636bc1

    SHA256

    6e07ba2005a35c05ea557897e8504923cc7b72ccf1818cd20042ec43dcddbe9d

    SHA512

    fcad52e69e0247d66c7b181b8a6fb652f8206bd680444bd1623db92a5266d872ffb6646ce18844327a54033a9862f028a0d7302837f46d54828ece32ab898915

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aec5e337995622e4754dfcc7671e59ff

    SHA1

    dad4f33dc262bf320009b78018486291cfbda6cc

    SHA256

    8be20b322c1a4311d5ba5cef872b1b1fefd3fe583dd86673e6bb17325a595840

    SHA512

    e675aa76a54a2bf4b7fb1afc666a1ba7e60246e10fb51c49759c5e8f0cc3a869f41183bd0ced5590fc624955bcfee01a192ca53d07ee1371ab0be55876b20776

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ac3a7e08427aa5a99b1fc1eb824016ee

    SHA1

    ebb1d09612cb4b88aefbdf902a2eb89d1b5b425a

    SHA256

    405957dc6583507c4e23d748525b69799a19eebb93466f8dc41dc9c0c5ccc686

    SHA512

    28cc8d96f8da7b2f4906c8ca47be213ee81f5f210230d464c4609b5006f0540f41b5f43e634271751950745d84cdc4d095e36421a80275971941c4f80712107f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fd745e43d56ffc9a03d373f11dabf385

    SHA1

    9a788ae5eaaeb978b428304e290bc923e877eed5

    SHA256

    7e4d77bd6a4ee95f8eeaf67ba24e4a23ec9c5eb18f7d9d7df22381c7a3041e91

    SHA512

    9d95dc60ea0fd836c20eb038800272a8ade8ac3a2106d73c2b07d43fccee8e41571f34fa1190634de1cc991c094ce2a6464faa86c9f890dcf49f57e30127f38f

  • C:\Users\Admin\AppData\Local\Temp\Cab31CC.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar32AE.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b