Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 13:16

General

  • Target

    a5bc5ffb79e7a31e3ba3ecd1555657b2_JaffaCakes118.html

  • Size

    53KB

  • MD5

    a5bc5ffb79e7a31e3ba3ecd1555657b2

  • SHA1

    1c92aba025cd5732b16798a4f7ebb51549d7a419

  • SHA256

    cec53d1697f34b1185938f84705fedc2712b92047940bbce5a500487b68d0206

  • SHA512

    0d5d464c7d4b12bd3ff5c22ea6d33b89156d2742752cb13adec992b01dd5a879ef8142bfcdfc9e5bfb7dcb044e95606a49aec76ea1007e61bc5f0ca2b88952d4

  • SSDEEP

    1536:IvkQxp8aO0B7Qmh6RejhGPTGDxqreMAyftqbn+S1/N:JQxp8aOzkrbn+SD

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a5bc5ffb79e7a31e3ba3ecd1555657b2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2220 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2632

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    84765a49cd1b5920c8aaad9df2d78b84

    SHA1

    4a61566fe0bc4929e7cc3e2c9b24c7f61e7e6883

    SHA256

    a32a7c00dbbcc30c4edd10bf17570812bb620c78518605be2a1096546d4cb3ae

    SHA512

    e94ec2e9798f0f010e0d4cfd641ecfbd04dc9691597b7afe9f8eb87669f4886040e3982a2f08d3c5cba76781d5987bdc4afb0e56655c161e50a34c34c7487c5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d13cb378af9a06b2af2d6253737f6d86

    SHA1

    989919b7f1e1a9d1ef17b3b9485967beee13eee5

    SHA256

    49d2289d897ff36a2f2a2122675bb68fce98ac42a7d31250a19ddcbfde230bea

    SHA512

    75ffd7c614bfdddc8a50686c037ec76de7bba117fa313697af9b118ecf48607bc2261669ed365a10f689d2af670ed644ee058242492a3405cd99d995c1cddbf1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b9864917001d87566583abba44aca174

    SHA1

    049566d3fdc23c48531fa57bce6874f46b47afee

    SHA256

    cea97a6c970c897600ded8cffaa329e19e98eb06da133f34339ce2eec3958d7b

    SHA512

    c765aace0cb90c89d959bde926d6872581b5fefc0c9b082526c806653a0b4b065912088fbb0d7d012bd4a86a675967263ae12be132f59ccf0175492735e8c95d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0ce0cabcba5b11627202e21d50f7d46c

    SHA1

    78d226cfadf2c00aa53be38dfec684d608634b52

    SHA256

    87bb89fc7e069aaf55cb9b70930274e3a3adac0903ad4541cad88cffcbe24d9b

    SHA512

    ae420401d2b38aaa0bc7c79b31b81ce722ca5fbbabb3c8cb9ff8ffccfe672f8bb962f72fd97c39f617100002edff99c3a5b563678e4eb858db9f8e4fce9fc484

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f3f17e716ee5de13f0cdcedaf977d02b

    SHA1

    838c7f112502b3056ee1dbfb8ff9edbe842147e3

    SHA256

    ab0bde5df12f8e03b807bfdec3df02daed7829e6ea9f7eead922a93e9eb97744

    SHA512

    ed654d21b1bae1a13225708b5c6c8033c11dac3372e765da671a55fe95bd695ad361fffa8a2df2d989f570415cb67b9b20f7fea765a47dd23630f09dc775c2fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    74c453164fdc633e825bc41f536100d2

    SHA1

    54483d3f2de583f1037f642a32cd9cda659e5fcf

    SHA256

    780b9a58e332f614fc4ff8fb5cbb7e9ada106075ff5177e35c77166ad488e405

    SHA512

    87152863dbf3a9d5225619933ebd3fefd06cd766e77493c1d3fd814766783c89f9aba12b3948900a1945347cad2c7be61fbbcc0f7ccd956a9d2c89d162391e52

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a1c3b52d18468eef77835d3abdabb823

    SHA1

    603556c7a71fc9634b324a339a82ca35b13e848c

    SHA256

    26d168d326a4188a8f43eb3b77ae32c7391e2d4c111afd69688ceb38056a41dd

    SHA512

    d64e0924d8420588d5ffbe26b83eb02ff14dd6540ddb1b4e1ba924b48d29bbac3a5bcd98ab74984a765f04b813d3360b33cc33a402bf926a664356e2ba12df1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4b00c9592429bf4ef59730e75b385870

    SHA1

    f7b292bffe89ea91da8f53235edcfda5b3f22cc0

    SHA256

    dc7569509cdfa1f5802d5258480eb0ff91221a990b67e6c36108646a6e08eea0

    SHA512

    b656d9ac3c5e0625eb01077e1fc6d0d649325647e82a3f5c3578ddd9af31d017e5d19feff4899aa970abc4d0368354e175054dae49124d270fe5312162904423

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7770be92867c1680b9e138b2521b37f1

    SHA1

    b97d1f7cbccaca19afa1cdfc9f2d1c5d664f006b

    SHA256

    983697277027474b1aa150c0b1e30855c876c5e8a8c69d5a0021ecf54138634e

    SHA512

    16203643f561676688d2c4dfd4d6b755dbc67079552fa81ee74d525c1689e1db3bbf6eed85b1fef4064d2712a4005fb64004b341c78dbd3fd45fbdcad49168d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    337fa45f492e62d3a3c28ed26394985b

    SHA1

    5360fb3200708fe6dc277087e5916022a1baa09f

    SHA256

    029e6d40f37c972abe10390bdb646602ad058cc3061234c3d59581c82a65d14f

    SHA512

    15e4abc67f0b2da085c3c13f98e7d700c57043cddf1812b58c36900c209f2ee6a1962f8341235d20cb3923325917cdce9abb80093006e455e23aaca1dc644358

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    335bd7cb9cf3d8109af422a74c012964

    SHA1

    7fbe51f985bd7944203cd0618c3af7f714f9d046

    SHA256

    594accb09a9628314cbfc70ce7b68499472f8b81c5a60d96ef1951db2a987177

    SHA512

    6640e59931b86de7fa7fb3a45541dc295c2a22ebd2012c53d0c250c78cd2a9f686a1242133ae8ac374b726c6a12fefb6c109eac93a7fab2873c2571e3cbb8dd4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    50acfcee011a0f028a1fe1b14721533f

    SHA1

    103dfc3ec9995989a1ecf7b8a69da09a14a2bae0

    SHA256

    ad5fd1b8e72c8463b09603bab19bc4988a0b043f0fdb5c2a1da8f5034a612eb7

    SHA512

    63e7dc910e0ddc76af54e30f484629e30dbd73b97b46ee1deb06a06cd292995fbf32e0c5662f1c1161d304f23b8b7389c4d3a9f3e45197d35ccdc34288586f32

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9b3789d0f70f6d45ba354df57f660e32

    SHA1

    360b1ed4f29894e1bd1885c116a31753526dbe3d

    SHA256

    af4696b703e1d90528cf8bf43d4172af6a7034dcff1776b426836daa1d413dcb

    SHA512

    535ff9fb7f9588608711175a137559641fa31d461dc0fc8dfeee145972c81022527499948848e6c28032eb7f8e78540f9fc0a86b658769c86ea25be68e18989a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dab3899ca1284c82a97ae5cc8965f673

    SHA1

    2205325ef1c53f4a5d550650c2a54fd0b789a02f

    SHA256

    962197eafa2eda8c7eb2e1aff108b3bdd0b57737c671ea742ea19f0404d3eb5d

    SHA512

    d17b413646952711873f1c80309e678ac11dc583c9449fab88f5ad19d59dfc9a931df8079cd2faf657479c4d92ab81c8a84dc6aea67039d6ca3bafedec58ee88

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36535c6590f10cf8e8131e7e7f96bc43

    SHA1

    f68f830f09bdfd5e5986c657f6e78b5994b5f242

    SHA256

    4fec03437120ec07dda2b8c6c73c46f07d6a640b2d19c1957e77d73c7e50373a

    SHA512

    f64d71e05a46d22ca52edb720b625dbe3e3c326479bbc8c6d182681df484cbe892308d968fdb4eced3d2735db4cbab9805603c3c66b736722bb32868b386ade5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e65c8ee1324c281d49d2cbeff2a7b5cf

    SHA1

    fbf8f50053d0b3db744d40265cef20dc5b49a115

    SHA256

    d236c2b8330c656707f2c0d8a677491b388b08110f6b9c4286c86bfcde00c1a3

    SHA512

    413e3a5f482a94db7a0130a6132f9d2a26c789e5758207e9b7780b35143798afdb20d715a3d7fe4f16f0547f685c3aa2b35a4bd76d40c5108ceb469389273e57

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2241306551c76a8fdb25ad7c7a102878

    SHA1

    f29075270c54179b51a43676b1eee15ec8c47a23

    SHA256

    6f1ec1d6f4f99b0bbe16cfc8f7da377c5e1a34c1fcc442084e9e2f3fc9bbff48

    SHA512

    cbbbc2b9f16b54a62819a41bf643dab65fffd4977ae26bde90aa96691398cf4c66688a8c3d72984eb98d415572a86267789e60d4bdab1809993caa901920f810

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ebb2ed759079c6ba8210abc6d92eeea

    SHA1

    e57814104d6f1d3e269d263a1162f54ffa203fe6

    SHA256

    977a5fe463a0d1d37ead75e80dc0bb8d282202930e29b784dac1c135ebe2fc18

    SHA512

    e567500b8634205641eee2b89efe101709a22bcc1a6433cec869acbd881710ecf6de65872219651d8e382f603eb0f24b65eef2f7f93e8613b96a36a216eeec63

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    59edbed7d588da9d754305461e7e49d3

    SHA1

    67ef27d2d1aff762a3f8ee26da0a29cb84d4b20d

    SHA256

    8ae5e3cd2f4ba7f14cd67507f6932b4e709334a2a0a3db2e2d2216d650bcef0d

    SHA512

    8946bc891e4eee3841e14de94d10ab0da27d66b25db506f773c0722be7f64469367507c92386fa8f65f1fe252c96cf99760120643d388a72926e63f66bd69e39

  • C:\Users\Admin\AppData\Local\Temp\Cab1400.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\Tar1609.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b