Analysis

  • max time kernel
    117s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 13:31

General

  • Target

    a5cd35490061ea47372ca3158ac64e18_JaffaCakes118.html

  • Size

    461KB

  • MD5

    a5cd35490061ea47372ca3158ac64e18

  • SHA1

    be57d7ced8c0a60e2aacb81b40037fa356dfbf96

  • SHA256

    23fd8d6f1193e1ed35959497244835843a9d893824b7bcd2ae07bfddb9a9cf92

  • SHA512

    08030ca721d88fbbe7c5e1d9a98906d5c1dd08e34e5b5721481726f6a8fcf350956625e9fcf3260bc5604eb1f9c26050ab091626571c4c58db4096d921082d63

  • SSDEEP

    6144:SQsMYod+X3oI+YJZsMYod+X3oI+YusMYod+X3oI+YLsMYod+X3oI+YQ:x5d+X3l5d+X3+5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a5cd35490061ea47372ca3158ac64e18_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1688
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1688 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2732

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4c12585e5444d1ad1666694529fdbdcb

    SHA1

    feefbb7ee5ea9eafd7b9dde6cb77e7d3ff5170e3

    SHA256

    0384c25d3f6f9514d033e1e879dc3d38330694247fcdeff19870a01d94307dfc

    SHA512

    52450648a0c5270e5efab59c537b54651c51241b57767bcfa940fa68f731568bfae314c578ff00fe52a145c4d4e381a25b9bbd9bf355eb5dca845ad1090f8b07

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    33a9eaa0f982d5b1c40b7ca158470668

    SHA1

    3a67db48b2c3e095c3b95dfed8f7c677fb40017f

    SHA256

    ccacb024998c21d6d5715d35db4dd333b12892542654f1b973a575c2004e1af4

    SHA512

    002bab581cbb092c173a603b299c34cce1ab9bc096bf052f1efe0730b3565ca8db14f1ee8ff0fa03918224414ccf01dca496a504e7b853da29b5eac5735f364a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f2110f69a732096f7af17fe066264e8

    SHA1

    334289e3b2e9e8c5875f83fc62e3943d375d7c49

    SHA256

    89f9ea0669e5a43acf83ee81847045266ac94372ddac45ce9d637959c213cc2c

    SHA512

    10f2d81bc01ec220d163c437a6687bc6847474ebbb63ca68a5cae67254f776c60a15b947e8e732f71f628207c2a6d0e4621ca61d9690a910d3b766510bed4b62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b9540be28ef82d1fc519edf57b08ab14

    SHA1

    09e033c40f9a887250d9ed88634b8690ad08a1ae

    SHA256

    4f1c60dfe57374259323bbdd30508e9b1b4411569f92c49796f088bfc9f6c0d7

    SHA512

    10f6cc30e328ae7fc8b2555d45e61155b4926c600533d0cceae58e645d5ba3010812557eb4b636ebde6899812a8deda312e1e5fd828531c218bc05c7f4e13a22

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    218bb09df749beb9527413b2bf256d71

    SHA1

    256e731ec4d03024c977b3df3faf9d71890f4a0c

    SHA256

    001dba7d4ee45d84f335e49524b26cdee6ca1b6e358ac2ba9a1dab59d3cfb39e

    SHA512

    8d82222d60610f8352bc6d28fd6de714b6b21049678f2ca1d08f87196a235550cc702e94bf1b9d830967d71a3163bd0806cc4b5f5ed2dacdbbb607677981e4ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9a90dbe5c695ba9346108651188593e7

    SHA1

    16efa0076017345cfb8ebd1741d5c6a396ec733d

    SHA256

    9149013661ed1a5d63a0074ea96a2bbb51bfc037922654930fb028d74bc7047e

    SHA512

    1948feeba898a956f970b175e9bcfc4692580bff64eaebce3940d2d44460671b9435a913964df16dfcf6fe54455bfbf5d996e2dfaaf2168df044f24a1fbfe664

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aae155e353b97ddf0ad3351352361835

    SHA1

    42cf976b418cf4aa807f44b74f3344413f285068

    SHA256

    e3ebff7fe2db029d8a7de3d0a782359703ad96751b14dbf3f7ed0ddcd4050f44

    SHA512

    5f992bec608eb65c0ad4f90d34f264724d91f536b68c5149866fd52a318d87471248b78012febfdbc1651c12ff8ab85251f7f7d3aac9986f7ed2b3e829c624f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3b8c5da4a1053076db9dbc059199dd4a

    SHA1

    02ffb67220028d720d497adaa678f9b1abf50e27

    SHA256

    c713d8a003048a14f74e4201588dcfd93e53143f470ce521eb53cb7a9703ffa3

    SHA512

    514be9e6e002e6770e6a4b1281bf7dc8c0b83fd179644217177738ce75088a3eb1d8cf8ed221cd0830857c8c669b5df370139836abd2d89b64bc246f124cf38f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b67d2a124e748e0c15e307f11e98eb98

    SHA1

    a192041032983d54d1950c137c8c257dcfceed94

    SHA256

    b9d4c048f7639647fbd0934a1758be02974eac23069318fec34fb5fba9f1ccbf

    SHA512

    038ef75660aee7420c25d31d585918622a231f6f5b993283c5c6e2ec5e9d20b8823aea130d95aa3a056b473057908368433184a8b9ee45c927a3528fa426a6f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9fdbd92fc0795f4e9547be1b50b8567c

    SHA1

    79157b5d0d67f5b6c04ac7af3db5a96d4b47f01b

    SHA256

    f5ed460f258471a52ece533653bc21247d485507fb4878dc88de7024bb92b07c

    SHA512

    485422a3770e00b586770da96084630ee92de1db7eca12140f55948add9338ca010350ed84f4c1419229c489d7feb5f6e2a174eb4a2863aa6988c6e780e4e64d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    df3d7a98616c8f63987907c4d1c684f6

    SHA1

    e8caecbb0e35262a22b631a18eba90342004e38a

    SHA256

    708eea16d8a202b21acc25364860cbb8cd5a2e7d260e999346dd0d86c7f45e32

    SHA512

    5959f0032bbc7b761c085b1915cde81ebcbaf54e8412d63cf413aac9221714c440ccfe366ab446cd624aabfe0953285eb707011fdcd2b93a8293c13574c95927

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    21a7cb52932bef90774fcb5302f6822b

    SHA1

    8faa0cd5fa7ced9b6e7b011ac201dd312e6f0341

    SHA256

    cf3b913ece9927dc0f7906995730fd2c3b24636c7e54b2c2e730ce7c3273c35a

    SHA512

    10db3b4eb561689d45b59583233a1a709f7392c318bcbe161b91a247422e0744bb38635dbabf49d07096e6c55baa04eb1eeb7924bf01403353a3ab694e351f81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e963bee7a2b17f8c5f406518bf13adb8

    SHA1

    cc90ab5112576abef6fb4c359338465654fb1ab8

    SHA256

    a2af5c3a913d1a0a9b1f7d819dc9d7ab3b3483de4fa92b13cd17d4c4491607b2

    SHA512

    f3fd4c20fa9c76e6aa4ce09f8e4c1b5d67c1712865721722a5b51d7c5c5560760b5dbc2ca2b3884ab8cf83fecd6317dc1d329b438ebd87982279756c94612bb2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    160ccc9ecb9fd9cafe7387ebdb942f51

    SHA1

    e937c9d7da4d07a437c661707f23eed7e3213bfb

    SHA256

    75809980e4dabb3cb5cd0a08a28fe0e8351c7ebf20f120b895fcce21da15431b

    SHA512

    5376cd0a8e4475cda2aedacc97ecdd832044acbe3453c9ce27b39e2cefa1f7a96450032bd3dc1c6c250704b3db09f1fefed49f536fa1bb956e150069599517a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ac4fa0130a909a7349f9033f2f8216f

    SHA1

    d8171473b318a67726fbdb7e914913c21d7d67c9

    SHA256

    909d788dbee6fd2a3f6e158ee608b1a6056aac09052be99c957216a0f57e4984

    SHA512

    56ac409640958eee1b238ce55e27290b232abbed1afac3633eaaaeaa3b430ddc70c71cbb2ea6a4ff7a351e1f9c8ae94a432573b78a45794b1d10168b76d4e541

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3094f8762d0a4cc4a23758fd7181d574

    SHA1

    301c7a35ccf0fec9ac305fe56a439889df79c9af

    SHA256

    7a3dfbc13f11a968c3a800dec911e77f32735fce6a5ce9eebde7ad8bd8439c0d

    SHA512

    4dbb70b6047ef1b451f1dab72c4fcc24eea59244b1efdf223ce78343e54c71f3ffb336a21b03db1bf91df3b22b6a1900be096e1f45cd1f1495fcc2e217359a5c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7557cf80c9cf46519cfb414a3f0e6830

    SHA1

    3a331038cbd2a4d3762d77fc10f1dfb2479c82ec

    SHA256

    7178137ef2d6c3a9ffb48e7092b588cb7fcec8040c7a1c85aab9fb0438d914a6

    SHA512

    9315dcfc8049c05b7299db263f89874b90b0f5a88706576e0269e481fee195be1cef17a23b823701f8c0d188bff0544f1668f68a9130565b58977ec188025abf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    641e468b70abbe45538e929842fc4511

    SHA1

    45b685b159a5bce7583038dd06008195f7ee8f5e

    SHA256

    7559eee45f707a43db765a086415ebbde1264115ed7e03a00a6c00d8a8906612

    SHA512

    a04702b37d960edceec9cf45e23c7b4c0533f98b64a94ed7b803134fc7891e9cd020fce662c619448ef9f303e599bba115cbdf4ca1c1d5cfcfcd6a65b8057648

  • C:\Users\Admin\AppData\Local\Temp\Cab4E90.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab4F7C.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar4FA0.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b