Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 13:32

General

  • Target

    a5ce12d9334b9f51fead67cdf2d926dc_JaffaCakes118.html

  • Size

    452KB

  • MD5

    a5ce12d9334b9f51fead67cdf2d926dc

  • SHA1

    05128ed88b755c4ce6661134f664e921a88b52b6

  • SHA256

    187d3dde780d1859a391132448027e125f209274bc4082f5638bbf080295b9a7

  • SHA512

    8766bdc3b16a9a11e5edf19d36b5bb8a86ca6be29d3e3be2579ed56e6c96a926ac36dfc507bbae66a9b8ad69c140c1a6fa522649208dc99fd1ccc2338f46aa1e

  • SSDEEP

    6144:IsMYod+X3oI+YcsMYod+X3oI+Y5FXsMYod+X3oI+Y6sMYod+X3oI+YQ:W5d+X345d+X3nF75d+X3u5d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a5ce12d9334b9f51fead67cdf2d926dc_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3068
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3068 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1984

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e7fc016f8ccb2b008d361192216d8f3b

    SHA1

    f1fa5e45346a70c8a1ff0ea9e84ad262b0af2e5e

    SHA256

    2c4e8da841c1c192c5399abbb75eff5a5b6ccac3dd7876002e8a0fc22cc74e8d

    SHA512

    3b84bea1d8c62ec272cd44f18ed74ae76fd1be95379e981ed8fa5eab236863c2100914e33f82c51f8884db1dc6258fa287f9b89beb6f28eca83a418a393b8c6e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    203ad892659f7775540f8403bc972b37

    SHA1

    22b782b2a7f8e6a28722e309f5bb31d8e5bcf784

    SHA256

    4d4799437ff544844783479c971d5649f2d3f728ae6ec7a916ae77dd0fd88a4c

    SHA512

    714155d684ffa93af70bf0ea3f6371e4a544b0f01cbd2f48ad8a2b8dcc97d4c1a9685d0d232eaab614fdde188da8cf9c58d9619b68717bcdfd5a20ba82553f28

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d6848203d5a8f5f5caa621a51ca527b

    SHA1

    9eac459c4d441b428c2dc8b4ca78d473341cd8e8

    SHA256

    b37c5c538d6072f9fdfaab84f37cfc59f9a7a4c487869fbbe4317cd9e505b2a8

    SHA512

    5af51d09f3ab1f77c38874225878903b25da225c02c96cdf559589f579c6311274877fadf34d5466621dc3354865c34b9a99eb9e01c10fd7fed61872c31f227b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    df9360c89fdc7fe268f3fdf76f07f076

    SHA1

    961b52022f118c16d4c7fec93fe383170c191146

    SHA256

    12f9c7c4c615d154fc7e582c0fba1d5b833ba0c85b03e78fbffa11ec606e2bd1

    SHA512

    999604b92d62cf5af749dfeec70b634d804438b414d649028d48d7559d4eea3cbf01f84bb6d1d315573126e2803ec044de8790e333907d8278db32dfbf0d084d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7fc84ceeccc3abd095ec253f2bae22c1

    SHA1

    c9e42ee6a95a54f340ebde17138a642381b42364

    SHA256

    4d1f2dd4751d5638953f9dd1337e7d2960a1518fdea9a9764572713598c12fb8

    SHA512

    9f856ad58c7e7ed51aff46643b0a50a4ae7bef332a50f60edf88ef97d50298f8e53d60e5a893cdd51a3b14619e1612babb0c25aa301ff4bf2639f0e95bf1a04b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f06a80a68bc48d885badacc155c86c31

    SHA1

    7974dabe564656a53bae1c3838512f595f1018dc

    SHA256

    e6496b3e75bf2d4725a9b8dbbf0be1faae94e157c9b8ed18c2b2df9f84393dad

    SHA512

    ec287eacfb9592bf7fe9b143098dde7893c5e04fcb0b5abacdb28b377a34caa52e4c0f68786aecf0ce3b725aa71d13239b51cb78e2f97ef1753329ef6b43b2ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7079d9bd3b8b1b6582c090a2f0f8b913

    SHA1

    85484eb16cfba25b10a91fa2ea6123ece40cec3f

    SHA256

    372646c37d1f2ae6354e12f14f61f88b2ba01ccdd717da1ac77cf99e42705585

    SHA512

    367d9c34eb3ed84a7aa619f723cf395a64baf37c250fd7094ac9beea450ee15d889e3fa7d7529d61bd7d8bf0a2ad096b35a318cd829abc823188bfbce6cda394

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    43806748fab63ea390d8b9274f149739

    SHA1

    ff5485ffaa9ea85cdc78331be3934778cd3808a0

    SHA256

    8650a1c65b951041a9f67de12cd4afea10a877adc8402827da4f89a74f0eeecf

    SHA512

    d4420168406968822daf59079a3db3408f3b1b4fdae52beb0d07c31d0918b18560baaf50757f7d411877727a040b4e0ee3ac06cc218280279591ab5185626272

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5ba6afb105169bdae37d3e2765dad2f

    SHA1

    e56ddb9a66750aeabdf731c92fe752f3c14e0dd8

    SHA256

    ea2469585abbd5ae83479fa075877aec1d9163340858dd99cf6ffd92f4417e14

    SHA512

    337680edad732f7ed3ff6a3df0ae4f13e9ed1f4279315963553da1596fc91a9629a1143f9a7f12e831b8ef4a3ba7b939a7e70066765a318804b21c60a9d6b030

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d6b64f3cd0c75d66e51562f627fc26f9

    SHA1

    7176d66786c8f131b349f3cd625caa09c6973475

    SHA256

    e1403077578ac5f054861e21c6fd37a1fa3e2a7598297b24fd2652ed36504b9b

    SHA512

    5674746dadd113e288cc1d9ba1ea6c6518baa9af4620d5e4ac6d5f79a84684f5969dd999a8af37a8e2cc992e3fc24df128dc94d26dd41c3830ba0b2b1119611d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b93627eff25d0718f0c9e6cb61719281

    SHA1

    8e76ea7dd63e38b0eec778d80a7fbcae6a715fd1

    SHA256

    7d4dfe6f2e78cb089f250c753df0e2bc6abf706adcc03a63243d97df6e9aa5ee

    SHA512

    afc71b19babaadf94f0fa2942868533e4acfbf2db439dae974bc3029c2dbbdcabf64c792342e269b0b582747e907810214469b0d6da4793120cf4cdd769bdaab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2183528f5d4727ba7fd868803db22050

    SHA1

    f5b9fd5870e1887894dc9c60b469ba489df0cc59

    SHA256

    5263870da866d0fded036f5855aef71b703fb02820367012a8d9e45777bf6074

    SHA512

    99eac7674682c03eb7dc53f3a89aa45f0805bb7c4d1002b49fa47ea7348163b764dc83241cde96f06dbd6b10a553801319303cbb4511c96fe0b76822aeebc945

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5e740b93cab17998d13cb8bbca8a2e81

    SHA1

    3f5a159ee35b50accddbacf64523ec872b5e6e7f

    SHA256

    e5a2d31deed43d7022c115a23b85c0edd38323c2a27c41f5d4aca264291d330c

    SHA512

    cbdcb59fcd3ba7e79267101c1e1f0cacee9b938d712cd13f6bb26a42d23f6e77059549f870b25e966cec95cccf1a3f07ac5ea3442dea5cac05c3c6769f518581

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3279faa2cbe873cd1344323ac59a2faf

    SHA1

    5907fcf68ed0fb74d8451a09768ad1cc764f3f02

    SHA256

    c76d0c80adf17f112641ce0e987749ccb3a2bc3784112e08184f86165baca641

    SHA512

    7942bcb490ed914039cba0287d26008c84a963af055fae10111ad0b8262fcdbe82500fb9a93e8eed6ab647924ffc1635baa99691af9bfc8fb8644eeff7cce726

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e8171c112c1dbe3fd0c5c8fa73696f62

    SHA1

    87615669df904d10d03c1f4e8b8c564177daa497

    SHA256

    6f60d2f282e678cd5b5b972a7ee1234baf764f45cbb48555fd5bcd591090ee26

    SHA512

    afef44dff78647cff6d2f092a9b917dcf56f78172dd1ef98bad10c0bed0928987d20cbe6326461c766c699e84aed34a494b565f76ba3ce023734c1bb438d0656

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c42a8e263fc8df6ebc24ce78418f962f

    SHA1

    a43c4a0fc17d6ab28165ccc016b0a12cb2e6244d

    SHA256

    82bfbe103ffdbee3b2fecc7dd75687a41fdf22db7e505dd4709bdaaf3091c667

    SHA512

    b5fc3f486da87f5b7b62828059dea0f83a890cb7355e485c3ab86d0d02124151b6753bd93f3dd9e9b2a47e69120fddde5769968fcb70f3a60df3d3db7700096f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    054a1626a78fa291aff07cca222ccbbf

    SHA1

    5832f61920dc9cf1fb277437470cbf417d7e2102

    SHA256

    26e309c585005fe2ac97ce325e624039dab58ca560c9c12aace88d4c5ea43e59

    SHA512

    6ce91c8b113e057f72a0d0ad3999015cb3e8aff81df9ac313e02c6fe0e1bd74f1ebb906d7444f1ab21935e8d1b19d7f7fd91e4c30fc993b08b67c9cc504f6dec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aeb720d58c0abbefe41d19a4da9cf8e3

    SHA1

    60ed36a83b2229da08e862426123703dbcd464b4

    SHA256

    dfd9c04d6592317bdaa28c132a3d1f24f3ec6741dbb0f8e89cae6b665e6f4518

    SHA512

    c2cafd9d9f2ce004ad938429e1b46ae1ef10a61a5268b696e1b3e0f8eea46af62511a0553b21ff27898b0f58daf765cb366ff6ec65be9bd7c786244691cee457

  • C:\Users\Admin\AppData\Local\Temp\Cab23F8.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar2508.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b