Analysis

  • max time kernel
    133s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 14:51

General

  • Target

    a61dd61305be3e584b42088c916a7723_JaffaCakes118.html

  • Size

    461KB

  • MD5

    a61dd61305be3e584b42088c916a7723

  • SHA1

    b231fd892a0e45738b4dae5356c47c140ee103bb

  • SHA256

    9615717a92c08a934908190c7a1f476ef53b674450663a7fdbb8dfe97bf778f6

  • SHA512

    a0bf3825803ce1e44eb3eabb39a43f23720fcae594ee159b8806229532ba85a3f368a8dd6c5afaf6a29d2d38cc3c2af28b47315239ab569ea78eb8c96eff0c44

  • SSDEEP

    6144:SxsMYod+X3oI+YLQgsMYod+X3oI+YGsMYod+X3oI+YLsMYod+X3oI+YQ:65d+X3L5d+X3C5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a61dd61305be3e584b42088c916a7723_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3048
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3048 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:860

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          0ada60337676bd429dc88cc2a05f4d5b

          SHA1

          a112bdbbc9bf9c5ac19860ce3c50717b249ae6cc

          SHA256

          a1d17fa904c835dd3613e7d2c054655ebf8ba994c545c73318faa5f455e5b19a

          SHA512

          e6dfc65c69101d5e0da5b8ce69b6858076b0fed2197b156b083cf24a830198a3ddf79dd82ba36bcf598134f8770ba912c204d19fe54d4277567299ba9cca8274

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          99195f2ccc0b47a18fcb3ed78e84f934

          SHA1

          24e5e3a4354505f52ffb6c4ed9f911effa1ef3f9

          SHA256

          8508fac2aac94572f8f4d4bc51128c118382ea128c9421e7971c2ee76d7efdc4

          SHA512

          73e44fa1b9f0e504f8d38200d624e13b6df18b4eaa68cdf37517f4619b8d15c661a69ea48531ca4449c9eedd89e5a1ebdef8886f18ab7952a6dbecaef3252eaa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          251b5bfa7aca80fe11d08953976efdd2

          SHA1

          464a39ab08ef5cf86fe87e0c3270a69f87998444

          SHA256

          ebec33c8cdd9b7d5389dc63c88e8e22443d4eb2f5fca3da6e3c8c49ac0cecce1

          SHA512

          77bc075b31b720b89f25c99961b372c66cc39ed585df33951f353a3e7e23f4206c964c5e62d311c0dd1da50ffa85dbf7ed4ef1dd7669202349fbbb7608a296a7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          507835949ff794b37cd35d76dee45d8a

          SHA1

          8567c7fe35c6ba6bb288994478fd378c9aad1893

          SHA256

          1a35d795939d70e3ba0a79fc58325a0cdb73d404b12838e42bbcd42302c097a5

          SHA512

          10d5c496d546b428e399e24f57321cb2cbdad5865568cdc9f7732b4682a81dc3a25c01795893f7a19d13658e83020717fe9f8e02a0532b4092c93dab9156354e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a2a9503fe449d8ba6523295a5889c2b2

          SHA1

          751d1bd203820726b29c22695d4eae83ee35662f

          SHA256

          376a6fdc20c74c934297ab8cefbb6adb057201def8c86baeb5b11ea2221f7cec

          SHA512

          6f4ecfaef8f84e82e304089cac32d43ac42644ee2cc7cda0d64314f581fd2d0656d80ebff7f32dc31fd6b9e3480ba33ec08ba6feceac8cd618c44ae155dbd53b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2721f99b7a045fba818daa9774ee97b1

          SHA1

          c4d9bf803d6ca48a75dab7b93a24de1cc27c6f6a

          SHA256

          f3dc759a5f366e27722db667c52c92742c752c2f6db957fd28cb6741b1073774

          SHA512

          d4af1fb88af183f8671d83ea27342df1dd68502cf23059c1a0107ce41a80ba4052ae1d1fbd98e0f906aca66ac955281011271618ebb61c7512f21df55b53581a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          58dafd76450d176f1124cafc246e267b

          SHA1

          452d08135d6767ba6100d703bcd308d0a7f2a5e9

          SHA256

          99ed089bad8e4ee1bb35b47e4b7b30c7837927af5f65a0703b078a1c44d03c13

          SHA512

          8ebbcd088d7e4300bd4b9b292f206bd8c64d96554318248e90477affd712eca816e2a36935fad75f734b2a72c923408d43c2b7ca4f138cea6fc463d92160c2a1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a54683390bdbf3a79926bdcd1203db65

          SHA1

          4d3eb98fda3246f0396956a223c50fae828fe295

          SHA256

          03d3d830c85134a673f120ef927470bc886a627aae43082e42e051e052acbc22

          SHA512

          6023a53a1fc280acb26d3c2bbff9c4b8931651796a055f7878596e8c8629987366d3f155770f9e27d4585aabc46d2e80ce0bb9c0799b96bc404e960aae2e2edf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fc3f987a4a73ad6148dd7c09802a0fa4

          SHA1

          3ebff49bb4e9e5baa037a84342656616f93ac558

          SHA256

          b82a57de1717b32ed3197100de3229e2023d571263983c5d84c8cf8b1dc58f9d

          SHA512

          7fc876630abff5dc01f95878815c9a7311db95a985eddbf9fbb96c5209a02d26fad306c7561eeee93e2a84bde76d908f643660d05e38bf7d81dbe3d25b2e1a47

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ae7100f20b4335be3562ae7ff20084a2

          SHA1

          8bba4efc9a94313c6dad4c6922966a2e33e9e661

          SHA256

          110d99eaf154d378a21115c218769931012d51fa5e62ba1870e07b8d238ae6e1

          SHA512

          a1219efd7bf2b84c66890c54d64a8b2bcc92dc0718fc3f7594818c1b37eedf4fc838eaa495ac2d62206c10430e764078421df268e5ae03e03b66a03a317e8197

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          11f7d443e0b7d65e11274eae54d111a4

          SHA1

          463a46f6cb3dffd2688ac06e5004a08fdcbfad7a

          SHA256

          082899023981e47606e257b0fb536132696ac9d7c580bf61dba87c2eb6c3b7a3

          SHA512

          ad12f19db6f1b8400a58b150debfa94f7abe2d98df1a7888afeb0e3ad293cd742d3430ba47450fb05c7eaa7575f902bc81e80826306a1d7ac2f7c556c386a368

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          11da386dbb5ac720e8ac2f52b70ad45f

          SHA1

          ea100d92a99eec62236a557a693091c78d8ce428

          SHA256

          89272072f1c1b177aee87797479ad215c6fe47cf2ab266965d02fc5bad367fd6

          SHA512

          9a0d42111ac7b2e88b89a7af4907a237c2fdc1e7231c263a1c603ed250b25219bb2108ee2e33e216f2b82cbc19d5de1c8e639ef841ad4c55fcda87a09237a4f8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          87fdc26cf479b3158233056ca3d0f077

          SHA1

          34d8688d03e9a0c0465194d4f4cdb8e5908b25ea

          SHA256

          86564002a148c9cfdc822e5ab4798ee81770c164e606ce191d79e37df78d02c2

          SHA512

          59343d9c6dc465296c1eb156e8c536e7167bbd5cb721fbc9debbf6115d54d87e1b813dde8f76d5bad34a3d0480f8f11068d91ff5336dd103684af9c2f6859d4a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3e04e202b2f9c5c396e45c33385c0091

          SHA1

          fc4439757f6684c66a1e5c0ba76698ae9a8c233e

          SHA256

          8dc66c0519f6a0bde950e831bba430e6aef8d6bb867889aee4b9b00292592d1e

          SHA512

          990e6ae5ccb5e0fb0ebbdac49c9d9c4b5f67babe58fb13d68ea87b5b33a7463a1410fed717df371d62e67ac53aa55b707f19cd82447e170a44c4c7f2c55e7ddd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7ca23ea0f28aa3f94861fe815820f8c9

          SHA1

          befe28be5a5cf876bcc2cf2bf12c1db2523ef0e6

          SHA256

          a1abacffdc9cdd92153770b05d5e1a4af5eaee2cae9f5a9ad73bf32bdc58a4e0

          SHA512

          54b6d76eab0653e790547bb3eda3f75ca340bd0fb900011479859aa6d3fbc4e6f309b859b0b4cec54b4aa3c4668bb3e67093555e46c2c8ce5f90249f6f1e9a4b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f2b7b9e927fad6b13a1719fad2d77d82

          SHA1

          7395de93fffb92269d59dda6de705789eed7f904

          SHA256

          a18e8887e7f81982cdea6ec159ce5077274998f8f17a4f02687457908953b883

          SHA512

          1de7be9f4a1ba2411dc2f87551a0a97cd05386336be981607ccc30ae28d8afc67c541d9aee43dc431369990e05179b23a991168c25cc29e28ba999136d96b833

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e74e9778d4dedbf6c1803d465a20b300

          SHA1

          f21f17e4a9b22bff694fac3d27f5a6aeee23dbe6

          SHA256

          1a56f27bb9665f48c9ef970ab65e4af016e5c4639e033ea19ae0f6ba3deead9e

          SHA512

          7281413f3c9463f53b9e8291dff4f455c3a78e0cf1f4a8e8820b8518b9a1e4cadb90da2a0c2c4a80ab031e14704737d60046e227f76e03b24118076fb5627edc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e70729fa326809706df54f63450371fb

          SHA1

          29433a97b43a9922d26222b8d0c71416fa009d89

          SHA256

          5ade257e1bc601ee8cb44f5d21f6eaeea985fbd92d6bc5df8a7336dba4dafa77

          SHA512

          6b4049bd7d9104b98e9ce2536c374f8bdfc1027beec16430ea72cebda761be0110832bdf48ef1d2dff264f7a682c640ae14bebe2982d306fda325acca9dd3e65

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5e19fe5cfb78c4f0ad47432178f63b43

          SHA1

          621f5b1b0650496c73619e303ba326e80a5fb53e

          SHA256

          744ea819996f9ab8c02b68422999bbe647529775d189fe79e85f8f549833f468

          SHA512

          d45a4a4984159d5fa56e82c37e72a158f357f852b1f18816875ef236b11dec2dbf1246f51c6b730707af3cd1c493dd911f41b904157407950ab271505b766c94

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          23d25aed2048ae49cb20cc35246e7a3a

          SHA1

          2f1f368a5c2cf3ad0e4aa2109867cc0876a9cbe4

          SHA256

          a6c6c4cdc716955ca0435b089a11c13df0e741f140df279f7f7001aa8f861c5b

          SHA512

          e375934f7717c947f4ea15adb26b109e2aa5043dc9b31a2084ac9ae26897b84570b33eb6d4a725888553d37e101ef80352adb66e9c1f827ed9be086c6387affc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

          Filesize

          4KB

          MD5

          da597791be3b6e732f0bc8b20e38ee62

          SHA1

          1125c45d285c360542027d7554a5c442288974de

          SHA256

          5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

          SHA512

          d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

        • C:\Users\Admin\AppData\Local\Temp\Tar4CFE.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b