Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    14/06/2024, 01:13

General

  • Target

    a77aab0001c6a030178f75fab10b39ec_JaffaCakes118.html

  • Size

    36KB

  • MD5

    a77aab0001c6a030178f75fab10b39ec

  • SHA1

    b61f449ad8d4f85b9d5768e93eef93f745ef34d5

  • SHA256

    1fe58cce06cc97b783ff4c855eaa5f87f57d12e256cb40e5ad19df98e39178f8

  • SHA512

    b5d437789efb115eebdab2af6eb11eb34f5337f5aa71810fdfde906d569010a077c45c4ef211af6fb0957a86b29e591fb36fdd59ec18dd23a7c8933b0cf108a3

  • SSDEEP

    768:zwx/MDTHV988hARxZPXcE1XnXrFLxNLlDNoPqkPTHlnkM3Gr6ThZOg6f9U56lLRU:Q/zbJxNVNufSM/P8VK

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a77aab0001c6a030178f75fab10b39ec_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2468
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2468 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1796

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

          Filesize

          1KB

          MD5

          acb20d7f1b3652fbe2f79f6f55057100

          SHA1

          beba8a4b856c1d796fa7e5fdef20ed799fd9cc28

          SHA256

          e29ce95c8f8001a01f4b3dbefb2c81cdacef25c23d53245597fa30ed311d7e5d

          SHA512

          ce452dea59b8eabd6a69f70b397e53abdd90faec75f3d10982829bf617ee78d472041570137b384869c6dd5ad4e5c0461031a9418940a42872cadfd45adced3f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464

          Filesize

          724B

          MD5

          8202a1cd02e7d69597995cabbe881a12

          SHA1

          8858d9d934b7aa9330ee73de6c476acf19929ff6

          SHA256

          58f381c3a0a0ace6321da22e40bd44a597bd98b9c9390ab9258426b5cf75a7a5

          SHA512

          97ba9fceab995d4bef706f8deef99e06862999734ebe6a05832c710104479c6337cbf0a76e1c1e0f91566a61334dc100d837dfd049e20da765fe49def684f9c9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

          Filesize

          410B

          MD5

          3b4862b20fa65e28497be8d58f4c75a6

          SHA1

          b37bafa96a590e569cfb653cc97aef4772584f07

          SHA256

          bab46bd3470a39fd9ef678e51ff34a622baeb78d78585473723d81168e3bc4cf

          SHA512

          23eb753df37b0972a8a946e5a958e475f2fba5082c7ce92261f763f8258c9fa467b1081324c4d0a95a493fe61466a20f09536770b49fb4ed186add6871c1f766

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          8392e4eb82fe1b47ceca87fe065db484

          SHA1

          68de6b0f00823acff12aa0722e6d079b2ec4ca43

          SHA256

          203867a28e01aca8bda41e71aa807a7a511bdffdf37ccca8c6461644a4b4275b

          SHA512

          4136061037b9a169de41fb5b846e5efd6d87d11f0a44f244fe9082ef90b009c0b6be0c62995076089512936d1f0ebfb677b17aaddd39daff6a01fc2f8d41662c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          12056baae11bd832446fc2cff75ecee4

          SHA1

          b2faa87156e357d5006b279f015bf182c8daa765

          SHA256

          62ebd4c4c1b0641731e8d777623cf2d0826a262039bbcdfc55e30ad78b5b5467

          SHA512

          891fc0a779b51c085eeb80866f7c705d7b87fcfeefd9aa29e6c9f4c2a1e540f1618832d13247770bfd5ffae68cbb91ea8ab506810a4cbeb0970dc30199acad92

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8863e584e1c40eb901ea1afbaf7e1813

          SHA1

          ecd6bca2fe455efb9073d6e3ccd6300d5ae65247

          SHA256

          2016551c2f4d70036562332be7d55028e3ce99b0350d489dc1835a1a7c6928ce

          SHA512

          fdf31eb3277cc5dc20afc79835949b43716b6b04fd75f5f4fc2a6f1c4d159d60443cdf37bf52bb92c69ac41d1573011eafa8bf349dd88966e5b004c5dc406206

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          db88031fdf4f7c7a6b1b51c012094619

          SHA1

          e11f6350770aaca473fe8d04b30b729ed0471259

          SHA256

          54d10a2309975acec54c04eeb3ab2325a065475a3c69a4883c601d64b0550dea

          SHA512

          b2bf07436598f8c5ad828974bac0a47ac40cf8a0fc131075d8cf0732e28bd35e66b3ab55804d1a23c335643b7f8e363aa4abcf814b38021347f474276fc7feb6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cdcc959ed9091ebfcb073fbd9d7a8209

          SHA1

          d294bbe3ce47539a93824fc8edc12ca4961acd95

          SHA256

          20e1d12c7c167da70cafaa1f7922841fe52e88886a422832ce97c2bc391c7593

          SHA512

          2905e3a21f0005e4acf3eeffa7bf47eba90cabcc6c0a01ca780146dba3d0813ef5e85fc3c957ebd08dca6eb7c9e49e37cf952339cc83fa9411c63632f15fb735

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bd132556b565fa8a606b93e3cb6af7f1

          SHA1

          a0555ab5b0363b04494b7984c02b58d4de75ddfa

          SHA256

          6abc4c40982baf106ab425936dc8a52679037e6feb3131e88f35dbe0eaa9a27d

          SHA512

          d7d0dba977f835d021dad62f6346616aeb491716247c05f5d5f465cf45d2481f813f62d908efa0b35ef3dfd73bb77ffa11045481812bd3780e66747f6997d67f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bca277cb621459ab58608da3a5f7c235

          SHA1

          eafb3d897f25f21193aeadd7080e4073457da2b6

          SHA256

          cd02352c0d741729e76ca5513d86cdbf074b0bbf374d6fb529367185a0f15f80

          SHA512

          9709c56602036ac80e0163ec15bbe80c65f0d211ff5d76a47fa6ea1c0fbc54f55ad444f433037fe837adb64203e90ea72a38c86bfc9b912bc7061757c8605303

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bf3a9ffbb3cb14c84c8be8bfe8cb894c

          SHA1

          d531b300aadb33e70771b52846cd6c8c2ccd3080

          SHA256

          d6ba52bae9bf0969de1301b9dec8bbef5a80b3fa6d86ba84d3a044fad04469bf

          SHA512

          15dbb2a2a0d1183af012e9fbb476ab3ecf98c7561a22720d47d5f35059dee463970aceb8230342faa5c268a6c6e029477939cb884a807895f13464a5721e561f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bc90960bf424a6820acec8aa5f910f5c

          SHA1

          db05185b7b3838d51b05926a15842d18d579dda4

          SHA256

          3d26fe85f325eb26b67a13dc237c9712ada845b4d687e0aa50301fc820d51758

          SHA512

          1f41209895799d584dbbaf9a2ff67f362d63449a23815425435dc825a953ec2c660296bb0a807d490e20f898b8790bb4db576963261a33bf7366b96d58f16f94

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d6a9ad27f59fb8229abb91f7471799e0

          SHA1

          c62574eba16dd8bc171d3150c1ae0264bab174a6

          SHA256

          9274ad3ede1299f2555baf1f3ee5190b75209d4664f3f4be7296c8492db24e3b

          SHA512

          2d4329cbdda1e1b4958518e1f5337594cceece9db3e6b070f28f8479e0091a39d4bbe7096fcb876c92e823db178dc6fa87fc83e72fccdb937a9bf487c67dee40

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          59076241d51ca4e9d5975867b6188f34

          SHA1

          5dbf43929f941c91888a45148a568f93a820e05b

          SHA256

          f886f84ffe536794d22b07d96155ed8aa3e0f8611a7c9ec52ebd9b5bad224dc6

          SHA512

          a54e559763176f8ccb1202850d34daea565e01ad20bcdce60e75e2032fa98118674d8cf673b7b7bff6a809b3ad63157787feca1e2ac4cbee90f6e1aaf8595fb8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          64eb36dcd8aa230ac84a33557add39d6

          SHA1

          b8eaba1bca7be9417015c14d1858fd8aa67c08b2

          SHA256

          b59da5fc7852683b0cf29921184d5dd4bce0c1bd0f4c0afabc29cdedda21d29b

          SHA512

          495b309f25c3d65a50ff95e4c106389fb1b35e5b8c2b2329a8367f65e6e808471a07d3c71dd902d2797e1e87ec293ea7c85dabed1f2204d15c1d7bcbdfd18380

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4cde1ee3599d0cf269726f0b3f2bf67a

          SHA1

          17c1fec3f8c5ed9625fa9fc8da091e985b5fb6b5

          SHA256

          cffc7f9080c7e24ace516dd302448a3d55716d57b32adbe6faaad36d1db018e1

          SHA512

          59e5a1d9ab9be71addf03910b30a28ddc4f6350339d4a706b0d45fcc544d0c437391b1920fed2542b9d617becfc2fa413a29b7b1ed0d1ffdc7898fac2eb96818

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          cf266bf1b1a41e416035e050f19cc936

          SHA1

          a465bc0c67263c733fffd73b2e67510090356f2a

          SHA256

          28edfcf5588e34ee7800ff5f3f61f08ee7a3cff86ab3714d18266596af110b92

          SHA512

          b13da049965e8b4b689ccc41d57cf6a2f98aac3250221199b159936f4ae3a424e15a360ee6e2659722654eae488ebfa0c06e93e8dc07fa912b010849946aeeb8

        • C:\Users\Admin\AppData\Local\Temp\Cab1420.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar1422.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

        • C:\Users\Admin\AppData\Local\Temp\Tar15DF.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b