Analysis

  • max time kernel
    137s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14-06-2024 11:07

General

  • Target

    a95a5ce76e2806bd0024d0c54bd4f568_JaffaCakes118.html

  • Size

    214KB

  • MD5

    a95a5ce76e2806bd0024d0c54bd4f568

  • SHA1

    b3e7dc01881bd91d0c5c27411c832fa5a3daef97

  • SHA256

    471f43695f813479be2c096e7bdaf53ea9b82453e468d24a4ecf346ea4c0eae9

  • SHA512

    0cd7e2c83bab20c477e1e16f9c21891746a5a01c06d7097374429fa5808b07101b1d347103246ef01220a69cc8e8e386477d3d3659a5e519a95c9799d2148f60

  • SSDEEP

    3072:/rhB9CyHxX7Be7iAvtLPbAwuBNKifXTJT:Tz9VxLY7iAVLTBQJlT

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a95a5ce76e2806bd0024d0c54bd4f568_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2524
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2524 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2624

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63ef7161db42994a60af9c593a21400a

    SHA1

    f55b504bfacce3a8af2a0fc12042f62c36d14d7e

    SHA256

    47f903e820f162af01416461cec80005dda0b00a62a5936c04676ffae6b173f6

    SHA512

    f3745a0ab8971eed207a56ab6969840e6c671280bcaa986c1e7e0363b11b854b8d01ef4184f96147d9aa333a63ff90444928e5ddcce972d2f71262b95d7eced9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9cd607db90c5c95e25a7229aff9ba43d

    SHA1

    a83218ed481e9b805c5c9e28a4ce07c30bfa26d7

    SHA256

    bce686f3f1e27d5d144357db5c94ebe8b46c993e4de5d8ec94de460de3abb085

    SHA512

    d9a3ff1193d12d19119a27eee7e5eaa2b70e789972d05a3fcb01e32735f096d938502477a3b2f7f1fcb1abbc0dcac522492592583b8b934692d51a557e2cc0c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    89a4b325ff2d6220e20d92c920397d2c

    SHA1

    a8fc80149ab9b1fa7bf8485ac5813731916bc894

    SHA256

    bc437d220c0becc3d56820b7342a64989d1ddf87b7dbd72aab164be5b71fb0dd

    SHA512

    69e95795125fc65c9c252ae5ca690bab17e6f91d2a09b71d8dc5011df7572677f54ab2d1f93976d8ff86e3feef4531dc54b38c7da8ea06a39508d79fc1f59f93

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    95d734f829c52075b2fe61f1f7f6aed2

    SHA1

    d812cfa800890de5309897b80f522be3d864c8d2

    SHA256

    b05b03b57f8631bf51f22075ce3975b7c6bf6ff29ea01b0b38076bf90b273f94

    SHA512

    d9ca9c0c60dd36f8807f8d62d3e6fd361036a3bcd21ac481e19d7f75f690bc71ba3721429afaf9de3696d38d2be393e3f3a4c07d72edb418ed6333bd9cd83a12

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a2976033f6c245dfefa0170047556167

    SHA1

    bab61949df0fa6dc8d4b0bcdebbc70a7039dc601

    SHA256

    e71467a29e95b8bd7825fee6a3ed3dec7a6b6c22df02e56d440e85766ac95a6b

    SHA512

    11f6cca6c8ac82edc4f9eaecbfc394d0c7c79f1ad37e07634d41803d42ea15f207b268e396a44328a99e54bca4ef0b36f564dc1d78e2409dd7e7bd3a35922c1f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    344940e3287309cd83609810eba5b73e

    SHA1

    ce46ea3fa7b9e31358075e8f45a73057095a5ba6

    SHA256

    16154126924b710c274750f5ff97b9ee12aee4b6d6fa92e699ada8c1df0695da

    SHA512

    8349a389e9300b9f8cc814dc33af4e0935a9fb99476a491597931c3248d13759165f118c5b0171272047650364e27fea52a29917285ade87c6a533dab2803bcb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a76f3d02f0ce927306fca59342f53084

    SHA1

    84833ed7b2bc269e5a74baa670cda0389e21ad68

    SHA256

    5217ab4f51d3eb65fc3a96e4b0d9654e4e367a613e8394eb9f66271a07e51ca4

    SHA512

    30c89a9a52ecff017befbdbf42c3be8c2a956dd40bd61be078055c685315a59e30daac390e3a0752bb204f38755773c88a3dacee6e4a7167314233e3e82ab7e2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f8e867288cfc48164b47e43f30519d95

    SHA1

    f7bd36060c09da2fff3b98f50eb6788de0c9c6de

    SHA256

    574006f8c01c6e5c2a2955942fcda02d81056fe4604d54bf5ed5afe4ee662fb7

    SHA512

    5092fd0d5325d6df343014db2e8dc159bd21afbbf5307a4dece759035b17ab967ede45d81a7626a2b2fafc7982a2cb57b638c4b7136d1a294e5a3a6e02d2628f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5fa1347dfb63494f58f146d5f3e60dc8

    SHA1

    ae5aff7268bfb03a64b508ad22b5346ee0308686

    SHA256

    f6219c046cd08273a1b20312835a7a8ead8a9191d08ff048d9d781df8310cf3f

    SHA512

    58594c5bb93e6e80808e485916a4712b0ea9bc1a75595059e3de2473462ad754da9a4f1885656bd0c79dcf325bfc1ee5be55146f1d24657227b40f02307df82a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    32084280c005b23b63f90516f7f4a4a8

    SHA1

    e9b357b691e399bf94fa9716e2e78d2d341ce8b5

    SHA256

    d5189002a24d1d4933a458e8d7bc69503a396ec2f3d89cb97b58c8c2ceb94a41

    SHA512

    6ac5ef4779495d415a821740a8c92c00c67366370bb2f0b0fd1a727d7af796af0b2d4f50b47a5eec8b5390ef3698f2e4e1880746807609d191874925dce450c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c403c40498e3f842146233230447df42

    SHA1

    3b9ccc81068f9404f034219416190ebb166c86f2

    SHA256

    6b9b19e11f25e2cb0e00873f18406077ad964adb3ef3ed57dfcb6d2efc8da44d

    SHA512

    566bf1bdb15783bafae870c10326f748ac40c2c43d22bef3b094e2bc134a26d7c53d585578a0331df0829fd84948499f3a04ff4c4aff0e10bf4846fb763c6093

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd18ea2378f20df23d05fdd85c388f85

    SHA1

    d5fb205c81f48e3582c2bd03ad3d7d462a2015b2

    SHA256

    203c32a34173c8d92e52233c7104e5be27d327f47cbe1d35cbac219808b2c7af

    SHA512

    1b4257aec02f6d1c371987e8a3a8483b8a9e136acc11356ffd922cb280f026be6d92892e5788c0cb0562df47734477c01735ef2c9c4c9ab19f0c72108fa8d15e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    941d509caabd6b107db2e325ddfba068

    SHA1

    d56621cb1eb42b8eafdeb4f1aa3bc98693a9c2f0

    SHA256

    a00c08f49b16d8655f22bf7a5425857924b9d94424ccfb6d79926f3651137d0f

    SHA512

    9539321a51240996ebd8c0c617f4fe9c528b6849c8574b010bc37085f9fd51a1f30a0900b94b8011c97ccd4e811d64481398e2e4f04debe6b4ff38ebb4bafd4c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63abfad3aefb848f4a0aeb8daa9d8099

    SHA1

    ab5a6ee735ab8438195d5336136013cdda5bd238

    SHA256

    2ef3f2767994837b89926ad86b857ffc2bbf0a57aaeee420e8c1906fcdff60b7

    SHA512

    a24099fd8b45ed1deb15e8db4b4958b8bad800a89cd9c27533f832e3f7282751fb2fa24d22e88096c397eca16da2a16b317a937de570aeaf6fa414aafb283774

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b3554e919fdb03201cc3d758e9842f29

    SHA1

    b138e948711f0e3082ebb7e0317673f62ab7d80e

    SHA256

    3bafa637437aae68e99ee5cee1fd83c919a9bd4f181d0d06a06655f36d0ec755

    SHA512

    e56571f385ad5ab6d6e4570553df8f7135a73e06fbc9a2516ef186e4311f52a4910d8ece974e90882a6d95aa7b920969ca8aa64f6093450adc61ac07d4c48611

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dea10856caadd602247454e99e1a87b0

    SHA1

    605ea74c8cec4f649506da4bb2d2e68bccb2d80a

    SHA256

    a7323e2b52b9c4bb15f1dc7f836fba6c9a63c4379f035476d45b4a2f0c812b9b

    SHA512

    dbd62e4d8a198fcb15becca60339a1ba0c6737808652c61b599df82ae428ae450a459b12aa8a7f4f2490b0cd7d5fd9a2e0e8af21ce46af7180a201c3331e3363

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dfa34c617914fa7745aca60fb58d0afd

    SHA1

    5df395f127f38d6479c65ddcc263d714af3683b2

    SHA256

    65372a43322e9992ede7751c040fe093753499f041ae6c7586910cc632f22b46

    SHA512

    43ee2b4efc0e33be3618a1735c288203ff44218e55b3553a0661dc0474dbd64eb2686509e9fb3f11b36350ed4a7d24e6be64f839df1ff7195ca26dfa66c2ce8a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bab57214edff4a67685643bbbc988443

    SHA1

    e5bf509a8aa17f9fdc8db73210a565a0cfb8591c

    SHA256

    1b6cb2d645680e3050ad97f20dff954ecd058fcb02ffd2c0d8bf955b80379dfe

    SHA512

    6ec7d5f1fa3233be2a258080cb929820f519fc37956885237bc8eb8c4fce6123e6dc6f60c596329a2668d686234cbd5eb89c0f2a70eda42750e51a70cc02aef5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f4bce82b188d26e33b0c47029d7f5a65

    SHA1

    691fc6c5cf382bc15d6bd003caa470b45ac6b800

    SHA256

    c6bba04b916933505b03e244483672e33ea5691853eae9f6631ec8ba59841317

    SHA512

    538cc8bb4b5652e6359bf2f42fb69f8c79c0e9a35d7b69f2104f4fbfe2a0cee26474fc5ec94608aa83344def7949d3ec9ea4a357092eb52781924be09184c77d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    656536502c78c6edfa8116835a0594ee

    SHA1

    348440135b48671f545f22b1ad314ca378c96666

    SHA256

    f835739c0c269ec64ed7b4886cb78be9edb043ccefc15af52cc1ad066bbce004

    SHA512

    f411121a55b1d6377e164fa51f2c6fa418278a426e59d099416581ab663d7f08f77bccbbb01ab6bf903f179b3a1de70c17b859e51fbcabda71bbc86f27060a37

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0abd668192bac6b41cadd7a8ad68fb5a

    SHA1

    eca04c27ab23a18f1d5ec493d70c7580aaa60547

    SHA256

    c2f0acef995f8c287f1189ec171902064c6cab1db5273bdb47dbd297dbd55498

    SHA512

    8fc29df2109c163d7b517ebc7cd7f4de5533dc68ec4a2fde9b6d3acb0b418959a04d7dd6f871f86a06744af57b0019b6076027de399216e0e6ddbfd1f43e9d34

  • C:\Users\Admin\AppData\Local\Temp\Cab1D62.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar1E72.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b