Analysis

  • max time kernel
    144s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    01-05-2024 19:44

General

  • Target

    0cadd4033ec1ddfb5feaf4b76b618816_JaffaCakes118.html

  • Size

    26KB

  • MD5

    0cadd4033ec1ddfb5feaf4b76b618816

  • SHA1

    11e800569d92e5a7a900a2e99dfdebf47a18b4a7

  • SHA256

    f2d1993757a870e1f79c5decf60a8f87de8feddc0228e1632b4553af923faa64

  • SHA512

    3f89cd346a0b194f300a36e9a76f00cf2ba75af452411c91e3e97e29fb1b83ac0a0e3182f4d43a70625594407e85161ae64a829892b7f753298624fbed26172f

  • SSDEEP

    768:SKzdsFqvfudlQVV1C5m1CCCcmzm3C/CnCQGoyB5VTz2:SEdsFqvfug1C5m1CCCcmzm3C/CnCQdQC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0cadd4033ec1ddfb5feaf4b76b618816_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2352
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2352 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2564

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    4fe1f17df1bac7f0146a1b0662b50df3

    SHA1

    bbabf556a05691cd9b08b28194e70cce943ebb2c

    SHA256

    3bb2094c565ca352e3f3d715584863891a01448359bc61e3a12e1d743341f0d8

    SHA512

    d714f803cc2e8e06637bc2300921ce1f54034f661e3c664a55302a00fc7575d70039bedff6f41831572d38ceef529d48cfc8827eb0ad5fc6f7b005724236eea4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d0861005a94fb004302c88eed76a918a

    SHA1

    8120ba04c4e96261fb885ad533c48b5731a05ab4

    SHA256

    e740503ce4596c15f285734b6362dbad2e30b235c78edf5f015c8e84cac0a32e

    SHA512

    57436bd72d06044326c7acc1139a128fc50768e4eedf3329a247b05f3e51d2c9ca280428ba548e0a97bf392ebdcccdc4e257aa858578b38086b0db4188a01ead

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    108f36e99b08133632c995a7d0a97e03

    SHA1

    750c477de34436575c670383eeffd3f9c00b79e0

    SHA256

    be2e93b482c27aa87e7e6367faaf7cf6edefc1005cca276d2692f9b165ac76fe

    SHA512

    e0af17a610c2ea313060469fc5035cbe8f2076de78699ebf3f43a0e54d6594170c2183616ef4317dfa15be68ca159a5b5f848778177582d441a9020449a8be87

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8f574c220f6d7fc5819a30a087d6d29f

    SHA1

    4518c0ea672fb5b246f491c2a8c802f5a08a1733

    SHA256

    0b605ec2eddfc9770ede82fcf5a63360da34ce68c5bf38b75e4b133b2a9f1812

    SHA512

    0903bd33f7bb33749f6f32be644807b3ae6969c832aa82568aed641a48a4fee1bf39acc986e4ce8f48721ae113196f098315c78ca66ba7f681de5847a4312f06

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d2d1b1fc34a0bb84ab7182376b1ecbc5

    SHA1

    65808d90db1c2347832a8dce7013939d468f8455

    SHA256

    454e461daa1828155396abc73f79041f9059b321f4e6b4349dd9c525900d6c88

    SHA512

    8e7be9626b8727783710dad509e6161e137c7e6dba290a19954286b392233d594b147b54bd5916b78cdf211ba48f21c0778826783b32c45e93fcf10f57c43b88

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dedcbac7120e75ef8140985685dbbd3c

    SHA1

    4badedba10815ca1c7d53dba573f688103009781

    SHA256

    177ca55df4cc5a35a1faf1990da141e5b7594b3e70d45a45c1fc12bda340b5b4

    SHA512

    e147311311f0957457900647259a421e7d783f9b6ac19684b09ec9e2ed4408e9b226ab5b6332a759f6ed819e3ac4d8e2e0313d163668e891a139383169456b83

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c47dc91ea95661eee449a37c46465e86

    SHA1

    7eb9e1abc85deac4ae1214dc893bad739c6c5f1d

    SHA256

    9174ad4e3b8d5530e27015d9746aefa9cd117ee90d6576238a7d3638a9aaca75

    SHA512

    c814e3f63b1276fd4ae0f226d66ec57f74f563090d6753bff2bd0ef29851e988c20eda0417f1fa1e0145ea70c477f40ccdcad896cec9b840732039dc320faec1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e09747ca33a16d04b309b65d2644eb9f

    SHA1

    f1350de7f625bee272774541105927e4e390a737

    SHA256

    c6de492a46e70beef3412b03a3daf931130b3e241aae12f6a80d4e4d7629bf52

    SHA512

    1351aea4d18042b4dc9a4a723524ca1f30fd1f5ce000f82b24248c4651ec70bec7df615938297b0aef70da3bf1e6263aac7a82ccf6aa45a56254f3c3b6554d97

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    87dcc816837ba0359e0988e1d301c13f

    SHA1

    90d96325932476aaf6fa97a68e52c0c0852b3e76

    SHA256

    0eff58b0cc9b97aa13ccabae73c732bea0dca6ce09b6de0c07c35ef93bcbddb0

    SHA512

    0a9b88556971a7ebfdc4b91b6d3efa093667f8e924dbd2d8ea04463e0dfd8be7f5898ea1981f8335f339096385f1a224868bbb063ccb2925b1fd8bae65520db5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bdbcae414c9e5b4fa4f507915ad4a050

    SHA1

    5fd13a0bdea2b82e8dd5f4128d03f736f25883a2

    SHA256

    eba671aaafeeecb40e42390e06b622aa3b2d9b67e3d951d270ad7d49f57fec26

    SHA512

    139783ff2e0af603a3bc9efc90c079346f1b315e5bb8a4818a0f366ffd92e3a9db00ee6d7f437023b9e6fd9a2f247de28001a25e488edb577da70ada4b472eaf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    80159b9a193cd0db8697d01e9e7c5f37

    SHA1

    74c76ec2b9685e7e8015e5810f51018c63b96a99

    SHA256

    f11b3ab45f6e6c8f67a185de86446835dedae1634f8066ddc7dca535521ef6a9

    SHA512

    988395228707094b5658dd4ce27619fbe4e34bc97981436df7ddcf426d8ca206365ad63384f3937065a2471d93af75f217d9974a3015bca99d2ae1d21731fba4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ac77d3bd74ef4297bac4947e6b371a3d

    SHA1

    74de83948334b7f71c7d1d2c8d7805f51ac35170

    SHA256

    a8e6282cf64faed7a8d6b0ea6d0a1879a4f7bd727cffd2d1fd3381f99aee0cb8

    SHA512

    d9d28730e4658172e6f650d18bcfa4c98db8f1e2d7007cccf5315b4f6cf22abddc5c0cf97bb0dda01d148940e19d05dffbe288d7360c33502c4a77cbb5a57571

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    92b1911ca5704bc715299ea5150e7e98

    SHA1

    dddf5aa45095bc5c29e29fcc7713b995234cfab7

    SHA256

    ce9745e2c92a117c4c43711bfdb401eef2ac2fb6ac9f0ae6d12469c6faf6d2df

    SHA512

    fac022f42dc81382fe39f2a6527d668daa3d40e4905b635124b60babb7d0a7de6ad64e2542b69dd388549a4cb0db4bf588caa6a518628776c9d7544dbbc2b667

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0da80df669f332121f68e14b59c08085

    SHA1

    d8266e82b3477077347e4c2fca9b81241cb3ddbe

    SHA256

    9ed4e22cf89c07cc1e62cc217bb5c9847bc73725ec53c3567765ca77583fab4b

    SHA512

    d099444c93bc9fc5484064092791f9372c1a770754ff4a93c52d28cada2b8d6abb9591beab9df5609e0a4981e0a98bca413159707fcd9cc469109713e939e4ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    898eb4d54b6813f5518b9e401fd927d0

    SHA1

    d7049274abede733e254e99878c7e8b0e8e775d2

    SHA256

    48521cb5d2f8c712e365be3481158d7487ba8aabd1a359d7fb3ed899e092aa90

    SHA512

    b1ec5c57af973a98916211e17ef08fe2cf9a0953f813435637c847f883e2dd99188c95fa45219020ac8099f1ad08aec07c9a5fec6c1ab4f39e4533323cbf0b17

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    01d4cff142c7a2555096ca031e6eaba6

    SHA1

    eb0d0870d83409ff59c5fda1742f5d49844d97cd

    SHA256

    714ee48727da0e4db96d85743f7600e3b55e2008130b5f072b0a37f834c44a70

    SHA512

    33bebaf0d201db7b6666f9189ac7d542215e73ac0761a42249d7cd19fa655d1b11a2b40f63490cde3b1b0c26b8c4cacba48499704c4e4faceb8a3297fa1295dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a40af8b577717c409b6f2756331df665

    SHA1

    f8bbccfc0b7f5394d98792faa6d5d0a4a521668f

    SHA256

    e106d371dbfde487f48fa1d2dda87b3819f13ed4a11e1366fd8c85b6a940c5c4

    SHA512

    8a6e5f02c08a7c8df542b1201d9db07ccedb9f4d637586699b554126ca2697adfb2f5d57cc23390e864f2c4f097148f4f3a948622060cdc0931621327d562d5f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a0ce4f0da2241bf9311d2afa8f362622

    SHA1

    8fb2320caddb50772956f1f88444cd2890f5d2f2

    SHA256

    527665a2ca932b99643315df3c5103ef98b06e6e9b0cd5d3d93142f8fbe2a7d7

    SHA512

    a2aa84b517086dffd01fbb59619117c1bd78f93088f9eebd1e8310d57e1ed04da045ce1d8ab98ce5e0ddf5fcdd0a7153d584de635340d0af6da5dfb885f9f12e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    93891953486bd6394293147442a212d3

    SHA1

    a476cd970e4eb82658a6521fa18081f8ddf802b3

    SHA256

    7de33c655d14c8d6053de004862334d5916a702f0f0f2683afa54b63a9c1d7b1

    SHA512

    473af830d08b071ec8b0e4c4e07ad5d50a421e3d44cdefaec3abf88e4a2c09c3a3b725c48d77609bcfe5502702022b08c219766b11b0fbc357e7b72944da1f54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4e2f08ce5ca8949bd1b08537451eaa6d

    SHA1

    7773fdf6ce70ca1a9fa595e332db168d2c439e97

    SHA256

    195da663e5a3071b9748c0600ab98926c510d75902f42b89c6804f516c576a5c

    SHA512

    43c494a009897708cc3ae46a7db0dc34bf90ca68aa236aee5cb717cb1bf578fde32f3e171c663671a1503ab13609010de44e377ec88735c1b6ebe63cb10d59e3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    67e83a7a689f64d8f1a23539769acce0

    SHA1

    0a3cc36421a87b6d42d9c4a59920101ae65fee46

    SHA256

    a848088f5148d113bc2b59c660612eb6edd8fc1ee73432c180f71893e842b481

    SHA512

    34d4e8605f6badd41972f071b27cc6d9a105c55cd2eed29a803ade2705a731c1e34b575d107a1b183a2cf5dfae00484a3b99c127b55642a9d810a6ab76832bb1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bfca0a28dc75828f8d0f62a28bef8b02

    SHA1

    af8c14d9fcd8696c64d26423769e4322d3f3eef3

    SHA256

    b646d1d5182954c11755034aff690f3a25a933e7d04da1d99d5d00a7d3e6af62

    SHA512

    a5328ea516989488eb9319840cf6175b2430a798ec2c92f28cf23fcd5414b018eec29f8d7642404999260b95d849f4eda209931ffbc4b515e660f126e52744ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b34abe2ea2deb8a3c6b4af9662b860ad

    SHA1

    0a63d16966d1345b7234db2a0072db8b375c4ec5

    SHA256

    aa824e1b88ad1adbe2c82a30fb98cc79004ccf430ce9ed47f3d803df76e975b4

    SHA512

    f16c0b873df5d9a264767a6a48996a023ab1cda7045c5d5561e0a8ea560c7d1e67048752d1d703affe98539c769b362dbf5e8ed444edbc0cb5e288801d2f11f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    dc1b46ec1720cd6737aaa1350501f83e

    SHA1

    9ab1021cd4dd2b6da6bb7543f5306f78116ace78

    SHA256

    47fe0cd6ba0c27228beb6923549b3f2a2ede05483651f628cc05f1578833868d

    SHA512

    f40faedea8ce03210e16c57fe3b3bf97765b1cdde73cd1117a92390e8011358a4520730a016744458ca5716e175889ea8b692d2daff67a4066698897902b9425

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IFGNZ1XG\superfish[1].htm

    Filesize

    122B

    MD5

    00d64a82ba2d055e5facd3a30efac924

    SHA1

    308e275068e3bec5effca608fe9df2008c979650

    SHA256

    aaa3feed097fda6687c7c27860c24980f3ff105b6f326d10c98854145e9afa6b

    SHA512

    1151e227086964ec19c11eb388ace411a56a6e1da96409b2bfdb5313fb5df75223add437a653decf3afdfbd2be2cde421c512f9de423ad74f2ebbaf81119d8fc

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OOWQLMJV\master[1].htm

    Filesize

    114B

    MD5

    e89f75f918dbdcee28604d4e09dd71d7

    SHA1

    f9d9055e9878723a12063b47d4a1a5f58c3eb1e9

    SHA256

    6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023

    SHA512

    8df0ab2e3679b64a6174deff4259ae5680f88e3ae307e0ea2dfff88ec4ba14f3477c9fe3a5aa5da3a8e857601170a5108ed75f6d6975958ac7a314e4a336aed0

  • C:\Users\Admin\AppData\Local\Temp\Tar26F8.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a