Analysis

  • max time kernel
    144s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05-05-2024 12:01

General

  • Target

    179399c9471ac149382c4af8c2ecd8b6_JaffaCakes118.html

  • Size

    229KB

  • MD5

    179399c9471ac149382c4af8c2ecd8b6

  • SHA1

    d2c12f3be4acdd30dce94cc0c80e93925dae30a5

  • SHA256

    cb0688b44679e6806e13b680e957478d2499161b91cc229bbacc7f138bd0dd5b

  • SHA512

    8dca15d7873da379d94003671b73f5e23588f949723964c4d0b48779a5a5bdf79d7a5da76ee0226cf1a7e53860077781c7e2be57ed198d9f768d72abdaa91088

  • SSDEEP

    3072:Pf7gWcwBCUsUCoGvK/qVKPH2KcjZC5wGrXN3AtBAgG:TCUsUCoGvK/qiX5Atu5

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\179399c9471ac149382c4af8c2ecd8b6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2420
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2420 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3040

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    ae8c9336b0b27c4dd73161eeeba73c94

    SHA1

    ca198634f5752a460a3bf7a58f3f4cb91b6805b5

    SHA256

    6695f9fbc59dcdf71f98eca30bf634ea0cc4a0e3fae00c68971b51d1beb15b66

    SHA512

    292cb6deab64d32650bac32e4c5cf935d0ed398976ab98792fa7b08a65f843e847ef3890bae938e36a7850bc26072bbd23b2bded471b5c1472ee7a6111e89af5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    caf74be70d991ad0a7ecaf1b8c1a7518

    SHA1

    401f56419fe81cc0daf7f346e8beffabc90246be

    SHA256

    f7115b8e2d5e74601f8b02c872cd3a3c2297b63f98e681a5ec643fe4d0818e5a

    SHA512

    2e9a327db64eb6615243d08aca7b9bf6424c5d97e81a8312b0a4f62bd96fcc8812ba9f86646baf94d2f6aa29c950cf18c59f50e1a5d0c3c9d211f1cd8bc67477

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ff457d7394451bfdb7e572569ac216fe

    SHA1

    ffa111fa5429d573c233fa778dac408170859da0

    SHA256

    de24a187b2f0b8de466a08366241d25d52cc254b09e0a36c4c3d48aff7dae851

    SHA512

    f5797aa5db87d4875dc5cf61d31d3fe2303f4b578febe8f4030af8f39e1dcc2c5f80982589a9c95e52e9a91c252963c5159f9dce9fda9a165f5dbce7b69fcd89

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a80009cb3a0fa08483c446ea9241b903

    SHA1

    a9779e6ebc43db89a3bbe7731c85183fcc326e47

    SHA256

    d02e6168ae90ed50d8e189436e4770a7e235a23e95d874aafa4b6b7828d78b4d

    SHA512

    d9b876734a6fa8b3122a802719e3b821cb12a9cce300d3fefe41f8e90952d165c283a678ddc5f9bedb111f5b83fcdb69510c119843d566fd1b9de6ff1d88122e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    62c039a2b91dd460baaa1dbf28382dbc

    SHA1

    c99542a5f98e31016e2ecac3896690ec8197dae4

    SHA256

    57fa7d982e31dbacd6277f41eb1ec7ddc6e83ad8c0bba89f49f120487accb5ef

    SHA512

    85fa752466a57ba25f9d89b7ed8b40b3f2db6325bb305593fae86196edc7ec0a610fc764e53fa318136b452001e496b02b03e8fa729f71439ebbdccc5c2fe4c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1f284ad875441de1546b689629b2f6a6

    SHA1

    3a9236317bda737dc1470d2d0f24a22eed21379e

    SHA256

    d1937d15c7dbcfc8c0e426c11dfe0bc2127614ebf0f0362dea8e92e616a50833

    SHA512

    431bfb7f374383d365e571de4f8844f855ad7787ff15ecee40d280d2fb05492ddcb88af1328bbcf12310caf3a05f64cfb68a9513b55ae9e87b6727b174d002d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d0c6c32e47a210b85035ab9acbaed254

    SHA1

    6a41540810e3bac60703d9bfeb75891017d2cb0d

    SHA256

    d1ac450200136933db405eec06f29b0491dc7c25a671bcd702ae1dafc5b4f97b

    SHA512

    47b69a72b6a93a88111c617bbfc568663495b6b404cd6bd69cb2091cb497820ae7ac1b1ed94b7d8bac4d42634870ff2739e13eed5366d44543c28f8e543918b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c063fadd7b83387a68e6be983a3b5996

    SHA1

    2e00298c771fd26009fa478ae81c0dcd6c1d579e

    SHA256

    ee49892d16c41029caf2cbf8cbf9e59e39e17c75f9c2127c3d69c1332f33340d

    SHA512

    b1e74e0d5870574990761392161507710e490a5d47674f5ca3545d2c39546128e42167a444518ef0acf728ac9118d3f5b2f9c8fdf53d96fe8a7cdc05b6a53293

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    672d4d434a74c40786c775f2fbec0458

    SHA1

    696ac4a9c4121e8503483d3209d9bbaa963db20e

    SHA256

    d162d68f140162bf37cb751f9bc1709d8b73bf17bba6f04df8745b543bdb0c11

    SHA512

    a411ef2c63a9619ddd48f7cc7a258b8657b028acc8090e3532e82773e327c9dd06e9e689d331b3588407e4017b0605d2a5096899e6d8a0aa0b3d9d3fd59f6e90

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    17222468814ed4848ce9a66f591e9a55

    SHA1

    512fd51e4c573fe88f1160d1c854f387668d2d81

    SHA256

    19446942794e6529e8b01c37d39862d67bbfca5abafdfef63e9645fc13bc210e

    SHA512

    e6980372f72a58993fae6b34ccf5b89fdd7b268b75cd23f108214b388bc6f52c6418ae90dc59f9218ae7e1fb9e40a19de5e68ec1ba48a752f80cce60468c265d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6198c463b686de344fbf1125fe059d09

    SHA1

    82da5f90035ed7aff26abde85ff59e13c6adc8c5

    SHA256

    6ad9c62bd9a7aa1d59507359fb5711956cbc36a8590e29be303fab11cb924df4

    SHA512

    0ad04e9b24df529bc29149d388239ed77d36e071020d34b630fc5a010304e8850956c48ebf2016f5c0c59d76bcf91ddcef0591d3fd0fc17dac169c17a1012bf8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e8582809d1d1d18a8a95d94d35b9c73a

    SHA1

    68a49ef3b6ad9888707e14f9d9b9bca0febc34e4

    SHA256

    f39658e2240d0b74d2c2739e97495291672a120f23f6ef2cff87982c9876b37a

    SHA512

    12fef96a9bfdb474461d949815e3050ead60713f8a5df1ca376d8afbbb5ba04981538ad5d7f01d9c888a4975c45858fbeffe71edbf71f9ea047e2f5b74121ec8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    eca1fbf5ac09874c4286fb57a8390644

    SHA1

    923241043754e8a4edd5432d991fe3f1eab24eea

    SHA256

    4cc1ef871d1bbf9fec662cb6ccf112a8c68e28af4234c3075e243d0c4fab57f8

    SHA512

    db9204bc8c5e6f3604aa2d10222d236c4683fb19f7136cced9e7bf3cbdddd757b8553143b71255e0459c0994b9a4791e8c70d67523cba7178f86bdcb607a51d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    688762a5fd077c562726eaa9a39fc5a8

    SHA1

    9d25ac638390d0ff0fecaf565c2d0126cb364330

    SHA256

    9a82c2137f5ab01bdc8412497869bde1789a6841bcedfd930ae1b1f78c1ed983

    SHA512

    923df3523701090f2d58e128626c711a9287407504362ed94a3b7927972aaefb4d440787b32b32f97211afe4711a1ef016ae8b6bf043f736334e1f07cc193b38

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    430505d54b973a79a4383422d6b1e221

    SHA1

    4e90c62dd158f40076b3145582bdf76d30e304f5

    SHA256

    574ada9338240d560a0518a008256b934a734592c1ca9eea08094d52f22c7a4f

    SHA512

    1f5fa59319fe11e2ef7a658cdb086b9bb02e60046a96f87f1eaac974778a851163bdd5758dce914d37f39ab443bf39791f49b9857114619b099cbb8d69598fc2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6650e54e4af9fc1091afaf332b7353fa

    SHA1

    a98d73ef72e1814bc9a672963b164a4e537f65a9

    SHA256

    dfce2e6a16e4b8799ec925fd4f6ef92932a8302b83e346cd0d07c5809fa6c7f1

    SHA512

    773814bb48417ad4a551ccc7e1ceeb5ac0b819b8299d2cd081a68ab509ceb449fdced1f7fbe921de44658f39a7ef949f70c09bc17464124c2fd8cd0c21809486

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3e642ed051f1f837eef44548686edf42

    SHA1

    481c4baf4d713e2e1ac17812069d245575f489e6

    SHA256

    080bf9c0690de45096febd100ad523635151eb3335f9f482466fb975feadab7c

    SHA512

    4dc422dcf64caf098ca9f737784baa0a6cd5b5e290336626c7fa3741956f743b695395fde7aabb4892c1e0dac5e34a3dbcb198b9a931c76a685e53f40bf46719

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    91e083147c8ecb5152c86337663a3d8d

    SHA1

    38f0bb0707e398d4455cae40d727bd4e24396ee5

    SHA256

    15c4f20c67c2a2164786bbb1508a8b31ceb6dbdc062eb5e6ca7c4e15702364b6

    SHA512

    1d6904a69f5b6b97369ebe69a410b3128ebc3e6200100d17250188626495c33923eed72486b07e098f9a59457d89b88b5da8676d913bdb2dca7410c7bcb3301c

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\dnserrordiagoff[1]

    Filesize

    1KB

    MD5

    47f581b112d58eda23ea8b2e08cf0ff0

    SHA1

    6ec1df5eaec1439573aef0fb96dabfc953305e5b

    SHA256

    b1c947d00db5fce43314c56c663dbeae0ffa13407c9c16225c17ccefc3afa928

    SHA512

    187383eef3d646091e9f68eff680a11c7947b3d9b54a78cc6de4a04629d7037e9c97673ac054a6f1cf591235c110ca181a6b69ecba0e5032168f56f4486fff92

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\errorPageStrings[1]

    Filesize

    2KB

    MD5

    e3e4a98353f119b80b323302f26b78fa

    SHA1

    20ee35a370cdd3a8a7d04b506410300fd0a6a864

    SHA256

    9466d620dc57835a2475f8f71e304f54aee7160e134ba160baae0f19e5e71e66

    SHA512

    d8e4d73c76804a5abebd5dbc3a86dcdb6e73107b873175a8de67332c113fb7c4899890bf7972e467866fa4cd100a7e2a10a770e5a9c41cbf23b54351b771dcee

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\httpErrorPagesScripts[1]

    Filesize

    8KB

    MD5

    3f57b781cb3ef114dd0b665151571b7b

    SHA1

    ce6a63f996df3a1cccb81720e21204b825e0238c

    SHA256

    46e019fa34465f4ed096a9665d1827b54553931ad82e98be01edb1ddbc94d3ad

    SHA512

    8cbf4ef582332ae7ea605f910ad6f8a4bc28513482409fa84f08943a72cac2cf0fa32b6af4c20c697e1fac2c5ba16b5a64a23af0c11eefbf69625b8f9f90c8fa

  • C:\Users\Admin\AppData\Local\Temp\Cab2F8A.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar307B.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a