Overview

overview

6

Static

static

1

25cfc0181c...8.html

windows7-x64

6

25cfc0181c...8.html

windows10-2004-x64

6

Analysis

  • max time kernel
    142s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    08/05/2024, 16:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    25cfc0181ce36f19c8f52402b6304973_JaffaCakes118.html

  • Size

    95KB

  • MD5

    25cfc0181ce36f19c8f52402b6304973

  • SHA1

    cd31c53cceee60f7fc1651c68bc8a1c4ca58d1ee

  • SHA256

    4b02ce20593aba075c8728e87f1cda077773a31a0ff6788131151514891ba22e

  • SHA512

    a442e35895c99193ddf2fa8d17d04f0d1158f7dac050704e602ff60f62cbe806fdb8d57f365df2ec6885d497a279ca53d26d821be905d4495276340c764daa64

  • SSDEEP

    768:3lkNdjVSnSWN1r8aRwQmnw+Kje2ynfCy05qOnmViwEN/vI///W5gvV0spxDkovjs:KdMbRw5w+AynfH0whblR3vjjmsYd5

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\25cfc0181ce36f19c8f52402b6304973_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1732
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1732 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2548

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d783b2f0a45d05557f76e12d5556011f

    SHA1

    72121fa50af12bccf6b7f911c1fe5260b429feb0

    SHA256

    527fa06ad6a115fb7fe0e4d25667d344a6f775b8318d031fe92acc3cac9b8f78

    SHA512

    c6c8a494088e6a2c2a94b9ebbec74c8f8125bcfde9d4282067b295525568e8532b8793929563c25336f4c28873bc517b297b7459c7b64bdde3bfa7be0dd3e5b2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9deff8391952f36d4ab68afd6b8a4ae7

    SHA1

    46f28031db7a538e6627b0eab3b45f9abc3f3bdc

    SHA256

    50e60b1993f32a9030afd2716cfd5bc36c3831a5cfc22d5c3328f695fd398f20

    SHA512

    4fec0c57af23fd0af6855f0cec4028523484de47a01520fa04e564c42d3f37bf0ef5b72c3d7f8587e270a73d5da34a5490df5109a2fc32f1877dddde458fc64f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2d2d49ea59a3eee5ed950bb19b83da1e

    SHA1

    89503a644558046d99d98e04641eb0c808ac24b2

    SHA256

    73411c2fc2599956d4de1989e92706f07f5de0d9919107d7bf6ad35410e6c8a1

    SHA512

    fc367aa4692d35c2c6bd9f729a87fa3e317c6ac48d676f9851feff1668287c5f3418a71bb94832de4041f3c94bd2b7e63c96b5d8ab8ed0e5e9a779c094812e4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fe867a931ba41619f6c0e254a88f9078

    SHA1

    7d6ce3be110f3b2791942d2ebc3df1aafb2823d7

    SHA256

    71fc66708e65f68b97972855a3cbe0da430f6002df0e18a37c8e39575239db27

    SHA512

    9ceec9956d9adbcc3f85a961eb79c87cbfee53118bdbf109f74f6c29875486b2bdf8e373bd36e54ce4f0b1103e72dbf0bf1a5ccc56f30a5542aa1a3b122b161e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d7c782dc82c8866473cb15449c64555e

    SHA1

    74d1fd1d5ab59e663f26657fe90ae617001ace09

    SHA256

    03e62e32f4b9d58af234744d13b4243d197ff00d53cecc1782004e8409154ede

    SHA512

    1d84aec22996c799a51e5685debf3170968f2d0ffc02f225289d68620a1ddd3908707e922691b7b4a2660278b8a0e08ed26f15b3c9414f03b7f36ad559503558

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    724c94e7952baadea0a5c37444d73999

    SHA1

    b016f18144166fb654012da91f5c531b44569bc6

    SHA256

    1d5b1e19297678954a5a277a1956f48631523b33b466a19e87f6e85ad9fe685a

    SHA512

    1f1d764db566a61dc1f83ee3ad767db4d57d80819524c0c1530c328a957d4da5b8ac550791c2db5e4b87d50ee5c46d4cf1e531095912e04e1cb1c8777b6f9459

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f90ec14b23e1e5a4313f79efc5ff8375

    SHA1

    366f9daf9eb70eff174f76efaea11ff0bd6099f9

    SHA256

    ed8cbaea2b0d2873ef18de4dea13ef1dd5ba2cd86db2cf43044d4dbc22b98cd2

    SHA512

    11dad5fa0f1cc78291a52e0a56c5128672e005388b1cafc3793f8fc4001d74dd42254be40c723a2b2ac367c39e004a5f17e2c4f9685489db95c0fd17ca191aa7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    960ab71fa1ea2ab3d4b7f883fe466f96

    SHA1

    251fdcef8a9996b26817bdeac9c8215b8cfddfdc

    SHA256

    628da66f75af55c6fb11d6fe84ba5f8114ddd40973e725543be2d3344ed28427

    SHA512

    ca833eaba3c64f99bfab5cb58f6ed19b1d3b11b6edd0ca29a13f0e1cb20de1f4e944fc9c9f9617699f1b3833f072fb91032956d438bc5028787fb6d33961a7ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3aa5897c17a46a0ac374314a98015d90

    SHA1

    d429530b23b2a7022fe24531565bce1050793e47

    SHA256

    e966ca3662a2cd555fac93dba9b5a3fe878bbe3bc5103fcc46107f3e513a21cf

    SHA512

    8858ab774a597bc98e96b163bb4b4abefeae646ddbb98d37ef4d9e20e569680bee689dc54031db9944cdf7f08aee311440a5ce6e5c21a973280ad40aa7fcfca4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c99eff2fc6715ce85f7de364e05ae58a

    SHA1

    b2e02a3ec4bf3af0f82cd0a0f4a10c039ce6e4ad

    SHA256

    022cb4fc3d5f6070ba2eec5ba445a2905ad6da983f00e1e12bf178a9af558d6f

    SHA512

    eba6b60923d830d45b36f354cd4ff28d545bd0f6583daf1f34f99864a1b9c488426dfbfea3ae5ea85de82e20a7ac1cedd299f09fabdf0538215de882bcd06060

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3dd627fa005c0bfab13729b67c6cee2f

    SHA1

    73c74098fd2b024fcb5c811a9d8f39b1638d2210

    SHA256

    58b578feb095d56b27810f4a001a33853e9c0393c94dff4f5ce45d4cf53ca60c

    SHA512

    e0d2a31ab6e031723da8ef4c057127bf0aa95ab62a5d9a601c7248772dcceb81ef4b41e3d9a001a0935cd189a02def6c9ce5c04a2e8b5b85eba8907398dc953d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a208cfb724e2272b45ffa0069f18d936

    SHA1

    56d49a8507095110ef314c4d753e7ea21f81ace1

    SHA256

    841f0e9e5056a353bc861e5043f716ba1bb818c9456bfb663253179b43a6ed88

    SHA512

    abdc527886d553dd5824be75a0ebdd0d0cf13e8c3b4555714a53d88796dab3882d54c06d6a0ecf00160a19b37e6eee4e3ef2c1cca3381494afe763338a5d254b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    68e49e4241c8a3c4d1f748c3bf85572c

    SHA1

    b8a5d563e4a991e9b8413b72f0c3cf0148b0ba5b

    SHA256

    d667ea3e4a1c794403a0228c5e99e2ca7bc1028857ed0485079d2ac48da32666

    SHA512

    8c40f42c1f0e897d2ec9f09d30088c4273f4f3e701ff74ce1d18a5eb492a53286c2afd52784458025ffb3df505c16c578ff406105dd05930da53bba5e4bf9323

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4fb1046651ac23a161634a1ce9582ec0

    SHA1

    661b0b42a11011330d8b23e7c44959423056e984

    SHA256

    c78fbfdf693755b0b8af3c36a4662da0cb6f143d709dc95b881570c5604859d8

    SHA512

    35ef6f3b8b4d29aa17150970ef54a4364d04917ffc6b7acf2ffa5c62597ee359de8d0e78c74d792cd1a8bdae0817511c3eeeed3c110692dbf4465d5fdc861b88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c0198175bd8032a5cd1ae0eaf7f56430

    SHA1

    e870c75cf2f81e377efa0931e302006cae4db363

    SHA256

    6e476871520bbb21f8263ce492697cabb740ae6c0d683e3b3076986d8122ef98

    SHA512

    e82df2bb1548f89f710953df489377d477bc02f1ba6932225e7402517f5a2e376b342632cc81f22aea79227b7f0feb81f5fbfd67f5e381102dd6c5a333a4680c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f412b9a764a4a734ae2ad12387fdefdd

    SHA1

    f068e82ab44d4fb73ae9af4dffb8b33ed68ddeda

    SHA256

    a92ff50a4a17fa24af9fef71429bcf3041d757265ed65210e1112f3dcde0cb96

    SHA512

    edd5cda6477f296c00b082a21b96a578f34584e52933c2a679ed08abf95081c8cfbffac54b60771f0f4e8aaaafc064c19d7b812a44f59a1c85894392ed7b50ea

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    427c6b7e83c7661607c80c361590c15a

    SHA1

    ac9301c630b9f4b664ee711002ef27c13f1f8050

    SHA256

    d6d70694ff992994a1109c632e4075f89f210efd95ba534a92d6a821b7cda9d6

    SHA512

    5cfa041feebdbbcbe2798d164512b45ded3b6c971be0e6449627d921b317a77a265ed77c7255500824229fddba130dfb8c84c64809a90592d62fb91e16b4a037

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\528EVS6A\httpErrorPagesScripts[1]
    Filesize

    8KB

    MD5

    3f57b781cb3ef114dd0b665151571b7b

    SHA1

    ce6a63f996df3a1cccb81720e21204b825e0238c

    SHA256

    46e019fa34465f4ed096a9665d1827b54553931ad82e98be01edb1ddbc94d3ad

    SHA512

    8cbf4ef582332ae7ea605f910ad6f8a4bc28513482409fa84f08943a72cac2cf0fa32b6af4c20c697e1fac2c5ba16b5a64a23af0c11eefbf69625b8f9f90c8fa

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OV51DDG5\dnserrordiagoff[1]
    Filesize

    1KB

    MD5

    47f581b112d58eda23ea8b2e08cf0ff0

    SHA1

    6ec1df5eaec1439573aef0fb96dabfc953305e5b

    SHA256

    b1c947d00db5fce43314c56c663dbeae0ffa13407c9c16225c17ccefc3afa928

    SHA512

    187383eef3d646091e9f68eff680a11c7947b3d9b54a78cc6de4a04629d7037e9c97673ac054a6f1cf591235c110ca181a6b69ecba0e5032168f56f4486fff92

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PH7CXNA3\errorPageStrings[1]
    Filesize

    2KB

    MD5

    e3e4a98353f119b80b323302f26b78fa

    SHA1

    20ee35a370cdd3a8a7d04b506410300fd0a6a864

    SHA256

    9466d620dc57835a2475f8f71e304f54aee7160e134ba160baae0f19e5e71e66

    SHA512

    d8e4d73c76804a5abebd5dbc3a86dcdb6e73107b873175a8de67332c113fb7c4899890bf7972e467866fa4cd100a7e2a10a770e5a9c41cbf23b54351b771dcee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PH7CXNA3\plusone[1].js
    Filesize

    54KB

    MD5

    fb86282646c76d835cd2e6c49b8625f7

    SHA1

    d1b33142b0ce10c3e883e4799dcb0a2f9ddaa3d0

    SHA256

    638374c6c6251af66fe3f5018eb3ff62b47df830a0137afb51e36ac3279d8109

    SHA512

    07dff3229f08df2d213f24f62a4610f2736b3d1092599b8fc27602330aafbb5bd1cd9039ffee7f76958f4b75796bb75dd7cd483eaa278c9902e712c256a9b7b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBF4.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarC45.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit