Analysis

  • max time kernel
    120s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    08-05-2024 17:26

General

  • Target

    25ebb0eeb12b2df9cbdb4a45fcc8af57_JaffaCakes118.html

  • Size

    59KB

  • MD5

    25ebb0eeb12b2df9cbdb4a45fcc8af57

  • SHA1

    e43d7a9dd2f0a9db7fc88c9895a16f58588806f8

  • SHA256

    7c112fd92eb802183bfb8c82e25add6ecacc27e21c31564f6af335f7fde2bc80

  • SHA512

    ba5c8fedf23ac3b17971d9f749e42cf335da74fe751dbe5009fac82a98dbbabe5552e06414c036e8190ce19381e4d4e6525a9ce221a4a94d3f1d85dd1d04f1cf

  • SSDEEP

    384:Ub+H6Hirow5FK8dfSlb3jfLYBPl7kd9ARy1mYJETh9ud6Bsdmdf4JKCcKFkcJR3R:1tsw5FK8dxl7kdHjSW9Jsy9xrX

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\25ebb0eeb12b2df9cbdb4a45fcc8af57_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2276
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2276 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2492

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    55f318d38f21ee9e9be70d7a76b1e5ff

    SHA1

    1571490c2d183b3375ae7c0bd7fa393f2660d7e7

    SHA256

    58e5a7a3127be7de5f2847aad88b57a61e795d1b673db9400a439ed136cd6dd8

    SHA512

    4ea57fa56f000b247b5e47009b087c97bfeed02f1f9c67bcf4099626674964453443964f13fc7e73949a634edd59f220fa968677f328867c0fffdc0415b55d4d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    0fbfa966c7009cbebb267359e48d4459

    SHA1

    eb47d2271a85beea20db9b1fc68c2763ad83c338

    SHA256

    6452d43794f5b120d84806cf6269e2c2c1253e2b97a35481c50a8afe8b01c56e

    SHA512

    ec678d97140693bb0aff05d0a24a353973d880f54a10c6181f29dccfcc2d67cea777ee14d9d8b61b00e3f823531e2c8d8e7c1fa71342394cf0b01983e186425f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    e9fa0e650e08dec96a0439dc4d5a123d

    SHA1

    41a0b1b9a08cc75d6a503027db2bc6f3d6c5b424

    SHA256

    afb8448de7ffbcb5405354e58de8f46b12ca272c566a3a722370f593873dcc96

    SHA512

    0abdad03b23f723a1f13631d3862797cf3e95d69978dbd824681f0c10d85080cfce8cd62fbd98ed31dc7556b14407e283c1ae88b22e1e9ed1e00bec6d275b6c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    8549d6fb4a738b96d9dfafada0e4afd2

    SHA1

    1f11dabce7c0f28ddc51db4eadd2fe4e994ee733

    SHA256

    4e131205f768e72e0da0931c5c24856a48ba28dcc34c3958449d15ff7893b909

    SHA512

    6c7bcf360f82925997acb8fdecad415c72e175307831f7b16c152cf8b870e14534d0d4038b20d8eda14ad98ff17ad66bc14cd77a0f89e33afe8c0cb4c0e3dae7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    6b4e03afe046f1eba1a0a6bafed0cdb8

    SHA1

    660070b354be67a611d4be1f5af1a54b774baef8

    SHA256

    3620ffaaa46e7d303dc2b8d82e2bb25113d6030292dda4f2a0840274215bcd00

    SHA512

    380dcda028bf189dda9cedeed163ffbf60f36f2e17c8ca939286b651b26d54edc45000cda108d1a2faa103ab062ba5a64e3ee45f54d67ad70beb85fae21d8580

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    d25f9dbb28bdbdd73da117505ef8ccc0

    SHA1

    a357c1f6a014f7d1472523b747b1ac8112f372ac

    SHA256

    ba886dcdcf7a6384f21f809b1460642f02bc0f26d953b0a1803f2833c46eca73

    SHA512

    334afafc811ec1cc97f8c580de21902eb002e95588b042897752cc09645ad79bf7afb4eb31c8e091511631e9e02dd9e029670b53677084904ffad7558a9cfe38

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    8c92eaa61a387e4c7cee3fdf68dd0cd5

    SHA1

    ce42087947a7ebcac3fab7ee6675d3188c48d896

    SHA256

    ebd8bfd25cf30a4e08b36e00d68821176f1d8f70591623f5991ef6c9e549db7d

    SHA512

    36e0b8ce9343e0c12ab4a13443cfb13a37fd4842ceac644e1d8c82395a201ccfbfefaf838ccf998445c6872327a008bab4b8efa93766e7d6bb2c5d4847806de0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    4e67823068791a69c4d7a0bd593be9e1

    SHA1

    70c67dae052a08dcbbb5c05d36f0596e85bf3a15

    SHA256

    44b266fd2ed4795f8a00c07039b9ab4987218549115afe6424831ab25ede2b1e

    SHA512

    77676cacef6e7d6824f46b3c06a5041b9b57f6ab460e98abf89052b00354dfb9460a05af6aa500ef97f51c5e3119def5fc19083f9ecd596c4882ee61481dc393

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    09f75882099040eeb6a1d237f390eb6b

    SHA1

    f07b7359e4c0838dfdf80d32d4d5a3018bc39459

    SHA256

    5b26380397db006ffb220d48e407d0031a5721a21331247deaf91a2e857172ea

    SHA512

    b0765c01b05e7ca6401500cd9b3461d2a6e50536c7241972e941630ca656c2876d7fb5e0edbe519fb1e5e2de683cda7fa17420d6df92607d19732e34f3b74538

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b29eb3a03e8681c0138401642cb93c05

    SHA1

    930f89c2f78bb97b7d8cc55d3e36b2aa653dbf62

    SHA256

    0b1700e2f93310b125fd79ee3e12c05bcbe60e343cce88fd78c356d1c13854be

    SHA512

    c47a7179b81e4f7181b0661f5fbf1b189bfa6fa2851d5837d1e16f7161437716b0d4a7d355d240190fbe193b73a75f842452832cf6e4da39295d0232a2e602a3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    076b4c41f4c40ce234f571d33f2948d6

    SHA1

    1aec34e7832e957e79de576d02699015cba47447

    SHA256

    e19290e069d14f4c954b424757c1558fae0d34716cb871e042ae5ff328c884a4

    SHA512

    982234520f4f627a5a9344deb564bc945cb05db6da78d8d2ca62c81e27be919f565dfd5b49c34b79b474af60c6f2b897156806b69374abdee1c47b573c54de9b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    07e17c9f677b72b52e72c4dfae56f12d

    SHA1

    470b4bf850098a66f31c87cf277ca93c5f63a61c

    SHA256

    d4216c45a40dc2ae0ec478a91715991311b89422eb9baf657ee7016c25045a8c

    SHA512

    437710c29cc0eedeaf8e843f99412b5c953993a75351b0a337b7b36cfeebb3d44162973404c3544d3d58f9c80874483c86a60f5b382c655fa19aedad77fab798

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    9c4587f8f91e9676ca163d1fda8c3ca4

    SHA1

    f9c45b3623b2f39cd2c89723db61d4c770b9af99

    SHA256

    16b67ca8b91080e110163ef94ea717d1d1d5a9b4ad62cc6b4c82e5967aa0251d

    SHA512

    619670c3c5b2a9230a3df938302841245f1c6b0a2b5dff477498be0ab2ce34671c7196cba7b6fba3dc233b149292aa4c794f319fb3335aa1a3563f951531fc4e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    68d28077989cc2c840096e795fcfcac4

    SHA1

    078492b6e45f7cb514f1899fadaab710a7a3e98f

    SHA256

    dbd740d69f94d3c8d788a56e4f9ffa7edef1e1c04f66111f7f90169bd17d7c84

    SHA512

    03d96e302faf1594ead3f2b52a828c08fc6102095b28d54c7757cb71c61a8ba234748dcc67c77f4c76513c985814c462f9fe103974a70c8c270352c583875d43

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    309912e19462f032b42ee7729031fa87

    SHA1

    a61ec563a36a0a08028d5bfd12a5825c6027a15d

    SHA256

    d72534691481c73a9f786a312251653337fb3dcbfe578eabd5e1eb6ba7c7e01e

    SHA512

    cbcd0f84c42dd7893844e9f4267ace5ae08a1fa2b2f271dd0b5c24bd79fc4b216deb4f6b1fc153f658b88bab170d1f5139ed328da9a7c95b3cc26bfb4bc30653

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    029ae92af023b754319ba48c741ceba4

    SHA1

    803af76aee206bcd021e8188ef9c9aef35400321

    SHA256

    112ec8f2bea45daa010d3fca65b19a8d26020c72f3f14dc7bb277251741b396a

    SHA512

    9ee6def84de98e9fa9aab1010360e47d20d00211295122b19357ede62eb9ce0341c56d384054d5b740a9f37f8a192e1bd498c10d4db6c76d7f6a7489992fe1ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    ea405995ff0c5fcdbb312332c151e2b4

    SHA1

    76da94ebc736b611b92e973fe27050471166c095

    SHA256

    c3107d2bc4097cc25ba4ce4fb297c38f8b534cdedff8351ec5e844c059d43bdb

    SHA512

    635a64ac1be533ac5ba2befa5a0e1ce0cc12ff0909744ded358f24a00404b45ab688cd6740fe1ef75eaf3d2d2c164db02446909ee96efc375388f5c2ca08a9c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    6f9a8e861b22d50da3b98aae7c26d4a6

    SHA1

    c16fd9026558f430862203afb67a9835997d5a56

    SHA256

    69d5362c37a4e5b5e9698bc9541cb42de6af4fa76d8fc0c55f8098d43cd7b3e8

    SHA512

    0809ec0c243c7bdfda210bfbc0c324c169f3c8ada9bf285e6759028e32285a889af0b67f113de58d444d91c2cc5f9680aa960108ee528ddae2d360ab7bc8545a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    8a49974420d5acd3dcd66272744e1251

    SHA1

    2d685df981194c27e1b7110711ac8b226efc8b68

    SHA256

    974e272f6a3b55d5fdf1275dc9cc540237aabc5d65b55d27d9c81a374f061eba

    SHA512

    e34730e4bac8f0a1894856cc50f7a19b12fc15d963f6deed11eea59ef63f86e10d1c3be3e60a3146bdf355d12e85788d71de4a4b468fff5205f25c4aef9609fd

  • C:\Users\Admin\AppData\Local\Temp\CabC610.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarC611.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\TarC6D2.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a