Analysis

  • max time kernel
    117s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    09-05-2024 06:35

General

  • Target

    28bd0184f24ce12cc1e68c7f904a9d9c_JaffaCakes118.html

  • Size

    70KB

  • MD5

    28bd0184f24ce12cc1e68c7f904a9d9c

  • SHA1

    a0aa0ad246a29a1de328e54eb2611e1278b1eea4

  • SHA256

    85c12891fe31b0ff244be0be768a0be2b1cc07fc2aaf0e1a506456cefb4b7cfb

  • SHA512

    28844f0632e970082d323d0b77f9e5303c50010937e57069441be21fa4cc274642d50db15c5bb357c5173e0bb6dd6f1a18cc676ef32c7ab2b99a63cf2d090c86

  • SSDEEP

    1536:TGowWGWH2enw7l9hv4JQVLFo5444I5rPVV9G/BZm9JdhdhBLNGUUqZmB:TtGW9w76PVV9Gwr9YUUmmB

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\28bd0184f24ce12cc1e68c7f904a9d9c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1044
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1044 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1948

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751

    Filesize

    717B

    MD5

    822467b728b7a66b081c91795373789a

    SHA1

    d8f2f02e1eef62485a9feffd59ce837511749865

    SHA256

    af2343382b88335eea72251ad84949e244ff54b6995063e24459a7216e9576b9

    SHA512

    bacea07d92c32078ca6a0161549b4e18edab745dd44947e5f181d28cc24468e07769d6835816cdfb944fd3d0099bde5e21b48f4966824c5c16c1801712303eb6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    d333354454280f7c94f2a4bf0bbd8037

    SHA1

    1ff3c3ac5cc53c932c971ee9d84c020903fd50bf

    SHA256

    51ac9d769658ae6b736a476fdbeeab8c21a449c952d3d7e6d6433f5e74aefc48

    SHA512

    faaef8cb9f5ef3dbcf367b6589d590c534a18b8a127d737555b4ea2796589822916f5256070144e7dacbb9d84df0c81960ebab69e0a21efc7202d32e08a22426

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7000d7b1166e18f79d890146fa377d99

    SHA1

    284234569484e960016f82bb56ee0ea3d4ca98f5

    SHA256

    a93a89e076f42f965ad06e76fb9fe6db88bf053ec5eaf71796e65988b523292e

    SHA512

    c2272e15170e18f942f9f2d9ba6c331ddbeb3fa8917f8428131d91723307368f7c90e2a27ea5d19cd087fa67256685aa1f08e0a6b20591e8e412038ed1085fc8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9e647e0cffc64b1396ae094c47a002b7

    SHA1

    9a1b8370b1d6769b3c7462e533d7ae1e7e478abd

    SHA256

    3a283403bb30c8a125d59e42dbf9f25a50bf7fbeaa96f593aaf3d6ddb955d310

    SHA512

    12682c4900ee755d9c49df7d45e61f40dfe0cd89b42b7cdc9ac069f520ed337713713123c08bcddbf4e0f3e1e1ab0614ce7d036747f365d3fdff39a541fb70b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b5734f92770745e1a55fab3b380c74aa

    SHA1

    beeb2de62a90e5166c26d29a1f754c636c6db49d

    SHA256

    688c8684a4eb91284da5b96ac77a1a38df674bf0747fb68bec648e7ad9ee921e

    SHA512

    d82bf4c0f6681edbb6204d58ca8797f1a636de51994a4738321fd03e387ad7c09fa582945c0a82faa6df8c7cf2874bb0d6c181789f1a24915f0074270f0a1c9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    871b2b735ca63c9314a118b3e1c81e44

    SHA1

    781216696f813e0b3a7233cf4f9836ac79ea52af

    SHA256

    9c35405e780443cb0f02c43ef80fbfb9149f77fface5854427c2b392eb9ebc2c

    SHA512

    ab0832164bd8b6c18ce2a37d1353d75036e43c7cd9915417876ab280a2c8257a875e23cfc488d7b607795534cd1d599c324e5c4926ed45b721484d525531bb00

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6dfed8f0a2cd8c0069d6ba86e1cb5ec9

    SHA1

    4017bc5906b4e5d6a91e26ef0e0f374f71cf2d77

    SHA256

    8332e35ca42c9848a8d352d4823a186c2d4f24266900c60bd1203a42f61e254a

    SHA512

    2f1f606848e1db0a5c6938a6fb364f4af73d2ab34211817ea64d4b2fe59cbc0a2e1f7af62c6ee8ef49071b43242f5c58b0c2307c24462dd04ba01156c35f45fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8910f60fb64a22436f1a933ec9f74c28

    SHA1

    5192a501903b37a3567c4ba20989406d379d3586

    SHA256

    f07b2146a4703b1cd29c1998d85a778c7f6593e8b58d035aca9060c9c690e6aa

    SHA512

    80316bea7d76f37022e01af62422e710e276f39978047d2317f7f02aa64a0b310d82bbed96d4398940bd3a836ecb04bd2fcf35a33a212e161f379b2505825d48

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b56e838c206295120c8358aa43bb114b

    SHA1

    1515d012761ab3fca859852f9f5001877a541c03

    SHA256

    653754d951cfbd9e4fef47ddadb8d7c35b97da60583eb00f4cc83ebaaaea05ac

    SHA512

    4b4dc05a9894a36f106b33ee4ee6f21a6c78e765fdc48ab5ed950b9c2b179f879d125b0f9b35948b39d1561e427d729ed0e9ff59b129aa01845f4ad23e875722

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    241c0168d50a74bfff8e773c5ee4a3ca

    SHA1

    80b9deb250b12a4a6f65e0effea926470d4fe391

    SHA256

    39af97af31423875e8a5d4fefe74ae7acddcf7a13632d39179bb946f9c808747

    SHA512

    d92400d2c7d3f2b454de7ba34d993091c3c7b4faaaa2e28f8a4f1f0700a2884cc5fa22ba49d7417be752826140ba52f2e990ea3c4212386da33cf87e8828ca61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c5fec2cde3ee0d934ff2709dbd5ca5ff

    SHA1

    84b6f00421c01b72ae114250e248934bf44b6469

    SHA256

    f90753f3a8fac82eb498fead1ed84260c6f9134e94790c8b97f2e1723b1af2f8

    SHA512

    daa3522983f396e930802a144011ccd0055a587878d01d7207ee4b5bcff6cad57d149f0c70efd8271a4b8d65fe26fc21a18fac8de15db949485df3db0010c03f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ace75603d4f9beed2fe1841f5d6ef111

    SHA1

    7d8e6ad88a7bf46d2dd6366656b63e72691e0026

    SHA256

    279abefb4136f949832850e3b54693d2cc72f74ec6b607a951011477998d9fe8

    SHA512

    21a5d45b806664d8b5e007925b2dadecc456a8867dbe7379405fc1adace0bdad69989d7b08fd116d2d44799916b2655aaa13ca13336d4eaf4cc98b67391b5986

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7d2579c1e9cf4c24fb45dae02c58676a

    SHA1

    5de1fd9de030642a49df1edb21ed3173b45f8732

    SHA256

    b3155226f0c7b98b6fc0bbb5a8ea460e4e2d40c1bfe34307300af6feb7ed8414

    SHA512

    469d60fc7f73bab1f5c3f4766929e3f30e3cf088239266b5b3ed45ba72e6b85eb5d23ff6bc8f339c23d07225cf58d22b81864561d17e067799df0df70e93c2ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    21bf5adec792d32aaca9b3a6e6ad07ae

    SHA1

    3e837b8b0c40ec861bbc29142a1d7cc4c35306db

    SHA256

    651bcfe8a4aea1ec130ae2efc27965bc0e3a8b59162fe239d4285b726ca76a9e

    SHA512

    b41f9e9cb7625db6bdc84682d2cee4f7172b4427b7b80cf88287078da5147fafab72d7d08f51682c73cbd33ea576499615307e65c8e92bbca8de19a98b1008d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f36eb47fbd525dc291419586270bf9ef

    SHA1

    62bb997b69f8a3f1df265be63d9ea0fc48b36df7

    SHA256

    8514e87d87c879eedc3f33a744b9c163202865cf97abde796adecc76b182004f

    SHA512

    cff79228c0ce13e8a93618442726c5be290691f85952dd79d287bec7a031a8b8ac90f15ddee5e079a285db9b57c5a70945f56b6ec0aec2e315448fee5f693855

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fcf4f617cd9dc2cb5085e9da5594c7cc

    SHA1

    25be750be19aa9d4506fbb8dd28d1f0f6538c113

    SHA256

    13bcce351c2dbfcc634fc990cda6bba168ac8c14fda85d5ca5cebd4033ec23c4

    SHA512

    c0b9c1aecc7bb722443d37f6b75481cc642b08e2f4afa850cda8cf867b2baf33ede8cff84e1e60f43582513f4839db1647f6c8ee7deb96710306ff6c48457718

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    adf8d02253c5689565705b3b290fd9e3

    SHA1

    c3a4e189f3030ec798c42aa8929c7cd3cb7f1976

    SHA256

    5bf8ba31a0efbf800a59d14c377ad88391ee12513b8ec776d26a5f778de6c2b7

    SHA512

    0996148a3894d1596e05df6f466e72998760d2d4668f6f1c9eab1864e1d362c6666858e2b800192db647f8e6a3ca474e043f0fe1e3550004501ca896aea4e692

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    98315c9ce93c194e7a682e24776d8b72

    SHA1

    ccdd0c523518854122a5b1a3999a7169fbf2e1e5

    SHA256

    331381debc217c9ae846f30e67a9fa53508e9ca5e5e65786a748509af66baa41

    SHA512

    5eaffb78f47ba4f66ed9a534e2cdd776c3367448cebdda7d98138b0ce1e6a0dba908fb47eb9785247daec4ab76cdbd344e2ec99e89d0c192c1ef5fc035925587

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cdc782c6a3ee096da0f9346087f7a4db

    SHA1

    1a5d3ac3d58120ca544d905bf48f052ba6ad8479

    SHA256

    31b6b46a19a339eb1db4554a74feb5e821689d65589d27ef31bc15a33a981bf6

    SHA512

    d38236c8302cc450081ee57f9de1083007ff3f62fa94093c14dbeb8ec50eba440a74cac2edc843853427f2cab4751c876e31bcb6ebfbe2030cf4b35212ffeb4e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7b6ac51b25db4f53f674eb1f0f15989b

    SHA1

    8efb9e297a98b07c9b3c13035c1b425c5ea0ad6a

    SHA256

    f13ddfd6ca5d127ae8170e3deca9737378e20887fcda48b0c2f9d0032f36dd27

    SHA512

    8113eeedc272a17bce56fd1f62eac308f962c024b056f08dde4039361c4a133f0227d1a774b29c5c8f52ce6b3ba463695bfceb98cb6decff585d3bb878a0b208

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c4b4e5b1e5c4c93dda96f620fc1351e8

    SHA1

    51451fe5eccfde9ac0440a22c5c322e3f0cada73

    SHA256

    29f0726130d79d21b4c2fe6b5ce095c2415db91873348504fdd31df6a5011df4

    SHA512

    64524074f2902c8142b148c086c3a9211388b37043cf43d157764c682419779faf678be36431493a2e84132938c67cd0d4d87c448ad9953357386daf6e776ee8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d1545af6b4a0a30b4b38402e216916dc

    SHA1

    3b81d8339c0aa8671f3599bfa97fe5213af471db

    SHA256

    0699ce219d6d2ad2241a197ca1f4ced7cd4754c10a7cff7e61f415d5259c1ad9

    SHA512

    8cfee0f1ce8b78fc62bddb32be1116d88308ca51fe603d23c000884a2cbe9562fac8e642e51ade3baa3f155b9b3e8c95be388c2af64e15b1acdf336ed374e010

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    3469ff56374b87d3ce42bc7e208b78f5

    SHA1

    241d13bcc94af020d37f45fa88417ad54a49f631

    SHA256

    2b6fc3ef591d8b14cfd719285e0b35220d7ac96e3a7ad5d6fd0c92cea0d83e89

    SHA512

    722ee22dc275408f5f13982d76fc685ce5731a1d2ac53ad4482806e818954fd4c99e798bc63b1821eef7ddd2da857a6c88c6d632f41c7316144bbb2a03661870

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\17SUD4ZI\recaptcha__en[1].js

    Filesize

    502KB

    MD5

    add520996e437bff5d081315da187fbf

    SHA1

    2e489fe16f3712bf36df00b03a8a5af8fa8d4b42

    SHA256

    922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4

    SHA512

    2220fa232537d339784d7cd999b1f617100acdea7184073e6a64ea4e55db629f85bfa70ffda1dc2fd32bdc254f5856eeeb87d969476a2e36b5973d2f0eb86497

  • C:\Users\Admin\AppData\Local\Temp\CabF8B.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\TarFBF.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a