Analysis

  • max time kernel
    141s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10-05-2024 03:10

General

  • Target

    2d0d6279f016e6084e999475ad85efe6_JaffaCakes118.html

  • Size

    53KB

  • MD5

    2d0d6279f016e6084e999475ad85efe6

  • SHA1

    0fb9901d0cdc393c4777e23750ce4fe6e7497569

  • SHA256

    e0cd0a0d339e9fd514233f7ecb1051a149ca94f13376e4fa9ddabe974326a192

  • SHA512

    b5b06cdf3a49f053b85b47adb0837516dd9b1b555d353f68f98736c5169026a9bce3f6ec680516f6842412b263bec1c525f07f2b0600971b7dc4af5efa7255a7

  • SSDEEP

    1536:RRKi9jL6gZ7C3CwSdfMRZV14/XfMW/BoIiLttloCAvz/kZ6HHkQk6HR5LhTUTEFJ:FjL6gZ7XdfMufMW/BoIiZjAvz/w6HEQx

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2d0d6279f016e6084e999475ad85efe6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1664
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1664 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2856

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_527BC5AE70FADE67FCC98047A960E62C

    Filesize

    472B

    MD5

    4ffafe74e18b35157300d55ed615d63d

    SHA1

    a47a9e20b9a960f70ef43b836a44354a065117a2

    SHA256

    c04d6aa42dc433d78c6daa9d4104c7f98efa6db66013a70ae9d7763e92675dd6

    SHA512

    91c1169bff92737ebfd68429b71cd871c6a1b812588ec4e432833ebb39950f31213f52f3db620009d92f4b3d3734ef25e850e3ee2955d9b290e03ddcf5f90410

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    8f08385bacdd37c750793ac5cddb6b71

    SHA1

    f4f73935f0fcf9fe2997611d79f3c911c845a9e3

    SHA256

    30f2f751c4effb3a9e3edadf2215aeed8a8718cc3039f5019c7728c826c35144

    SHA512

    9dfc32329e298c2782c6e3b74c05854534e409cbd69e9cf29c772a8c0819ebf885a9134fc7dac59ed3d23adc0a2eba9f5fcce5cbdb9f2a883b44732fd098deb2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f3f1a88581830b78722a4d3610d5a350

    SHA1

    6cef8aa918096c110d68564900194778cd403b64

    SHA256

    615ddf9955250e5cdc3be090b3730c66b5292ff39137123d7dee8854235ff096

    SHA512

    27922f69429c000f7f64259e4ccea43df826c89105f08dffb2d22cd50ffcc52b9d5d8b9fd82d87c13f5059a58110e68c2ca579866bc1335849820e91377af026

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    664296d41d701e94d3e0b1c63e5cc759

    SHA1

    cf52c08e91df1ae479f2a7bc7fc378958bb60471

    SHA256

    9fa14c1504b3b209d4c18a848225fb127a1f06c239d898c6012dd68283525cea

    SHA512

    8d2e03ee51aaf419b6b7caf2d82114c2bea63713f2b0408d1b41804775bedb8ce1b77b68f1d377043a5f5a0d9251b29af7905606589a2888dd41f55d4edf362a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    55123886b8ec6828fab28a236755c28d

    SHA1

    3f0b22b157f4ee9896a36a7e44bb82e146994977

    SHA256

    76747d8afac14d396747b34af5b5fcc5e5df581b725a525b5d4267739d8e06d9

    SHA512

    b0fd5f2e9b46993d1bed766dc71f9248ef84d66b582b47f1664d64f22a4e20fc0e1967a732be756640452e83ff4a8a38571efee57696f70441885644a971cd2d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0719404af35cbb1632bd6287b3c81449

    SHA1

    ac7f1c0f8852133b7e52babd4ab078f8f5459fc8

    SHA256

    5c6f5d526334133052a1888103addf3b24faeeb09077bda40fab5cde6a47141c

    SHA512

    6c566f94be703b336a62e15714b7363d2ea953b53d0385765935574e83a6cbd6e0ae77c079e68a55d39d57d4bdd89288019142880975edc72a5eada10106ab9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b9d468481dcdb27246fbc2ce1455bf62

    SHA1

    90938a2d0390ede502de3e5d9f77ccb98c8db674

    SHA256

    8e0f8c715aa14b6135c0c9e1643cf9549cd54a772037f858eb1a5701aae1a9bb

    SHA512

    4a54b409a8f2a77bc39fd561a1ae0ca69492b27f87ca720f066b5794fa05b1a5a1d864e92a62b984146d64574a2205c6015ae67e644739e74a2af1b28cc23dc9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3a8b4e19f0dc3c1860591b5472c93745

    SHA1

    736433bb1fccfadef5a86f6fa97dec8fed06f597

    SHA256

    f2e59f47c6d2006614bef7513e6d5376eb8624ae9e14c48e95bb77e372e61d9f

    SHA512

    d29a977d2e1f596ca17234257441caa5fe0c22e229d7353977af2e0166853374b6b901152206b3dd91b8c996deebb24fed767771486b3a0269aff07dd6cedec0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e1b50e91ba80e559e31ef0470f07f5e1

    SHA1

    35282e412a3346565e154b86c2fd4223fe72f3ee

    SHA256

    7b6e6ff4a95e5a1dc084a6095d10129320b9d60d0a3fd19759dab1d89a343c32

    SHA512

    fa061540cefea51c62634cad3bac76515812282c669616b5412c221af2639ef0f2c7e91f968b302c38df6f328c5b4df03bfcdb4390a89d6f23059b5edac55abd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7251bb17280d71c62b64d3b53c7cdb98

    SHA1

    d9129e3f27c11b84fb3e417ebeab48f807a88bd2

    SHA256

    c2dc5a4ce0decf74061622aeb119bb144928b3c05d8077fbaaac9dc9e48b5950

    SHA512

    d30dd46a9789db578a503bbf2dcb09359e8ca452cb3d4e39da7f07afeeb94343be4918de1b8ac0f67c52ae883a1eeac4e2503033fe65ece8a67b7587fb56f1bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    87acda4580e27569e51c1b48ec364a04

    SHA1

    e66b604d000c182b178155f9c919969a08156487

    SHA256

    eafb2b9325c7c1defb0282db01a737d7e5bf75078af72a31f77d6576946d7de7

    SHA512

    05de4af9d8f837ef60c2caacf6b1fe6bd05bc7ada00bf4bcdb035a7f76a0b038c32a46afea54c7010739d36245a2cc0934011a506b9e2e38064a7d438d92d24b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3a5657c69f02ead798f4735e881dbabd

    SHA1

    30b91f8ab65e179520478fd72a54eda9ed9adfc6

    SHA256

    969afff19274b201d5625df654211667cf30c9e63881455e1c30550180c3164d

    SHA512

    fada51ad144544d8b6a9fd5c06ef8ab05ff6c9f655643d2743fb6b86388e8d4195af85775b37b46ee71c0243f37ad0f25e8ed60ad2514c752ad57a10c20500c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    672cfe8c2584b68f0350f4730a87773a

    SHA1

    0c4085a166ac232c11af6a7b75ff52b7953ce685

    SHA256

    7372bd03a60194c72c59aceb98672105768b051e1a3e255756d8b04d2d178c61

    SHA512

    eeb0a469cdb53a6fee541b5c68857ef9f7fd5f3e589a3daf9c7c283d4cce8332e5b1b4facd26edd2d6ba73033752da692628e7bdd3cd7ec27c3e608134da1a07

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0d29bd5b3b2eca525f561bccb65218dc

    SHA1

    13830eb7e4963a7883c38f2e24749ea3fdefd9b2

    SHA256

    b6b9326c57051bc823bf2a2695506d86fe4d10ebb2dbdcd9cf313c7ece9a4aa2

    SHA512

    173762774c269ea3f28f33ae785b0e3fc889c2fd771f7ca864ac5778043dcfaa7ecbc07f73f775669acebda039ed23ce8385f670dbb1bda9b9e3a4ae73e83f13

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5961140a8c68a68de63646a4a5520e91

    SHA1

    f998d9fefada7ae1a0f74d18f469b4a0541202d2

    SHA256

    00a75c4adb4db98a7b737989b2a46cfd9554dfcb1e8392849eb74f80acd7166a

    SHA512

    d4528a8d0471e62d4413238714586c80a8b4a417783bac10edb233685706040147285c07046773773c2341838c708e17f9fff241d3eeb85174bf2632e651f481

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d8389a5260428f006fc04957c0a8f44c

    SHA1

    0eee10f2299a877a05380098e9afefcf128ff9bb

    SHA256

    9c2685959e083acbb7a77e965421d841d606b9ade9c9cf507a5daf2e514dc052

    SHA512

    d073a73c13311d4585a693c33626f5d3e7b0ae9c1613bceac5559415b914281734be822d10d432e9f0899002c56ee88a1ed06a9fcb5c2190fb34caaf15c6d4b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    77212d6df4d8658e595d8d5f25553c2a

    SHA1

    35230f9a3b94af0e1f1ae31e5c4c9806869b0adb

    SHA256

    1eab7fdbdd3b3d00e66794e009731fa06e57a45e492f9792d2d815f0641081c7

    SHA512

    0415f82f9696edf8668abdf2e1f906a68ce2778f9c69b8df39e2ca23ed6aab3fc64ff179648097e092e6cc732bed4f283a3d2e2094fc2847eed01f93015c8a8f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fd643b2aeca960a89b72486aaec09efe

    SHA1

    8fc52b742363ac846b3ad60f75a47290ba40dfdc

    SHA256

    99c52eb7f0ac26f60ace9785bb5b22939768aac549c74e5396287c5e245b071d

    SHA512

    1d60d1b41a158947338a3f563a830468a8b713cfe274cc100f353fe1c10bd58aadf9d9755ecb75229c994ab29d734a56994ac291751ffc0304bf404af4993ae3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7eedb7534a48f6c19ad4d5ca8bc02a00

    SHA1

    a2c31b9d63eba0663964daf5b8576c7d3de82683

    SHA256

    3f8df2d02148afdcfd044d21e953c9623bf5f639a74aeb5994ba0e65e1d6b6c0

    SHA512

    f99f47d087b4d778cb73e25cd6528b10bae1424ded50b003861c44bbed92f04933c3cfc16a3910b3a60fbc21e19cd82c9eaec797b4e98558655c7b1b44e7cde4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7fc8e47206ee52caf989f6a55fa77e3f

    SHA1

    8190ec92313601161ab3febfc2d007e1f1a12269

    SHA256

    b3326dcd9d532fc125e32d8076d3567d6653fcaa13416958ff4c09a08980a8e4

    SHA512

    f43fdd170f7690c0c8460726a541a78525a298757109596dd617adc9fc42d876273f98731f25e89e325af8aaaf015ceb49f2b117906ee103da0e0104a3cf0c61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d000c6ea85be75066335303721c355f4

    SHA1

    a08b063535b78447a6a4bae752063363db3bfdc3

    SHA256

    37f803183729949bc28fc0c31735ef12137578ecb9a29f40e3810c44aeeaad9d

    SHA512

    5941d9f83ca1a5b5078eb2ab136a9bdd7f32e7dd8304f75ebdc1c93c84f89e33c2ab49da71f0089d49b6e89d34716dfdbbe7c21220190107ceb3eccedb0d97c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    ff573de9daee462ea3de7ffcb037c5f6

    SHA1

    cac309af5a3ebe568d76f8e297301da553bc8545

    SHA256

    7d677376ddbd2cea034a9cf59b10b3cc06b0081f91db4a15efb01a625c5a8a92

    SHA512

    c43c5ec3b50390d6274896226dcec37fe82db62199b9f0ebcf746fab95c97a260f18cec21df396d0cd8d0261018a1880ab98219f568e18b57d9effa964d36ea3

  • C:\Users\Admin\AppData\Local\Temp\CabAD70.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarAD82.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\TarAE74.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a