Analysis

  • max time kernel
    134s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    17-05-2024 19:15

General

  • Target

    510fb1c6f20495fe501ac38f5618f8b1_JaffaCakes118.html

  • Size

    191KB

  • MD5

    510fb1c6f20495fe501ac38f5618f8b1

  • SHA1

    b3674be08122c79d2a2a57e8138fb1aadb5a649f

  • SHA256

    0f75298944a5886499ce3827fbcb623661a4ccc8d063e998bf89815d47867334

  • SHA512

    2fd725fdba9c90b56767bf41469b7bc188b710fe82985ce61f61b20fada44aa7e6f74c4968fc0cb1545a3a87bd00de6c5fcdf3374f7bdaf5f2a86356130cad6e

  • SSDEEP

    1536:RjIYkfC2kGMuM7sMLh1fpAK9y6wuM7sMLhH4ppK9yUnmwGErgH5jcmRzegZoARAM:RHG0fpAK9yH4ppK9yzWgZQ0eglo1y/

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\510fb1c6f20495fe501ac38f5618f8b1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2112
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2112 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2880

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    9c95b5a1b560cf1728fc15a46ab84540

    SHA1

    32c338d3c627c63cd47466b327a2e9266f197189

    SHA256

    40fef9287f5d6a51f13e758e56d37d0ac8d1de61740730377a00997901716681

    SHA512

    295c607131bb35a9666f5b1480dd9ab94819a33b8ba8050cb60354e1b52dfb6ce554c7e7decddb6b0c83856327711a8637aeb5853eec796eb145a34f0cbb4f47

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    775ba81f533185a0f882ce67c1f633c9

    SHA1

    c1fc136f1cb822bc240e05249c1fe16ca3d7808f

    SHA256

    38b4de78bdd7da46050994a08b425b6283933cbc35f660e66aa67fcf76ff4822

    SHA512

    f0da54443822d2ff0adf85c02901da2e1319c9bcee00775f6ba6e9c6d5eafb70c4b2b1bfccf79a672d405ab4271b798e29e692d9ef40fc1d2b0bd793020f32f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    45f1119e185796257447edc46ae41784

    SHA1

    ad24821c9847080b27f3d7cc902f600225d4cfb0

    SHA256

    94821e5f99d925b7a8b066db8ba06de6f61d493d7424aea9b3f7e81892737ac6

    SHA512

    f5cd14de4f7ff09c6be41ba5e6e2a0b864ed71a5fc338c119b3fbcccd8ba774abcdbda9da12f552d5acead4aac057513dd35f833697b0dd47fe26a593af84d86

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4ac765890016589c5cb0f354b2543c4f

    SHA1

    e6e6da2746a584a8c1a46d2f4949fab6f48de212

    SHA256

    0e7f89dc82e94dc100a603a46599d09f38ba48376479b88c0bf1f50b853ceeb7

    SHA512

    1d2645599a728ef3f084a1c5826304f4f6f80c5317f4c0b552b731d4409d4c43f434989460160ca9c4c07d7babe5c438cf9a2a369706812e465687ba3a0d41f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    80d109a7e0942b517695db8ea64a5ee7

    SHA1

    aaea5e1fd764519f9bfc9ce7b5fdd485db3bdf7a

    SHA256

    3fc037eb942a64d5557b88ee4225ffd2246c5719bfd073fcd671b859200ad431

    SHA512

    9e4bd716bb5093da21c041c85aed20b40a9729242366659f90cf7f28a0f8cdd21fc265cbafbf541ddf87e3f36258b37a74207085aafc1a40f69e3162a18a0904

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3560a313ebc44854dbc1285982260ec8

    SHA1

    af12813862b8ce47f3857faefcecdf53d47a1b29

    SHA256

    4e32c834e1665dcdee819591f6f569bc46437591effd4ecd148f6d17bbe853dd

    SHA512

    d2eb4c09aa586a18877a20985cd88a85a07cdcab3039c0d1967692b8914d5700b4f0b9c98330d7449506b71fa2ef9a2300aa1071adaac62be9650162d3799c8d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c23323e1dfaf3f1d4004eb13a61670ff

    SHA1

    eb7b901e39c85cbcee29c001e22d695b6f294445

    SHA256

    7162b46e17519bcda54b92f2e55dd18a5d4222aac9699e52c54eb182608e7791

    SHA512

    5cb0ad6d9705841ae536bb39786dac202811ebc75a0fd204c939faf6c84a9a755ac79abd3485ae78e218bfb72ce2430a2a99391cd9888f21c052c329c7bf8aa9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    70854672abc8486439e14ba57f6c61f0

    SHA1

    6933c58e91a37c962abe08c552d9d890dff887cf

    SHA256

    e83eca353b9f8f3f407db3009dec63f90cd9bc2fa2c1324dd9607c9054d5b3b2

    SHA512

    8a3d2290aec974d4f4db1b214ff3bcc5172bb54d943beff5b2c5e2d731b8e9e9954d162fe23ab2dca0331134a3ead2684bb9aada37ef285f915968e58c08c4a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7497d7957b10ee282c94aaa22eb59e4c

    SHA1

    ad81e9a7f8ec4b0b32c4fe78000f4f1038939235

    SHA256

    f50ebfc4dacc61b622324074cbb5a97d8d83690bec1c2442945d73ea8f718d01

    SHA512

    cdf61723e1e3b2a8d0bfdb396a059bfd11ae07c2732e2bc3163312c62422932e84fd0524f0c3a0100cb8ba8fab234bae50df3d8a546132937c686cd0919454c6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    355aec65509c92ac00a3eec417290ab6

    SHA1

    c821b5dd41da128d865612a70a35654166710966

    SHA256

    3161b440a483b93f4d5e67689328ab71a924d4fe2efc6039ce17eedcb91ab416

    SHA512

    2153cf8fa65b4982f856a5c1b4ccb4d8c9273cb8cbf8f467e09ce145c81fdb96666119da688d3a086da8b701280c4834c55fefc7258841d09c1853f0be393f0e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    96a0833b2f018c1e62af944b5e65dba6

    SHA1

    3b52c754d97e8e216d710a95d4be4feff2629fbe

    SHA256

    93eff3973096445d295038861c42d932c6b746d723a640ffba354702c28d3e00

    SHA512

    d0f7cb7ef577353fd8fbc995d305c14cf3a7dc83104b56def966aa5d691825c3db021b75b6fb8c0eb0548cf21140c155a18edebed34c51c0768c3644b3ee4f3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0d4430a402628780837e3d71d3fa63b7

    SHA1

    f1701af5f4ecbf286afb2571dd9a26308a08046d

    SHA256

    0086b7d75823c82ff5d40da5031d419318418d163e4817f84db4f8a9f567b07e

    SHA512

    5a3d19f27997a7a715ae4aa24e66fdaa967c15e6e754ece3de1d3fa75e33cc8dd4fd4b1bc0eced25bfa11e74fe9a95c46e1a6c471f65dd4d1984c7a12e02ab0f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f064e2caf5d28990b83cf78d38cf075a

    SHA1

    6a44464ba99f6ebc7f46f3e84f98ac197e06a520

    SHA256

    50964eec157fccb1c4938ccb7b0f53529e4d5252614ea2df9c5b7837faa7d996

    SHA512

    a504f39091ce2e9b176182f0dee23a5942fe92e86c96e9e9cd283d20ed642990a3038208fd09667f69bfde27ee9a1df70fd8f01858331022046da5365b5aa3b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a736bcc038d10aa3f5e786a942681060

    SHA1

    3f0ef5e2b670146fdb2516702617b406d626085d

    SHA256

    c41787468216ff9f6ecfffd8231d8d4f65935f29c99bf39250e1c4e756bbe1de

    SHA512

    4e08f732325914c821bae4cb7bf3572aa8ab581a4c71735d80e6f28d38f4a70aa791d56b1d0da570f4e9046efb1dbcb3d902d7e49bcf07428f2232ab6ac56914

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    667bd3b77671f1ef70982196c0742c53

    SHA1

    46b22e9f6ffba5bac107f498123c6bbe7a1445d0

    SHA256

    4749f580eaabcfe0c65646dd2fb1e0b603d2556bc35548e9e9efe3e491cea58b

    SHA512

    5d21d3f9c71da48647439c8114ddcd3b0f479c608fb97562dfa8e97d6bee60d8b321f7d5b8e097bbf5dada40ceda26a6a26503aec102f257633400e6164f5f2c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b01dde44ce40c02fca78786f4ea0aa44

    SHA1

    f1b19dcb73ca39b3d394ed654cce933d79d0b7ff

    SHA256

    9656f540d0e4e7c867d295eb1a6bec802763f09e2e5928ddc78d35184d328bc9

    SHA512

    81909649f1d58485c138dbf625429e9806645bd4cdd10657d6eb23ab2ffcd914a0f042057edeefe817821e38b5521b7affb586b778a44bcb0605bf2057c3f24c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b162c1ff40d4700d91f43204bff3f468

    SHA1

    7b421dfba47c4ce622e7e8694cc41b68d6ee3d99

    SHA256

    37e4adabe6fbf18a157709023fe71626a800f40518c1c2fcebc7c5c4c66780f3

    SHA512

    b44c66426dc669fd3180aa3ac485d6df3e29fa493bf5ce6106acadcf00b6543a08ac8d241386828367dcfff3be356305e51515d355eecd311278cd9d5c23050f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f9a3130958e3af6189133064aed45aed

    SHA1

    9b36e69c1327f69d0d0032cac7b6fa4388650baf

    SHA256

    e9f7eb47e1a5c278881ded72c92c0d45cabab16486135a1fe883251cb510bcca

    SHA512

    82ffab9be33c5adc562d14986cd8603e0a99b450a19f6a87f96300c074904efbe8bdbf385e460ef9a5d1fdda8cb2f9fbe5a5182a426fddf4758df1bccec6e20d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    27934445badffb77d396c90f673a60b0

    SHA1

    fbf1e232aca78583bc97e855850b8a976c074c0f

    SHA256

    e232de4ee59b40fb2ab4099f30b2463d982c67222f9f1466efb391f103405857

    SHA512

    70ed3cb9d0acd8f44d7e6c3282b89d2bf5a2a221bfa198797d6511be6e942e6fd90b8cbd9be346173ad7eb901ffaa66db9a0de8661ede4329d8cc4bcb01c8015

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    951e2a53408906c90512d31277511b11

    SHA1

    4a44eb010fa34b66ac77bfd11533283b90a716d0

    SHA256

    303f69381f9d7d759d86d55a3553189a0914096692ac4d34565ba2172331c36b

    SHA512

    36e40bf7063c767cdc2cf516060905b53ee718dfb19433d178c1a988064e3ad3fa5a0cf85d9919b16caecd127f720634ad3a6dc276280d040606f178f30cee59

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    72c0a6b2443cc92d9ce40f4e909cfcdc

    SHA1

    c26d1776af6b41360aca042a2673a17ac70e36bd

    SHA256

    04e42e8b3bbbaeee6254e008f2f87c9282fdb8620b4c21bf00588c87fd35f7ff

    SHA512

    f52bb68fae6a94fe01ab42b30e70b992be30dba865e507cfa2da17b747b0402ca4b3d5cae61af9038cf15010555c1a0db3a6ff97df10d40d1733e42425dd44d5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    5ac1773dc2f744a1cad9d9813091287e

    SHA1

    c191ac3028e278c4d5b7b830396d8583d3cd2546

    SHA256

    c16c65506d2cfc72a3c4074b193306681bf466198dcf07ad7e7f1291aa39ab7f

    SHA512

    c0b6f7a93c3eeb04de11c63363eca1d21e4781593d5eeaa261a4bb190880de190de32d43f7de6f61b642fe2768a3da1292ba4872b27255246b24b0a12b461c0f

  • C:\Users\Admin\AppData\Local\Temp\Cab53BD.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab547D.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar53BF.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar5490.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a