Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    21/05/2024, 01:00

General

  • Target

    6189254c62988e989109a6bc7e0ae44a_JaffaCakes118.html

  • Size

    73KB

  • MD5

    6189254c62988e989109a6bc7e0ae44a

  • SHA1

    28a68149fcdce8dbafa391766fc95dc2fbb89818

  • SHA256

    7e2e0e6e78c577fe199ff38417ae8f3b7242fa8e775afea12500f239c2e5a595

  • SHA512

    7529759be421b58d99069ffa955c6d9c0aa0e8413981fc38ca44575fdeb96039a910bf8f3f97b46397e0dabad636652f824315df0b3e47b072df82c4ef918fd5

  • SSDEEP

    768:+zlpGtiZXBNLdJhOFbVxdBeV6t7VIdGpY2CLlqghFvBhRdnDpuA815vpkWxMpTrO:m+ue9dMqghFDCke8W03GxjS29FR

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6189254c62988e989109a6bc7e0ae44a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1756
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1756 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1828

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          567af9438e6c6d987712da35d3989c66

          SHA1

          043a42212abae34b2aeb541e05c1691596fd1aec

          SHA256

          056110ae08cb9270f435d969b0abfd3fa5ed1352dcd6a82050218b3ade1acc33

          SHA512

          c03992c3523692582ffa1b846526ad89591599c426b9cec92fed1422b49809eb417971cd47293602d74d44b81ebac058da2b0f7280f9ba0d049e61f017386dbd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5bdbf1f0244ea168a7d64a9e99f8859b

          SHA1

          90b7a81494f7b3f605b0dcfc460cd28841962f0e

          SHA256

          77a694613d5e4342121da8a4b09a063e778b3fe86ee4089ed92d4d34334812b5

          SHA512

          b8ae4ac9eaa6766a6b659d3d592f39df2e8ed1a5b4bd5b1ae1736b66a92175b3ca530149d161c75eeb4fc3f01173ca5acabcfc56811843a0e63925fc38fc74a5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          dd7c944348dd5be7482e68267e354842

          SHA1

          4110c0a1a42f2cfe672e2363478f11dc50d9cdd1

          SHA256

          6cc0a4d1510bfdf9841ea723b07f61222130404bc4e9fb0e30c31a7d431660e4

          SHA512

          36c79c72f1ac7b47f71f2dbdd6492f7b6205c912306dd31f9924e46d6573709d0cf5aa2c24944559480e97dd61846a7c997def6c1f035de4ae9a603a28fbc005

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5be4d760a283a4f6b699305eba1f331a

          SHA1

          4f270fd13cc6b9d42eda6805af6e90873628e3e1

          SHA256

          0fc3b436b3048c25a060638e1e3f9804f28dc8ddb84d32b0999a354a7a28b9c0

          SHA512

          244ea722e2d5233c2953d771cdc37aac330752babd9573a9dd83aab7ee9a2d82f5d7bf223f68ad5f7721870d485850ff8dc14bbd579aa99e21a14fe592a30938

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5692801554a8a4f5d6fec718ea52cea8

          SHA1

          d7c7deefb7d65acd37baec10d26dc53a5d8da0bd

          SHA256

          c0dd68ff59505093b5d98f3c564abcadad909d0dd240e4e977ade7e37660d39d

          SHA512

          d5c04489673d08e27dabbe67b58f857efb9088047aa3eabe4153952cc48e1d8d6a6e912db1be9558bb0c2a52eda8bca1958cf8661fad094f749f6bd52d374b20

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          266d85f4172b73a07ff3d4ce785ed043

          SHA1

          963ae52a9170780f173f90831d0af86dfe032f68

          SHA256

          2896fd30e5e56d38b816e74729981d0c0f0de0e5c6b3f380d27c68d50abac3ba

          SHA512

          98ef8a26e1942fde23464e6362a35c81fa8a0315c4a2f57fd8b2755d10b338f21a0ecf1e88becdb3d11b7de5f282b7f5845f56cf814d34f91f46fb5aa2beb345

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5788754edd24c8ac2e8e4126c442eec8

          SHA1

          471ca65716cf08383f491c82c92aa860fbd80f22

          SHA256

          e8fa94e8160af90d7925c7a9c76cee4f5babd8626dbc3bf709f68b72e1e4d734

          SHA512

          0a7e2db8b9212749b780cf5ffd61fad496659b22338df65be720beb1ff5cf06d36b9b1b81b873949c63a9fa4743dbf66e96b58353639decf802bd6a6a9d2fbaa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          523ba867a557a9c6d5cfb8a914e52a54

          SHA1

          5b533cf3cac8ef85cbd4fcb65578345d03c0e833

          SHA256

          d194c50b168a51852ecdedf5aa3ec54bb8e3d4fa44f252bb8b5eda85201bd876

          SHA512

          3ca05437b641fc14b6f4283b886ccaefbcbb5f3e57b992d9793ae2ffb335b9d9401c397cd739a2aaa988c5e1d5910ca1ef1a12eff9ea8a0c85e2f3d24f2294e2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ac72999d32b33cd5d0273af2797b1a3b

          SHA1

          ce97881164e5138cedaf6e4ca2917541fa7269da

          SHA256

          5d414b3802762696f339f4c69b4c197b0e8e7dfdf4bcaef3b350b213efa5de2a

          SHA512

          18761e4491b6439e6548740f4a078763a6e0a32cafb4ab73d2bbfb73fa13f47ef42cdf6c629677a7f5626796524f20489b0d0dc140d33e71b2ec356ffe9fa559

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7dd574adf8bc3aed80a7ca90c3013b1f

          SHA1

          fe5250d6e8364dbe2cea4b3c22826066120ac769

          SHA256

          6338b7f0d97d77e6ce7b6c1960d37cc0b9e4d6c3ac468087f89ff6a4c1516ee2

          SHA512

          6fe2e1adbfc92cbaf4260f64797d33062c317608aa300bab53a1506588a9fe31fe0a4cc1c35fffae5f05b2c3015755f776e6d7f0614dbfe877a0e9062201e556

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d6fdf0e48c2e1e0cbb37e2f5478fc6dc

          SHA1

          ff8f32468633c3492d4a4c6c5921f26a9d06b8ed

          SHA256

          eef611f795d8bfd5c65c3d02cf53d9471fa76da7528bfa4d209b849fce193403

          SHA512

          e7c9b838dfd6a3f952f69e47e12644b0219e023225eddcd0dc03991a87a26e7c8643237c150613328eb5bb2b1601c0e6a846b7692d268713714fa7c8862bb967

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8365a04473eb3daa1a371a3935c978ad

          SHA1

          369a4873a9e1599f51ef85973a1536c4aee8d7ea

          SHA256

          fb47b91af4f1b6300037cc6dd68f946ff7e8540852110a40c9ffcf3f298b4d59

          SHA512

          35f8f61a671234f6788ce080343a42a1b76a432876a6b0cd1375ef8710cc4b2d805d2887a0026e3281f4206eb0be765e6c8a6ca9b1b244ec8ee3ff78a9b3da25

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e104b09bd17d8827e09aaf8489886a41

          SHA1

          d33c3a1b6140b8f47630dfdef59ebb7e6ce1a2be

          SHA256

          e873ec8919ba1c6bf0add050689d45e0d5ddd71f430df036bf78947de9fc7aa6

          SHA512

          ebb5bd75d9b79c24def75cccf86896245cd8fcd1a0bc134e7e7be603311be6d0f6100150ffb79fbc9a60835097841dbfc4ced764a3346596dc5ef7bde604f1da

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          cabe1692fe96d9f4ce21e550264085f6

          SHA1

          5dbb98d6eeb547b771a4fe2f0a2317dc33709245

          SHA256

          9e3e880a4a6e07ecab494d3e37610e1a9ca05f68073935e740b673e8802c567c

          SHA512

          28f2eb32d43508331935676df189d6cb46bef74647ef63a9ddd5b2890274ef058ee39bbcc3e710eb0b258f1cd38c219647c1181b9dfcd0d222a1a79e22c9114d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b66066bb1e7e3f095bcde4ba934ca480

          SHA1

          73328557bc4dfecae6151fd9325589eb90389f93

          SHA256

          3c5898d849c4bc43c4d83b4b0973cbecfc69165a219cdb282ccf635794638cc9

          SHA512

          af13022dfb1da4fd92203be358b24953889143455ae4f5866beb17da83cc13a4c922dbb675458c7261daadd6fa65f6427fd80d7fbd25ee0d1edbc728a4146ab5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          06da757b6835e87f19e6b4ace9585fdb

          SHA1

          e513ff41b890d0b1913bda2f9f0e0880cc882ded

          SHA256

          368848a0877788362f68844bf7aad4ef29ca7919a1a1897c332dd07527522fd7

          SHA512

          f7884ab05a2859f00b4b9dff77bd5bd2d2eb3416cdb650f7775614c55ea5ce02d945ef16e2cb931202dea0edf0899ee521f2188d6a47f70eaee71f9cd7fe86af

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          174911413c86ed611ae2a06ed7a45a17

          SHA1

          5ab7731d4c8381a2f23d2e398548c5d5a176d396

          SHA256

          826f9efe2e8b1a45c0a93b7c8e497f8807340d235000ebabf1fb563b0bfaf3ea

          SHA512

          da8b9262968bffda13cc615513d4258a7a2cded9542a36619b0ddde2f56b709f8f9b0285e7628560e61e7fb9c43d636f131767c0ca5c9e3ad0a23848eb28ba6d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1923cc0972dd1966c35118eadd272b74

          SHA1

          a866145cea33e84ca21e079de271aaaec3887973

          SHA256

          aece3ff3c0ad750438d6ca1d6cbcc02049ad8696daec150dbba342dd9be473ae

          SHA512

          bb46210654c949f46276260d52137e5f736d300c6eaedbe669fbc29518fb5dc47276446c71d328187859b69995cffded04c71c2620fdb30b0d6af19bc531ccb7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9dd0d1a8ef970813f2dd97ea430034ee

          SHA1

          8bf9823f093fb94d5d70a4717a44b300d21f9ef8

          SHA256

          2f1e9f3285cbc6c3a0550bd94edf6ea8e139a07ebae044a69d761ce46a576738

          SHA512

          7065ecac4a07fdf4a6884be824e81cb1a27cfedb28eef7313dd697e01abf5c59bb9fbce65b3c7dc6c5077dceba32ea31546fa19469feebcf5817b592f6fe6261

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0b361047a43efb9b804e46ea3d59e681

          SHA1

          bd2fd3f8ddd0583f820adb9dcb6d9a4cf14095a3

          SHA256

          d647790bc25404ab4c7214d00762ed1a389dca7d596b794afccb0fcce035a711

          SHA512

          52c4b7aa2bd5c5a7db3809235d2ce7d758ae058df1d90e6b213067c990d42bff7b0b167bc8744703f839022770b77ca7aa105719417e5daf79deff2cfd422288

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          af06a1ed7d319c7db84d2eb5dd787444

          SHA1

          d5a8832bb57b4d8f8fb8670d453308aa330f36b8

          SHA256

          28d34528be91ed99e7c6140834b7c54e91a995b01f22304ebcdac9f7fe097d21

          SHA512

          7c6af1d0f646458d1dce61bd013a940a2f41113508521b5f854630330e9a398f02ac30006f0e53d071f35410c6b920ece385fd8916317f4b74b50f4665c8104e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          524d89d105caba06b0fd70b31c7005a1

          SHA1

          63930a2313534870f32cec05ea10715095c1dba4

          SHA256

          3bdf3b43f99f3db7ad99ed216be969c1f816c3decef4fb057403921f49c001b9

          SHA512

          4739621aa782b554b6c08dddc28573e87e9fed5da9282b5fc984d4cc9dc7321f605f76944a4c4f35e5dddb4d5ad569f27a259e83bd2f32d1106b76dd7c9324f4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          a749048e6a7169bec106defe999cf06d

          SHA1

          aff7cb55010aadb8b76b68904e1f692032ea0216

          SHA256

          4ddec45bec78bd76d317001fcbd27dcc82b17bfe459ecb2a9377c828d826f6da

          SHA512

          85dd2358140a51331ecd96fd4e69f6947f11492045834ff584411051022ea51a40520b777379b32b2048090bd9bae8a1cc11892564db6d71272b349582a22db9

        • C:\Users\Admin\AppData\Local\Temp\Cab2253.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Cab231F.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar2263.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

        • C:\Users\Admin\AppData\Local\Temp\Tar2334.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a