Analysis

  • max time kernel
    118s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 02:14

General

  • Target

    65a7aac2d272606a100e604d4a58f83b_JaffaCakes118.html

  • Size

    36KB

  • MD5

    65a7aac2d272606a100e604d4a58f83b

  • SHA1

    777c0a70972c720928aae1bfe8aafc5beca20eee

  • SHA256

    b71b413d0c1b3df92c5bdec2cd23a4bf6b3eb71bd6a5945e327738a3e89568cb

  • SHA512

    9fafc6190e096d46b5fed8e384d12cafea34c5e7b8e58513001434df14d61d10b2a1dbcb354a0a02b62389cbcdf83f6cb14f35e396284ed2ee9a5156011a04f2

  • SSDEEP

    768:zwx/MDTH8G88hARUZPX3E1XnXrFLxNLlDNoPqkPTHlnkM3Gr6ThZOg6f9U56lLRX:Q/vbJxNVNufSM/P8OK

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\65a7aac2d272606a100e604d4a58f83b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2320 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3036

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    cb35bd9d6c5a4fd50a9263018bbd9784

    SHA1

    efec24f93d2af7bd01969c36870ebc928fa6c790

    SHA256

    be648ee93df285417e494e28c01e3ab8f3d043845f4d3b397dfd137d187ed612

    SHA512

    ac26182fb167458da4b465b118720470859e8028db8d3d71ddbe0c5be0e46b9178c5f7ccb8b1252c38754e27da1af546f8d2f6e32e1bfcbeac0d510aa831bf11

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    bb049468032ce63633ed30231e4c3a46

    SHA1

    877ba05bc5b4b62e4a9c142bf6dfe818ae5d741f

    SHA256

    098c93a6c8f29cde1b27e336948d0fda1b5f4929ee8c91bbaa7a1e32194365a4

    SHA512

    29c2d50b0de380806c2c39e7ba5c4f4301565022de1e9d398ac7cf636743fb36db9c7c7b0bab6e72058a618a4d361092853682779cc6ae4188c6cfbb19e61ccf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a7cb23393b6f14ae7f94d60dce337aa0

    SHA1

    9c023da7d81480783ded8ed6fb6d87cfd4b92bcf

    SHA256

    c7dab809431057fe0a02f22d496584bd0affa3efdf3201cbaac11b5a1ae2a897

    SHA512

    6a4094b7fab07c1c507c789ba8aaf6585d7d1138b92ba7cd95395f2122ad79d3ed9de923a922d449ae91baf9d28a47b86846798a1c5e91c907ed4a20cdf4febd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    723129574b65973a1f9b9ceb84929f28

    SHA1

    98b41b4acfd31db81def099fa0619f7170925f80

    SHA256

    21d51bb282cecddc71958d446415d885dacd76646b7e40cb824e85eeb11f226e

    SHA512

    e11088e104d4d77234883b021f22e88e0d486ef37bbf6d214f3ba0b5c100af715cd0d9437c66d8842c4dcf7e5fe13388a300575773620fa97a08452831e14373

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3456a975a6a1b6bf8321b1a13c2a867c

    SHA1

    2dde71610afbfc4204c2167982fde60c3127a479

    SHA256

    3b5b0c0b87e701685bb8ba831d0c01053f620eefa9732fa7e219bdefcaf2eee8

    SHA512

    8094693b5595892f98ebe26605b14ae45f3571dbcb036a50144ea5b89cea85ba2eb05864ffa390c0b7f9c1b07d4622efa90528e7f0a8c5b671e796eb3d30679f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8eb5eff50a70353cccb5419eb417d847

    SHA1

    2cafdd1a02a78ff0b8c4b0ca22b89b24da300236

    SHA256

    719a380e57c1425452a23cdabba5c859e6ba64c37b07ada34178257552bda4dc

    SHA512

    12c4556069adeffd837aad9abc73fa4b40ad39d2c9b3870a66c3109842698c9f384de8262a757536802bf1055ce53c0c01a42dad8dc561ef861a40f798a36101

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2e9c9204834c19966497cb2f26f8749f

    SHA1

    8f9f528c5220a1a30a9d9282d50d477c1b05a220

    SHA256

    01cce929fa66ce632eee1ba7732bc5e8f30b372052d3e632e767f96ae67c789b

    SHA512

    c1325bc754909b999d4822ad52aaace610939ea581a1d8d2a85e6b0c751ec30122c29f2be34bcf544662bacc8c471ec8d8329616ec0963fad3979049cec85a62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    aff7f5f93e7a8b232ad3e67c55c9b895

    SHA1

    396b0580527bda2015f91b4dd4c0093510cdd521

    SHA256

    ab80917c5bdd7b6d043da3b78dbc35e071006098f66e33aa65f39058e89a0759

    SHA512

    41bd20da601bd058370ac480b14b5c15eefd5d258b4c8ffb509dddc824d9e998fa606510e554d8453e92a3780da4513aac73dda2db55ab44dd1fd49c116f97c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f5b48b650ba1e8dbb5bef75bdac965ba

    SHA1

    dbf450ee57cdf090952c623b9363ff0aa643baf9

    SHA256

    9a2de709e4a0c4423ca1a14b99b1e2c3d3e06564ad0211f1550a277d4e3c0ddc

    SHA512

    060022f4173964370b16ec8d57ae7ea3e7abf849195c6b4c111b7a97f0bb8554c1c49d32615a795d69c94502716604c573c1d8241cc4587d96f873187c0ff58b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1cf46342dd25275ce713db28dea1cac4

    SHA1

    4d7d78a8cbbe568d44dffe4a3aaaafb6d99305ff

    SHA256

    c6c46aeb2fb6d51c019f4db4e34a4c0cbf9a6c5bf435011cdfaca353017eed7c

    SHA512

    c02fa17f1ab373cccb54df36b7a5ec61e097cff614dfbd1f9b612e6043a09d3ad2ed49e8b9ab2923af4304e0800ea622c86ec3c0ade2679872e3337d5f823dd8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2bbe4d7e2bf4a1dfc5a958422fdc948a

    SHA1

    98b7252879e975af9016cc5b564ec82e70ea3ae4

    SHA256

    eea914ccf7099137752c5630a319337f285abecf8102c625fe407e0acdbebceb

    SHA512

    48c9b8d05ad72efdd56b1eec2a94814d297d650b71df2435c59b9d2b906ebe2d9abffad9f54bdcabfe19997458eee0abca3733e31ae4fe8616a6d720ac6057b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1f495fa83957112a184f6154b916ebfd

    SHA1

    73ff7959ec50b8709acf2ea4fb1ae8d1a9ea0810

    SHA256

    2647d0162f1436710b13803d19518ae6b1f4c9680c9bdc97b53bcc0685a2cae0

    SHA512

    aaa07fbce7f2735001822e97db1fb2903db59fa618986371d962007bbefb44d668ba4e73774012875c5c1d1eb21080098f67677410929bdae62110d330f1367a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fe93858d50cdc2971193800ebbfec175

    SHA1

    456ef79fc85287a7834d98c0379e83c5ea204033

    SHA256

    487f24dc84a745a6a307dfa9fbb19240d926d41b0b1595b70facf6a4ee301790

    SHA512

    0d037c8ba802ffbb3b7807f7c9c79d628e8c7e243765ab26e23b335f22485bef4bde7f77542a2204dffe77ed9d04087e3144affba1a251fde4dc6478d2fe8973

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7845527ef0ba6ba4e130ec90fa129624

    SHA1

    8d2cb262628bfa383b452d0478a4307d1709db69

    SHA256

    4a2b68f1452f6b3603a23cd8f56c71f5ae777251add5be75dae45d4bccdb1c6e

    SHA512

    b505c1e04245a949830154bd3686446cec5b89f693933225bb691489c44a42bcf6eef4577bab3e651885157da116e005ea24f3130ed5c18d23c861be39909078

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    25703e5c142b66c1de60d5cd05c8420a

    SHA1

    8c82e9086afec80d03780f87f03aa1448263df92

    SHA256

    c7f4884dba972903b77cedcf35e9db8dc22c5f5fb5cb4726669072468558001f

    SHA512

    a3306f7ad199e364aee7fb4d38f1fafebab05cd63e98f60cb9cd99974e72d92dc8ae28a0ae79242a4721bb0ee3bc47bdb2982e047ae60fcbfac0166994cf3487

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    079a48abef1306da573faf1de7d695a1

    SHA1

    6103ced75059a41c903dd4bb53754db62c9533d6

    SHA256

    53a1a74f7b6128f538c4c662b3f0896a9162de9d31449cb64c44bd590fae729b

    SHA512

    e86cb35830644a6b9a4e02fd3418699956593609ea021928c5e2de9c17809efbac75a9b2a9eac5a0c2d589ffce1d7de5d5e6c893da1a16f2e5bd8e0f219d18cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9470f6b279fb695512f54e9c34b3da9d

    SHA1

    2533074c0e5641d6e9cb36b4ca4f5a87b52fbf61

    SHA256

    2369bae35185e544f7dea9faa403752ecc589f76ecb297cd9e702841be0c2036

    SHA512

    d166ee3d644d91f52d029797e047b6ac05606f2322f031fa3a1281fd4d63018fe0b7cf04c22a71755bbbc63c75b345b0cc52866fe510974a8767fea7fa202ffe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9baabdea1e71c5a45082ec9f8bc93ec0

    SHA1

    1cc2eb3d82a3ba565c58efb570e92d371b4f80bf

    SHA256

    0f86bfc1ae0180f1b6017c2a4a8d3f10c6cf9489e6101e5281b56b5c834b0d3f

    SHA512

    b2b9594ecaea754810fb032edb4757d4a37a538e36045f984823fee1315ea7dbc4dfe3d56d63ecaaa47ac53932d1a443f295c9e60589bcad9d3bfa33145d0b9d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d28506da638beda2e79e8184524736ba

    SHA1

    e9be5d34be7949aa124cd95094aedc65619a6e42

    SHA256

    b91e3de3804c4a460a9298af7fd51eba0d2aac953029186fa5622835e4b58588

    SHA512

    5aba08d8f2e9fca53ad2646f0cae230741be2d383f1c777670a6860bd7fca74f13eee8bfaa0bc9ce76b57674040e710727f0407e4fb89b302707694721669720

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6b68e2f8b7b7855bc09daf617e6a4f88

    SHA1

    1f763842f6c9c47e9511c9090379c32f2d8931cf

    SHA256

    db143518b899c86ec1f8d49649c3f5ad780c7460d2214b1aee16370913064565

    SHA512

    47a41c063ab34c4015be75a104104ef71a946763f82acbfe5db75b5125f5729b4d93b3f52ef6faa1976deca88ea24f5b38109fdf354edd7d04c291955dbb39c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    646542662fa2dc8307561d33c5b7d2c5

    SHA1

    52eb4a2fc043c6b6178d281e9b66917d2439fc00

    SHA256

    17cd1c84648eeba5c00181e50e29e4ec7751d6d42134909fcb54dd5b0cc65024

    SHA512

    6aac1d192c8b90164970f560ac253bb83f8b038d74beb58b1d6d16834a18b1d85e9f5cac1e83729a826205898a3e0e88d778cd405520a3710db91352721d3670

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7355d6711b021ddaadcce7b7159f62ba

    SHA1

    9cc80c4495f379970d79501600728d6799f65257

    SHA256

    1cb6c266df199ba4f721fc34b64b08bf6db5514336655cc4eb556a973248c825

    SHA512

    340d0aaf480cd02b75550af719300dd5075cb3c16e807c4dbf8a3961d1d6fbacbf9d2c3d3cadea22c84f2e6b6b01ebab4c46f5b73cf16fcb7bd6742102272e66

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    6a7c60b3a69d8d590e60fce05d41af46

    SHA1

    65038faa531343a31812da3d680577fd96e94bb4

    SHA256

    7387ac7986fb019b83f3003b7f8cf7df14487c6b7da290327c0aa2e09d01e873

    SHA512

    53ad3b7e97343047cc55e8ebae85ef5762cd9cb60854b8962eac54f2c78ceb5d5e6f241d725338927ccab67afd4840522f950f3044319a0dd41be95da37f6265

  • C:\Users\Admin\AppData\Local\Temp\Cab966A.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab97D3.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar967A.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar9816.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a