Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    25/05/2024, 00:37

General

  • Target

    704e3dd55bf1c9f33740c5fcfafb754d_JaffaCakes118.html

  • Size

    58KB

  • MD5

    704e3dd55bf1c9f33740c5fcfafb754d

  • SHA1

    164afff16c640b9555b57cb58d2d28e2dd9c7b2e

  • SHA256

    4cd67f1a4794666fa43f252f9a75ec0a45160941cf726820c534cb3ccb6ebb51

  • SHA512

    a995727e0a9212584def34bf42d71610aee072b4c29886ed8a7ae8306aec5fdbab0d4461f408747fa503c6623e876158e81d328c6a955545747abb4edcc3039c

  • SSDEEP

    768:q8FUH6xVd7vcA0kaZtG22YT2qVL4zuPII57Ykwd7vcLd7vcZ2a+bdm3:uZkaZtG22YT2qVLRPDCkO2a+bdm3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\704e3dd55bf1c9f33740c5fcfafb754d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2200
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2200 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2804

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          ca4c86de60936f0dc343693ada820657

          SHA1

          cd0f40260ae655e922b6c0f10437316c82a3c642

          SHA256

          47da1f36dc3056f2176a6172e87e5065bdacd68fd7387d605ed1d26b02ae8ec6

          SHA512

          2c414356f0f6ca3274a9a6b83671899e94fac099d3bc1f2438eb34798e6211584ab2be33dfd38f9dc8d7c96c114268699fb5dd1fce36356406035fe38d34cde1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f9c636c44bc1f22f14e8883f277f1e9b

          SHA1

          5775c7a424d0674f76c5243b0c4b94228e390b9f

          SHA256

          f598d27b072ba2700569284d2180f295c27d847674ee353c143edaaef3e447c6

          SHA512

          ed36281760ee71e53f99158940fd5e8af0079c80b204af2294854bdc0b43893124115e147aea3e92f92c5a046fcb6cc5a63ba444b83d440fe39f21fb96119c31

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a941fd757e52fcfbe4da8fdc52d478ae

          SHA1

          1cb3d0b4afd3727c6ad9035f3bf9cc00875baafe

          SHA256

          d694b037898c2de3c974cc83aafe4c453c4bf8ca68c1bc0f46d40b83b1484948

          SHA512

          32f8fcae6047e31b3a08f754bd1aa944e22eb901f502bd42ed7a3dd295fbbcfb4fe36cdfed3574c8acecee4315e59b5f0d5fca22066cec932325c9f4bbbdb661

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d145d71550d535a5ac8d1309ea246a3f

          SHA1

          2d195d5d92c9898a2e8ee8125ea9822a49da6ccb

          SHA256

          db420127895914a71abee436f8a8cc5f5f468a5b6753c06994ea6b06ff8991da

          SHA512

          4cb4c54424ff77fa56b69f3a78772615046f2e8627bfac986c59c4365fecbcbe92cbace4d81773b0e235ee67c75791b9cbf9a049e4a65f3d5b1614b5e2574630

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          75d6474c11ce956ca1dba285ce4e48a7

          SHA1

          2e30cd5b187b39b967f80940ba12fce315e4ed91

          SHA256

          093ad17e07328202415ad724489917fb5e5459a777c3275f3c01a57229c2a293

          SHA512

          690ff7a22e4467fb3ad2d17c25d441a959685b2d2bff0c27d4a25e8cb3eb070ef2ee990efffd4408d50a7a634247806b2c3cf82fa9d8db0ea6c9ae326d174342

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          eb1d704c1822fe78c2664946b54c0a91

          SHA1

          3c738267df8b50e1c1a2fcc31a6d1aa8c39aceca

          SHA256

          dd1c4d6906659faa54f6a04d9b0f25e75d4b15e70322b71b39047bb22bbbc74b

          SHA512

          44853ef040f58ef5fd07edf87469a5190a8dbb378f75dca8770afbe162f6bff90cc98c1272f9bd61a723054e89ac6583dd663a4b8bf66a2e12345073046ec547

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          df2cb1781d970b5495e3891e87f30d8a

          SHA1

          59f61001d96faccb6e59335a5e9b9eaab714f1c7

          SHA256

          f1059dd5493a8236894f10b5b28a5eb802f62096e959179aa097379406bfc7d4

          SHA512

          19acefb0330bc184c3b82e4999d8e77404b9594163f5783284c2ad34d5031c6ec7021a8df5eb3316054ed8c54e1810758aa6ac08763ed73c8acbb5a2d92cb004

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fb7bcd7a6c6699aa06024577d3a668b2

          SHA1

          f2bec5e8cbb47c85c55fa183a9f006c387edc024

          SHA256

          241ec55b78214cbc93531324aa19b3d72e93fa718d31d24a85aaaddbf8bd5b4c

          SHA512

          baba01907334b19fc719a3668190d226de6724678d9777476265fcf8680d2df52ec2d06c9e79ee7186eebe921204e34a32371fdb77bac2969fbba975a9c2dbd2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1cfb3cd0bf4f4f007d73f48f7f322301

          SHA1

          bf4ad56d811ef195edf80a7c03f6d2778356f8ac

          SHA256

          6883740cbe17ebfce8f7c7e38f9f031b39b5487f03ff13e92b54025e2b912e35

          SHA512

          8afde91d46f0b672db5e4fe278240394c4935d8117d1063865af674c056afc88e283e47e18e5c227c8e15c45054d08ff60278536a0bf2bd34dc385561a82a89b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          18e21654fd6358cc1c660a8cd1902747

          SHA1

          3a05d4101372d594c4e8218bb5c00e3a46a9ee6f

          SHA256

          eae3a54104509b77801b36cc6e08e9479c6d2516d13492957430f6c2b94296b3

          SHA512

          f89c9e01d2d15e24142cc08a6ec8b93140cd7aa2e8b1674b9bd3dd54851371007d5d8f1d8f83754278f4abc36c0fa642a57ee94b7632c8a20ee8d9c17b94deb9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9b8cde160edf02ebda2a17f4e7218b4e

          SHA1

          7372fcec2a867cdf796cae8c79eb5a62a2a947f4

          SHA256

          02f3f1efd73163c64681c06e5c8dedff12bc64775dece6125d916ba703ac8e2d

          SHA512

          334ef23cbef7ab05436493d2f8e2ddfd689d708c695b08c13b1de11a1344ba54d0dab5bbcfe18faa0c1cdd3d76edea64fff2c6b96bcdeed83b7ab8c340339efb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ac640e4658a5871f3aea958121a8c5f6

          SHA1

          f83e6400c3e44795985241c08269c400eafd9b76

          SHA256

          b76f72c4a0dbee4489d19541fbf3fa065e2e0392253dd2da6b78d3d564c3279b

          SHA512

          8729b3f35e59423c7c61c63b27d5288a6a15f5d7045282b73fe97afdfa5659ff244fb537a93c18d3bd6049b703bf26f2194f5bffe0d2c04d2d672505f5d229ce

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e40c22bec1400130b35b8af9a6d88d05

          SHA1

          ac95a43610249f4f86b1cb9e5c4e585c8391403b

          SHA256

          f01619a38b3d0c4418bb66921ed5214f48f3c8824f4a2de8c7ee8c05d6126c78

          SHA512

          9329b9cd26e95edccf13db21c321c5789001abc909d9f5393e95273586121d07418722a9f6eb7ada930865fed1f03c2b04b383400c12e3149c1f5a2c15f586bf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5f3fb7148efccb17b02748a7fc1276d3

          SHA1

          f4d913389e35a2326321932c5d3b0f105d66ccb4

          SHA256

          550b8c6c5426a48fe187409c544af0eb4165190b500f3d3869858adbf3d2ddf6

          SHA512

          de65f1e3d15ff02c64fd35db6032e0ab9e3e729cf1ae209d2e024b6ae42a0da8102698cdfa5189f79bb1e3a490e0eaa503b7f3bf995b447e391ea57c2c732e3a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          59ab7e95129f19f6220ffd32fb2a8567

          SHA1

          338cda6f2f5c941d5fc8a86619d312072a3228e7

          SHA256

          03f73f99d07a0670dc1bde7e03edd0dc1b97f2ac34a81820dc08defbd598d149

          SHA512

          0220b5304e720879890fa23ed57948a3aba4657edd788a6ae27b550e3306ca46233057724d0836739a2ed43c8158c82d08772579777e3a181a7af52643ed9187

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          fff493f9d39c9dae3a48374f8f7af7a8

          SHA1

          2b0f525b9155e637b9083f278bea2306bac3290e

          SHA256

          3624ff602ccbaf1ca8fb283887f055b8f2e2401eee6d89228a629a0617df72f9

          SHA512

          3d08624b54af2495182e13ee5b2ceabd2422ac9e89a0dbc3b4a2b198896c228db3b860337d0f87262b68fc3f7cbc31850c65a007a64686163980c908dcda1d9e

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\c[1].htm

          Filesize

          955B

          MD5

          93e6ad64a91b8f9a4e0e423a38f60229

          SHA1

          effd56f48f3afbcf236c840799f240781f79830e

          SHA256

          363099281d5751cf3879d0cd4d398819cb1813ec20b25d025555cfd677d2b910

          SHA512

          fabfd4ead743e0ea9a34bff692042e380dc4461519d2b92e1602a25fc5cf280a52792aec3eba2354a909010f4a767e89a14fbea66838f4de5ab6d358902cd15a

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\cb=gapi[1].js

          Filesize

          64KB

          MD5

          63e5a0b45632b3dde3694ffcaf0e3f7a

          SHA1

          923736d0cdc308331d5cfaa0ea159bfedc83d53f

          SHA256

          889109910477919b3457416e7764bcd0add19fd959848253026125c7c35c43db

          SHA512

          5b886c4b5122d61f0209ede748aa84445c9388cf38813316c41b3dbd2308216e88394d9a45cfc27113c0cf3bc93b9c37d808f6d3c67888244c176ee095d42259

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\js[1].js

          Filesize

          203KB

          MD5

          b61e5bbde685b1a7d252b977158436ca

          SHA1

          92037aae4e9230e631977e3408d38a7712779aba

          SHA256

          69a12ef1fcacad4dbbdff948ea6d049191e38b978b1deb77fa30609504c30038

          SHA512

          61a5885d9b141fd66b47a73013242553bcbb34a97984ba2a1414d1849a487e365567240ab9bff71474fae131ee4f67cfec2d6badd93c20d35b1229527eff6e97

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\site[1].js

          Filesize

          53KB

          MD5

          77a06c9fa29d253ddebef70817c410af

          SHA1

          331c6d02930f451430860cbf469d1eec71728064

          SHA256

          cb46a652c6548696ece7a3ad6abab84ca1e26570e4e63305e0b16055d65ec7e3

          SHA512

          285356e3769f79e4625294ddb2f491f74fd8863af683a3bf5689b4dd008f4fd1d0ff07bfedc6dd440929dc3c79045f793a190c83a3ba905b7d9f0993ec43b594

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\3604799710-postmessagerelay[1].js

          Filesize

          11KB

          MD5

          40aaadf2a7451d276b940cddefb2d0ed

          SHA1

          b2fc8129a4f5e5a0c8cb631218f40a4230444d9e

          SHA256

          4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2

          SHA512

          6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\rpc_shindig_random[1].js

          Filesize

          14KB

          MD5

          23a7ab8d8ba33d255e61be9fc36b1d16

          SHA1

          042d8431d552c81f4e504644ac88adce7bf2b76f

          SHA256

          127ffe5850ed564a98f7ac65c81f0d71c163ea45df74f130841f78d4ac5afad5

          SHA512

          e7c5314731e0b8a54ab1459d7199b36fc25cd0367bc146f5287d3850bd9fe67ba60017d79c97ea8d9a91cd639f2bc2253096ce826277e7088f8abfe6f0534b63

        • C:\Users\Admin\AppData\Local\Temp\Cab1B5F.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Cab1C9D.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar1BA1.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

        • C:\Users\Admin\AppData\Local\Temp\Tar1C9E.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a