Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    25-05-2024 15:45

General

  • Target

    727466d6f0dc31add1d6326680f6c38c_JaffaCakes118.html

  • Size

    10KB

  • MD5

    727466d6f0dc31add1d6326680f6c38c

  • SHA1

    7934085e91fda481f2c1b5f9297358b205b4a437

  • SHA256

    d1d5507ef583c2a92040e4f31128169194ae66106ca1841f582d47b3e1b8a5b4

  • SHA512

    2b486967ff044ac335c08f176b965c08f16506faeae19f94dcdfd28e38f8890b8836bac1243830b4db42c3e45db4ef3db9781fe9119ddd56e76711e621104b80

  • SSDEEP

    192:/F8zl5GjZDjwm8m0oay5ZKVH7BXUIN8187xkyE5gdeYR:NMywm8m0oay5ZKVH761xR5TYR

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\727466d6f0dc31add1d6326680f6c38c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:756
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:756 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2172

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    e4c1d42066e158077a4e07c2d2fb39e5

    SHA1

    c731077002c20cba265b77134b2ad1f870b7ec7e

    SHA256

    2d1d244612d4f5887098442a5d0f25421190311001b54baa0d8459ad26063554

    SHA512

    eccab91c88b68e0aafecbeea4e38f50093880f874e218f0714ab7767323406a0d407524e89dde47f1c22f770fb9253aeca1efe9305eaf9837745245b517a50d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    43610280ffca4e9b4f3fbb12a718c248

    SHA1

    0a06ad45984bbddc26e3e7837cf66d1695abc7bc

    SHA256

    6b138da5503c137d7c3371a743b48ecd9e103c1d2ab62096e7a4c1a3f13d24ef

    SHA512

    8bdbcbd53ad114ad89e646913a379a8a0ccca5e96699d77d187d0f25b051de3c256c80db5ea586c884b412a56cb0680b13754dd3ce4b81e21766d4a005b59d51

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    adac48fecc3282db2badb9c6d1870619

    SHA1

    3330ccf3d35ef2609e644395ff0db01730dc2794

    SHA256

    db879a0f517c48c68eb5f2bec60ca221ec29717a18f8fab027b209044986b0de

    SHA512

    a48389b1bd3337a8bf02248ea411e31c3f5b34648f9bfd9441b5af2fc8d05ed8fd07ed5df352589f381638712713b66e188ef06f2df5f498afd7857d273209ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    13e18270b48a4bef3dd1c93efbe34bd9

    SHA1

    54680fae6810122498950027bec00e1cbeccdf55

    SHA256

    e284a980f347d66b8308cc3d2ae7f9f17f4092e7edeebda28eb363c75424b0d3

    SHA512

    598e08ac340c3005129694976fcbc428772f219f3343896c558fde954faf7372fb068eb7bc20453661d89c96b23f3059310ff0bdc8c97249cdcec296ce6b9e9e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    17a11134fec4f93b9eec367f6039cb5a

    SHA1

    bb95a37884bc179ff123c9741bafc72ac5bdb65d

    SHA256

    ed198615c210409f2f6fe386c84991b663ffc3a1170dcc658bbc1039ca6406b5

    SHA512

    7eb8f8d14700cf5d67422b8b6372610355c29972cb47a1e3db56777bfb84af03669fe7dcbeb71243309435d210f544dde8adcc1a3dbfd6f90602afae73794bc8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    00a75c122ac26775a2f46195a47cee9d

    SHA1

    5263a3ea9ce6c23fb8c2960c21efd32720ce9df8

    SHA256

    d918d21dfe31594cd79078d01017d24e4106c4c3cc3c76782d2344266b3fb598

    SHA512

    031dd8a095eb1d3e385846b2c84bef6800ccb43600ca4f8ce8262723f12a020b6e4d37ff83fac5818354352563f5dbb1caab085599d1fe49fef76558882607e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e8ed548cf0c3ffee90cd704ab31c362d

    SHA1

    4cf2ef7bfe9013e0e68e355ff2ec0ae7d0da3ef0

    SHA256

    2a4a61b80010dfb20e66e2689772e04a08474d41ccaac81ecfab834f1c363438

    SHA512

    4a7e05481530e02ff50f1ff46a514a623138ebe8978736758eb43996f4eb25909d3eaa1da5d343f030b5c36b2732c02cfb15032471d8bcb3a0cf3f80a53825ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ed1cadeaad98121066b079ec813bad49

    SHA1

    0635d568758008cbdb355c19c45b2d41ac035b5c

    SHA256

    f63a77c12c0c8891403ba1db9a105f926f35d8c93bc8f366585ab78c4087c8f3

    SHA512

    22e4987ace7930ca613f5cf4c0a844cef2ad3c3fe88f08b08e2acd5a5e2bae11f1f7a47e07f0bc3773ba340e2aaa771ad213b6806c36bd38afae77ca5df00f00

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3f00f1a67e057a43aedf059576e1f35a

    SHA1

    9f0262e451f70d092ede50006ecf57236b1ef147

    SHA256

    391cf0b603de568ef49800895f98e0a83582ceca3f2dc9e4f73cdf970110379d

    SHA512

    578dde8de4aa22b24859db918967cb166e0a4250e2a091949baac63f10b60c862ee339607691217473aa5d513989ec53013575594d0a388b8b6eebe6cf08e840

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    62bc33658b689a379030bb38647c3ff2

    SHA1

    7d50948b0e9ac23b47c7ee69231c9e0089e14c6a

    SHA256

    6b59f10a97651b0a216342a6b58e5e3b6ab01d0a2d9855eb07f5e9fa175c8764

    SHA512

    41ba84382fddbe3dfb835c03baa4195e4def8d6cc8101f817dfdee7f98afe06648bf4ff79c710abea849a76a274f9bed1c3ef6ee24409cbf1024102d55f48bd3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b3f47192993d14b39f603b8723005386

    SHA1

    a40d1eb3135f57337738c8a10856dce5590b619f

    SHA256

    9657beca0809788a2c82c99332d52b8fd9c0aadfe18ee999cd1aa8afbcd7264c

    SHA512

    80548bb94b8430f8c30dd49e267e4100ccbf7820c00ff3cffab73f14e850effbd02f4a55b3e1b2bc541502537b1f28a7f5f58fd4acc1e93464cdce54fd9e223b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7c471e7c4a1aadcc7a86f3ef6f47d731

    SHA1

    58f9853eb7d7c007f94ff8f27d8fd0ca4f2b0deb

    SHA256

    7388f700290d0a576c348d51343ad0aa126c6485ad6100cfec13af87f977275d

    SHA512

    772c429a5c5bea8f240991024e14f4399b18ff9ed583fcf9313fd363a0cb18743649f0f3b32c6acc61374f0548e12fc2bc4a46194b84333b08c44b6d8917ada4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6b0aa938f42678df48076e755807fd78

    SHA1

    d256044a9e177468d95e4e86895e4c24df657c21

    SHA256

    eccd9a4651ec8dc7a74bdc768849722f0e9d4e01f79493956cf362eb81a060b0

    SHA512

    714cfa24160c6af7e8df4a5864948ddde6bb3c99861f3be259e7ddf7da1b7c61ca1240d485b86e2d2fe83fe9041b4dbe1c76f963def2d8995685218addd2c237

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    31ffaf00c58d86dd197468500455c220

    SHA1

    f86b6c0dd81e83d356b3b8432b05ea647bd789bf

    SHA256

    2f26d0d4c0cbee921db64fd52f8add27178e093c951ea306d0e239adf5bbf641

    SHA512

    249c316c5332385e3f2890337b5d22ba912c25a290e3ee5adb6a778d86c4b3edbcf1c07eb8d2e892357117bbe0c30bd7aca2a39e10f4b9b797a21d99c46c50ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7ea0d6078e4713cc10ad6c34983761b3

    SHA1

    d39d48c053d9cc5564ed63adc2cc80466d3413ec

    SHA256

    900c08075f3fbac078f2ab75fde487c8e51db545adbc028a3b7e3aa7c4c76bdd

    SHA512

    ef2f7c5142c84eb3ae4a9e66bd083f92e9e0d9f741aa39dd3d81db3111cd00a11855da5c28df985718d63b81e4aa1483763b0e169018cd6930a602088fd744b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    396cbf5a2e0a0a3296d7b20005830e00

    SHA1

    68b8e3e937f920ca834536d13dedab59e2088730

    SHA256

    5d0c93cc03be9fe2e509df46f1a6d6ffa5760be70f0b78c7c0706480ec4feb8a

    SHA512

    95b1f7aadf55406254104ea4cd1156e5d2af042fc2639e4fad6a46aef3b3e232049fc3157296bff19b99f4fed8a5fdf3af01bea3a26e2b77fac77f594cbc2971

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f4997a4409279035c0fa39200717a918

    SHA1

    e1939e650df9c3f1829aae07f072cbd8b2f5e552

    SHA256

    9e245595446c94ef3f24c2e52d5b73da459ae3e88b4348680df4987efdbff2b5

    SHA512

    34910542ea1b77f644c421e8308b30379aed165acd509420acbbd89684dab6c28a86033d7baefd963245aaaa294b0cf2fe40feebff23c33664488065f0a2f2b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    df5354d38a1f8c006fe964cd2a0ae0ba

    SHA1

    092498ca19cdab7286127b7357ac64de21ab55d5

    SHA256

    3925364417b87f16f4c6e363496f2fe0a7b51a1b04795c63a0261c74d2894b2c

    SHA512

    ca11c482b634491e08ecd6f5d592f50e9adcac7314f506170613f7b7d142e762b7d29ccfa5f5f3707040a45ed59c8bb3f493a64aa0be6979005a77f6675607a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cc72a1e80c55dd82b3789ad3252a61b5

    SHA1

    f8f7f42964f1d3a3b4bde07ab041631fec625a8a

    SHA256

    64d1cf4dd5ca70e465a0395a0738b340509706fce90e06c6717dbf8b1b82c7ec

    SHA512

    284bf126dbffcb91e23be13054056a1dc55cb8123adca4da3d0c3e9dd077522a2394806705f384d36f11dfbc447754ff8dbc43664fc6c0e9213e0d4df4e8c2ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    fee177e02991762694d65e9d2d823252

    SHA1

    10d8f62a875bff2c02fe35dcf540004aed152d0a

    SHA256

    bb4aa0eb4e6f0bce8845f027f3e672dc5da99c5d19cf76d8472b9886eb979728

    SHA512

    636453312f0a70aa887e9702ca478feb13d0803682c547a52776e4aff6609593b13885c6e263aa3b8fdd4a65283a15f25010dec74ce421e7e8a9ecaed93d36fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Tar2764.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a