Analysis

  • max time kernel
    118s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    25-05-2024 20:35

General

  • Target

    732a663e6d9b10721a3dd7ec5783412f_JaffaCakes118.html

  • Size

    144KB

  • MD5

    732a663e6d9b10721a3dd7ec5783412f

  • SHA1

    4eb09de468460e439ff455132901a92b076eb5e1

  • SHA256

    5c82f9b568dc612b8a1e51ebff18f3ba053ea8df14ac353ef4d3466e8aa34d33

  • SHA512

    a1bbd1b94d6cc99e734cb26daa1465e82d8608dfbbe204fa7737fdaa49befc9f5fffd090b5bf0359052559ae148c9f596b4251ebc03fea254c6383abeaf68f43

  • SSDEEP

    1536:Sy5+8exswp9Cqb8JVczVsEQIzVYlD64I1QL4RG4eHhDbGBJEMKtXSn+kCZcEyjD6:S+wpcqb6VMsAzVYlD64r/Q+

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\732a663e6d9b10721a3dd7ec5783412f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2876
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2876 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2800

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    7734e2f5914f4ff959f5e416fcf194c5

    SHA1

    47c5df4259dd195107ee0c9d89bc392f11041557

    SHA256

    bb8dbf283c8860b118de5a97b35def56dda6afc1f090794f7c47ff8dd45d5875

    SHA512

    e00adabfe41252143a913157505b8eb6a4f250a31087f8d71ee51dbdde7e6b5d8b318f393546c30385d187fc9598eb0d8ccd65beab95ba46442aaeb8f371190d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    37a8f26d2f49603e5a7c9c2097dcf4d0

    SHA1

    f966c6b1d5ef594ef1fd823985dcf71befd1811e

    SHA256

    80760ead9ccb8fb08f233edbbd358317058e9bc27cb184166549293ec3010c74

    SHA512

    6f27c5bfec242e64b3eeb21551d3aebb9826d01f914a220e6d84610d17618c0a4dbcd195e3606458ec312f4088fc2741c6b1a37cfc346157bfd03bfc0ffb67c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    abbda2d3db4ea0bb112aeb6e44d8aebd

    SHA1

    08a606109e31d104df7f89dffae4ffba6864a9c7

    SHA256

    bb45c8e9496db75239a3bf5373b9cef4dd0c3aae77cfbc50709f366a64e54e4d

    SHA512

    107d4888ea31c338f34005cd0c8fa72e1dfeab6fca78ce92df6dd71dfd0268371fe315497855600f23382ddf05af20a87a693a196844d376b5eee4fd19998f0e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c2389c2933bb876642e8294200b6a108

    SHA1

    239cb2ad288a4dd8014f0baee3a414a74431fbf4

    SHA256

    14a7f1943cb00f7b61fae96c9880a8489b59c1d8ce1dbde97970d606ccc12ab7

    SHA512

    cc324376270a18ac7c521c58738d7d348de0d1d4a5b39cd7fa33b874d4e3ccecf0002ecfd1c95a8dc9e4ae41a3771c8dfa365a8e3f8c5c4763283c8aab4dbedb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4c4cefbda1a5c8e22e988f0be380529e

    SHA1

    ba858f3f39221f6ed58ba894af5bc826827451c7

    SHA256

    0680c42174eda530877e8e30b4887474d38f474365c31f0858afe66f4e131f87

    SHA512

    2652a9370acca12f5c4ce0f98a8750d671663a3df7253fd9f96db3c4d2822cd9311a80bc64becf4309dcc6bc93805581e23cfe14f3895caeb2b7bcca222e1c7a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f8f6aaf697b6325f81457dc7c4063665

    SHA1

    96526c1e781138cb62a90554b300cb674c319826

    SHA256

    75ce1cb1d680d8993d690520ae958299e600187fdff24d011b88d2014db2b9bd

    SHA512

    92f5a0a2de6cd2603f4bf941471f000ef79797bfcdd7d8ab49aef36fbdff63d5058c98dc4b1eaeb08a64e6e93e79b3d43605e2002277d74ccf152aa5f728a4b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    88643a81cc39ff653ec52c5d0cb75b59

    SHA1

    dc0f4fb0c5ad0512de7c539a20bb6e002df3860a

    SHA256

    a23cf5a5713ca80015c278e91a35cddea792899372ec23da06ab59401bff3aac

    SHA512

    94918ad858b7bc023cd789b4d7c441d081dcdd68aea92d1e3e41dc1f3637e8579c1bfb845214053c0a3a94e800161715ab665a2cc9d78a42fc2c342e879d37d0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0df3e7fda08bcd77b8f40876e9fd3830

    SHA1

    1a20ccca9d055ac3a9fdf09c7910cf7e645657ba

    SHA256

    0b0dbabe51fcc7d4fc41cb042d3110804736ab808f881ce19757c19e435144b4

    SHA512

    c8adea051aa8f6614606ced4ec7b570b3fedd4f4076b675a8184715d4d4da584f48942c8e66947143a22047f4e63f9d9f0513d112e47a1dabe0a5969d2655647

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    111354cfb63183674c679e5d96c8c7e7

    SHA1

    edbe3fd93fac31111fc39259e9f2b05c4fceba25

    SHA256

    cb5b4c627067c9e6b4c11608bf9a6964f9e4619f00d9bd2456a9c1bdd77d189b

    SHA512

    1726624216cf523412a8593c75add6d9c219594315c2228c499e0e98248d23e36c12a866a79052bc4abd1f185f043ced316ea845b8e7df95ec730f6088c743ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6f0c41e5571c6f2d514cb8e59995d328

    SHA1

    088e6655b1afae00f66f277cb073abe5e81c26af

    SHA256

    eea80f0256555e91dd606dac7753071a3c455ac0ebdc2097e7984174ed284956

    SHA512

    de6c99da680cc5a9e8cd204f5f139be7f4bd24d4dd5470c5ebf3578e2f46468959fb9697d5cdfe836fbac33d9637ca5369e9d577230a04afbf43525aa477195c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0911f8d6a83e28b6feaf1cd10b35f777

    SHA1

    86c2e6989d9f2db84fe85544e8a20cf9110bd62b

    SHA256

    54baaec780fb867895688f9a3bd535a7e43921706b1fcc573f5cc15403725a65

    SHA512

    f5c776aa453484238c9bfed0bbbd57b041149d7ccb9a1563571fc617f63593f127159c71baacabb037b7f3808dcae3362ce47d010e8e06d02f70ba25280188bf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    502927faa0088afa2aebd30f07bfafdc

    SHA1

    0c0db414ea8826aa9e913d865beb9bc673d0a0f8

    SHA256

    8a130bc6404806f80833d93f22048e009c30efa75a5761b0ac400e7a641b551e

    SHA512

    f10330675060e18cb33e6d1fe069a1165ba15bfbfb60dfac3fe2cc8be5a5ba7d21696b25fcb97082f500e1ae8991d227d2b208a638bdcbdc258954cee7f5e10e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f95de44e51e88580f29d7318c2b38043

    SHA1

    d2cc8c2e7b2db4eb2f6f2c4bc7119b88c67f6886

    SHA256

    d7d4ddd57336be3a037568d7363e2e981e183c59a8bf20ad5a9cf1dd6132332c

    SHA512

    3ee4250e2a8193db449b156643b14d4443d273ddd0dce16e8bb839310df266c0c41cd6fef6e85bbca8c824db3f63dc5b4d69c4bde5d41bd0d38ce74db1d90694

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d26bb4e2af5a6b2b2a417b3862067601

    SHA1

    00a211ea96b24d53ba2c09474da056a846b9dedb

    SHA256

    8131840929ec4fd8bd69dd17c34f900f9b3c9a68df146c3bed8f6b5c91b9e0ab

    SHA512

    08fa795f9066d74ca4d55e40fe69efdb605240691e54e6f5f69eea97b3c1ff3655492feff442d1d5eba3360f3c1ffb19a6a6aef14d9c2af575c6bb46b2720b36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    46ab85d6763e0239030c9eb820c999f5

    SHA1

    74f19d03b823bb6f80f10b89fc6e82bc0ec9910f

    SHA256

    2f17e5d291b365546dbe671e5cb99b0f959e90b6db023ebdb2a4f7f594808c6b

    SHA512

    5b37c8d5eaa7af1899fdbc276273b2cd0fb06cd092348d3865553bf37ca7e98d1436f6b8359375a7a542228a86944f3a7f5c58ae95be651f41472c8c0109f231

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b4980b4ada0490ceab031296c29f9e00

    SHA1

    ccbc53ac1dfcba9f284e61cbc939ac1c452bbe57

    SHA256

    d9184221d35282b08ae79531a19dcdd0248af682dbd0104f60b8e44ac6386908

    SHA512

    5110b6841569b4b61110aeafc1ade4add4bc914288f683b728ee0d82abb4044bcdfab76b2f72dda39b5be7ad543f186ea5ec8f38a926e356c373d1a2ffe957b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2c03bb687db34d8f323b1bacb56df0b4

    SHA1

    dcce8ae19ef124812c2873a7263f2e1fe15d408a

    SHA256

    8ff68837272886f6061f948882a3ab9fd5227671315bf467a3578f194efef7d5

    SHA512

    086fead07e2cc0c17412dad8f287f2f3ec0c812e07e52a35635a222af3c05c1360cdbe5bd842c74abe5cf28f0e24470dd158b3d4093ecb2c529d3b685e63bd00

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    82adee9d90de0719a150e9ed89b1c74a

    SHA1

    077eb9322f78be47e4327b668de9d511163fa1ff

    SHA256

    a036bb49cc907a10061de0fb5aa254d591d91521cf913a7ee8a8978c2a24b3da

    SHA512

    f8a59db907014b8d3231d48cc6f5f6848a63ac385c91867cd83d0793eae2653d814649c8135a9154e669fb580b0ca262d864788dceb1913ec2b7179aee1ffaee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    75d9cdf14c619caeaeea2e7596c15646

    SHA1

    142d7379a4760334278d996cd5b61ee07b3fcb88

    SHA256

    01ebb4b2939bd426c3d7cfa911a52329d6c2c1d88d156cab331e390f56de7c89

    SHA512

    58685dcbe80132874a75f08c90e648b00575595c6bac3885c24945e9f0f46f3df4d97cd911249e140b01f237467ca32c25c22cdae874f542bd978661e0b1811a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    2f48f6c21e399c42f907b3a8838745c0

    SHA1

    2e01121170afedb19f70bd2264a0faab84384077

    SHA256

    bb5bfb72f43981e0f1697dc39db49dbb59929068f2e25f848da2777bb3d711ee

    SHA512

    127e1318e1a8085501d81afa1d3f6eeec9d37f7965315bc08c92887177e35b343ed8fe1f6b11024c280240e35c737ee4088deb58901fed9529089efd1f8fbb2e

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VIF0OH2A\domain_profile[1].htm

    Filesize

    6KB

    MD5

    28002ce60f99a4e81e811bd943c550c6

    SHA1

    8538cd10dd088baa2867bc7d5deb1c16362f50e3

    SHA256

    a89dd7d39917d01c9450088cee2774c42977417ea26c12e97574f2c1852d0b7d

    SHA512

    7960436c99dcb5661ceac9e8aeb233de33779914d5e69189739ae9582063e2e881a77ad0605e57f683d551882e392001f83c41c3a3461cc01160b3840bebe18e

  • C:\Users\Admin\AppData\Local\Temp\Cab3D9D.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar3DA0.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar3EEE.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a