Analysis

  • max time kernel
    144s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    26/05/2024, 11:47

General

  • Target

    7560a59168aa800bea876d951b33ea08_JaffaCakes118.html

  • Size

    46KB

  • MD5

    7560a59168aa800bea876d951b33ea08

  • SHA1

    d0d67ba86079136a64c7625fd9a79a431762066a

  • SHA256

    9e6666327c7f1ede8abf19cd6d6b001d0191dfb89ddb10384a44c356374fdcee

  • SHA512

    68d65bad13d52a8c7b7c83262cd9347f91d02b9efd518334bf5349c36600202d761ea8ed0a7cca66a0a27e369f62e865fef5bb21511debee493467ce09a63404

  • SSDEEP

    768:9rKapHvvCIooNXI3QVuMz7t7ppqv/6HdNNgV99:9DHv7oiXIyRz766HdK

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7560a59168aa800bea876d951b33ea08_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2132
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2132 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2080

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

          Filesize

          1KB

          MD5

          be3f0a04d543b64dfc8f405ea4a5505b

          SHA1

          897b54fc3338a7d42f3bf579095f061da3eccb56

          SHA256

          90bd14730c49d9de6f5d78f7d2f744b0645a1f018e44877b83c6bab81d4531a4

          SHA512

          a0d8c9a7e0914cbebc67773a7acee36090c9fb0cfcadfea8c1cb606ae060d227d5cecea379b483fe8de91f3a2e6c5cdf4141f5be6979444e974ff1e3a24682b7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

          Filesize

          724B

          MD5

          ac89a852c2aaa3d389b2d2dd312ad367

          SHA1

          8f421dd6493c61dbda6b839e2debb7b50a20c930

          SHA256

          0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

          SHA512

          c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          08cdfdebe1af2cc454b80461683bd729

          SHA1

          8261f579a77baf9f4bae13abf44e2f6b1c8a6021

          SHA256

          b7a189966dcd863d5a5bea27930c0c7fb2bd3fc6efa74534950f540b35a385ad

          SHA512

          893bf3d3e0b66241840384884e6aa02bc17c962fc2dea355d7ef991b513dbbaf181de51d5be83f618c85ea89e27f6bf5f6796e1c15bee305436aa1ad4d6c3a6e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          61e2d0f576ac67aeae13e6b48a05e427

          SHA1

          68fb885207070ec3e05139b0c046c8db163362ba

          SHA256

          c596a916a0657818856c5cb0df75b44454c47ead8c9ade2a7149af624507e0a4

          SHA512

          117e7deb029a72d257e71fbbe30d0475ee63939d268b79813d574343739fff87d5d9063814e43e58aa5ed910d494365a32115e9a281ddf9ea9e71132633b24ff

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          caed602e789d124a8d4db2c0cae67085

          SHA1

          e41fd6c7815484be34d5dd8ddb04d8a0f9c14e87

          SHA256

          d2999c19c7b1582729d01d13269ca4e3a3e93231194b7a3209e1e7e668e71d4f

          SHA512

          030d2e58c9d7c4a4d30044cfc2ea2cd930160f98d65c166da0d9008b30660e172ea1457600893a89cd36f8ab95aa73c334fb7da988a09a9ae6c1cf4ea5945819

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          9d3e496a0d688e5939dd86b9eaeccc8b

          SHA1

          e4dbd23ac0b44836be986e058ca34247b5133174

          SHA256

          d8cab50ba9af308bab109d2768a5b0284f6eeaa4c7567e05d5a769325c6b3fe6

          SHA512

          119870572f52a05f331214da57f2e03389fcdc19db973199a550b0877c933a95026925ad9c533d3024cb34b93a4901a1fef41b17822e00cf9a48b27f9fddea42

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2f27941a137137fe2cd023ddeb4fefa5

          SHA1

          9f2f98eabac0b58f6a0e1b839ceee498e23d7994

          SHA256

          9e00996f7bc341d5700f992ef3daa9052645d7638743f650e8e00c9be3bc780f

          SHA512

          8940e6f95b652267faf9fc65b263363a158efb8ab682d8047045884816101873d00ab3ec36021a51677c89a806cb09c97ea1a0ac15b36860839aac40804509d4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          eb96d6737ef70a0ac0c623a5a4c607f0

          SHA1

          9a3f5fc2c04c8da38547ca63991767b061f61fe5

          SHA256

          31bf63c0abdce144818ef9b9719d90f3c056a78448bafb5be933680c3fe55494

          SHA512

          2987dd073f3b0f2b9d7c654ef0528b4a69d21aaec317fcea98be94702844f351c48c21aa7c3bd103e6b3c360a7d504d35e87653cc6bd9fa1829ef3b4d7b35ea5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          549b78af0c23203eaa2ec7cf0a70866a

          SHA1

          4c1a804d9a28c1fee82cc4e5438fbe741543c57f

          SHA256

          34858a6ba7d36d436a7125c0a1d48775203961ae991a9947dccecbe2116e5c90

          SHA512

          a9683394e2201458a273d8772cf8e3939681930409ee762fcb0bb9e8ca4fd1d56ed01a18d11b118174121cf67db644dd5e3512dec780bd1bd22067c69885f4b0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          92b2415ab389a0aa214f707dfbb958d7

          SHA1

          9a401c5dc98605a01ddbea6154c1bd59cbe36bee

          SHA256

          373127a06208dc48a630129787f31d779754954bc8e63c6a45668b53b61878e3

          SHA512

          8c91b7372ad4835d4d7884989bc248646d2981cee2fb17c32d2c76885ed0e8eaeb5ca4a72fda24677930484b317174835498bf8e751dfeaad7420197a1c6d98d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          53fdbe087e43c3a98dfade956723114b

          SHA1

          9a847f42b821e127b5aa4069c905d01f4f1b418c

          SHA256

          34df6ae644c54260006c3cee514249d8c6c010adb012cdc6c8ca9c8d1d715d72

          SHA512

          21f87f8a1f422cfa3595f0cbe2013f5f006e0531498809349842a6cfda7c7a0eaa942aef0b4da3434f64792ab2bcde2986fb5ad761e1ee26c55f811b7c537c9c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          24667d8e2a2ac1ccaa20884927637744

          SHA1

          e42f13e76ca150929e55e0d5b961ae9fc59b7c2f

          SHA256

          a77c8d10275098e986a2dce755ebfc5ff4954705aa7eb233b99eb827bb1eea15

          SHA512

          fdc9fdfcfeaa310e901573be3ceab149a9aa78fdaa07ff40f4dfd7b073fafda7f51dd4bfd1daad590e6509ef781dd4eedd0dbe339e338f66498da9359ade396e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a26926bf09487595d850a32c953ac28c

          SHA1

          38a268c380f8a15b5eb588d9eedd5cb4d6cf8be0

          SHA256

          78bf8d715ba447f101ef82fa5e34d7079668f64fa5b94eaff29d4396c8957202

          SHA512

          a1cf2312b57b0e631ce7a4062325bed3b82e3ec76e89526425514170cc93c129beff3df6a3f32fa63cef29648d3e4b53e29eadb99f0b35c86be0a83d0c2495b5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          0e2c8f8ca9ff64862df0af070773f1cf

          SHA1

          2bf1149e797bce87da2bc519e273ae596bef5d49

          SHA256

          00b74fd5d73b7e9c13660f09b5f5a60f073b535b13d9f6019c386bce59fc7b71

          SHA512

          3194e52b9e8d19a88909a055ba5d50840a74e15ac78f1cc644c9f4cca07d98089d0cd08a30e92d452b7cb5a5746654344074d4586fa5ecc24205be49736223b3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a4b9e5639b5b454e8400a7784eade3c2

          SHA1

          3603a56f724a3e5a983079c4e112a1fed09855a5

          SHA256

          d0ebc5819c8e417f67ddca064691492d5906a9c0a484bfced271e4ea9ea21075

          SHA512

          4e7c582aa707b60536ba2c5e93371e3e40e11bfa8464f5bcbfce4d027aaefe9de5872809aa32372b64b12c31edc45d9bfb160ed7a00b38d9a914dcad985af071

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          89852e0a467d0c049e66a4fe67b35cbf

          SHA1

          6f2bfcc32070c70d5ac1b59b9036fc0eea396d68

          SHA256

          011a8267868c0695a308c59da1f79709b896e963e4c85a78ab561d37b854b60f

          SHA512

          70d9364d7e398fa3e4c70203a9f44b89533d196200e787ba757304ebc394214fa304b53073b13bd018ba4857af8da990a38b93f8c12e39c2648f30f55951a5da

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          453a612531183189db237e068e6d5d00

          SHA1

          8d304274c7163b2f7494d105eec2c8d4a3734cc3

          SHA256

          076a31a50b98cfddb40f3d623228217aeca65730969276884f200afc63c261ee

          SHA512

          084294f34cc638ec4093421bd5969ffdf1239a8d2c224f15bca01ccc3a3ef066456a01b84dcd5194d09106c88cdb023d15bfe69183e72d1e81d5b98dabfa064b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b915a917e5f37e529f54c4dfe81d6d2b

          SHA1

          c28a544fc116ddb4e9009d9354e1b5dc3e311ea4

          SHA256

          f690f5a2912a1d543a7b6009efef4934fcea1a741ff8d23db7a0fe8631ad7ce0

          SHA512

          199d5dfd33e4ac3e0cd9dd56584d51dbb15ac5e5b7771865dbc35206e9bae7b7bbec782d99ff168e6b8f6a7832376ba2a2aaaa99fc1cec38ca854ca9206adb56

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f07d14db3c7c448a9ad3e24a41f683d8

          SHA1

          bed42a63f17c5aded241307da98e6cd4ca8c3ed8

          SHA256

          91b14f7aed8f4d974d56c5e3131eee631f94c27af0f85f4f2d46b86007a2c159

          SHA512

          fe763c5063f2d8f1d101b47ab25a7ad7e0c34f35dd612272b10dfdcde1dabc4f459a4b024b569619e52d2db661b35edbf17a19b3e2ef035ea476e37ddff44dbb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          94dcba17cfb01999595a9e7626ebac66

          SHA1

          8db954559f64f2a68b64895c5e197d2dac06d94e

          SHA256

          b9391adbfe5dc6ef16f9e5c7822fa0ed827f1ad07f11843d9cf979c2f78daf1a

          SHA512

          057e30189fcf727dee214bd2b108e5c482fb4e7bfa8098af79f1fd6a02b73b469e76ebd5e91074425f8d9deebd4817ed32900686ea87684f98e6f4bc0dae365a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          837f96fe47be186e3f17cca4bf091ba3

          SHA1

          32c5fce8835f3a0328f2a610f1e20b8a2f244520

          SHA256

          cbd7051d4d858a37812e58cc1ce1133c02a66ced56422a31cad4c59c7ece399a

          SHA512

          ef46dc2da3f6dcde4c45ac4bd8a34410aa5795953385d6e92883d28f3fda96cde9a26c97d997b579164a9afdda093bff0fd7d24278a54dac6dd7b96d1856a6b2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d4b2cca9195c201a43b3187c4bfe0c09

          SHA1

          7515ac611bdf0fc9947c596b5f1e1fdc29fdde45

          SHA256

          c3925f3acbf8be2354842ba4a5b87437efff387b5c39d4d55ce607608d0b3405

          SHA512

          8df34ae5b68c37d16f3aac297fe20988dd229bac8655082f771ed2383ce46d229f0a61cff4a37b4fcd689a24ee8c83aeb93311ac6d73f795a1ab7519d3661c26

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MEFTDE7Q\cb=gapi[1].js

          Filesize

          133KB

          MD5

          4d1bd282f5a3799d4e2880cf69af9269

          SHA1

          2ede61be138a7beaa7d6214aa278479dce258adb

          SHA256

          5e075152b65966c0c6fcd3ee7d9f62550981a7bb4ed47611f4286c16e0d79693

          SHA512

          615556b06959aae4229b228cd023f15526256311b5e06dc3c1b122dcbe1ff2f01863e09f5b86f600bcee885f180b5148e7813fde76d877b3e4a114a73169c349

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MEFTDE7Q\platform_gapi.iframes.style.common[1].js

          Filesize

          54KB

          MD5

          7ef4bc18139bcdbdd14c5b58b0955a67

          SHA1

          afe44fd9a877f81a3c36f571c0fc934324c6cbd7

          SHA256

          192bc707852c5986f930528442d88a79e5bcf4513aacc2b722a3c5e964501838

          SHA512

          6c2920e80e4d5059588a32f75bc2b5dcc19f8d68224c0935d74f9fbf49476ca5b1ce43c279768f3d36871dfcec39f36db3fcad559c2f93cc540154cdbb04dec2

        • C:\Users\Admin\AppData\Local\Temp\Cab27FC.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar287C.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a