Analysis

  • max time kernel
    141s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    27/05/2024, 18:30

General

  • Target

    7a17f00a742a68ab27493c4794cd1706_JaffaCakes118.html

  • Size

    93KB

  • MD5

    7a17f00a742a68ab27493c4794cd1706

  • SHA1

    b15c23c6c63d36086910ca602fa3debec6e689d3

  • SHA256

    4526ec0525bff3057178942ae962a1487a4c82ff5ae664eadeddc1f97c8a5a28

  • SHA512

    eef868026625e502b7aa421ef4c336ca4bec885132bd49700b0d35aae68eea9f7be3df5492df7bf3f68fb665f20471dc9949148b64a4d18260b6b5fbbf640e26

  • SSDEEP

    1536:zD7O9mZElwGBg/e3OYw6sBgrFdTFBg6r7gb3sBghadUM1FBgs6iYBg76TDLg5Bgm:K9SElwGBgmOYw6sBgHTFBgAgb3sBgtMF

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7a17f00a742a68ab27493c4794cd1706_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2040
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2040 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2312

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          49cc61beb2a8c5659a7b9fdf76a13bc4

          SHA1

          136b5279fbdd086a02f1ebd3e18fab4ad2854704

          SHA256

          38ceba421265e9430c22ac71f3f2cf66b198697ef4b8ee0e49175e57f1c0ff67

          SHA512

          ad9a52c43628a52687ca478a18c03c45c8f2a468ee3d15bf8066a3b8c23a7e73514d6cabbde9dca2b83d94813c7a575b9479949ca417ce481b4144f8b0b9e0ce

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          6fb1562c0bc4494bfb1e416301f1cd71

          SHA1

          9f73cb1ae0a51393788bd4e2433f4eaab541eaaa

          SHA256

          ca6c41f1add8b67954ea434c6c257a45178ad757703a5ee81725b13e7c11352d

          SHA512

          0948a86dd12499c5788bc598e5e865b06c91498930eace6d370e4799575a3fd2abe343a699d30746daf07806d7f4416fbab67c903afb484099e3746cd8d05c58

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7fd7eec71938298eed3ede65104e4597

          SHA1

          1e2eb13b081c84a460fd522fa19d7fdad9294e51

          SHA256

          93398d9347ffc7aa0beba5304c5d7d9f428b8a93708618a0dc01cd4ebc52b103

          SHA512

          6bd287f7842e4e52b5ccac625cae41d49fc17e9cdab419b48bc6840c3362a31e8d58f15596dadcaa7543c5138a2a0f37c3f0914599e8fc6fc1af0d82adcf8453

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e6bb5b9ea1465b9ab790d0f7bdc5620c

          SHA1

          8a8b4ccb51c4052cc2b260b6bd3fa639a270e4bc

          SHA256

          16a78860a9ea6fd524aa2538f58d123f86676081f3f11518964b8b2e90744e56

          SHA512

          e5cc520590caf0dd2a35b303a4f49d896111361f529f0675950444ee41ee67d53eabecb8a4fd220fb0e0d7d0707897439c49744b03099a3db1875a84d8ec9db4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          76c48aac8b9214d50168046c64bf55b7

          SHA1

          95847d7a1d98336fd79c8c2e9c67f60bce388ad9

          SHA256

          e5abe756bd492d0127d4d4708a06fdae3d9e9ae4a513379dcb7502f91752e564

          SHA512

          215c9a9ade15081378908c6d73734d1e27f914d7c36c6bda52996077020b4dbec1358a21c13f695ae893e242cad047373fd52f03fbe2fb5feb56a506f7b2d517

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          852ab5c3f4d3ecb1bb268a67c1671310

          SHA1

          9234154f3af235c2a3f214c2701c98eed76931af

          SHA256

          af87faa4cbd46694f92e145a528c55bc03f9348be61bf4b40170f92908d7cd16

          SHA512

          4ddb191a47a0d75f90ce5cf0d36a2007313c7d3c74e277a3d24b4272eb2a1eff4614084434fb4ecca88b93fa8bc6e22d0b4de8adf71aac93e620b3fcc48d42b9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5d607d6b99a9cbfc6a38a750335145e3

          SHA1

          834895a5f57b6335b572ef950910a5175add62e7

          SHA256

          20023ac458c5783db66a2e9a8ae14d4450ea1cd1070eae6e35ece749cc8ca7db

          SHA512

          f4c986a173a5685ebbfb4d3aacb0c7eda68a1e2ecdf026c890f143f4897508f14c703536f2ba4cbc6caa35ef9875331265cbab9fa9b1e8d0451cf036623aee3b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          39705e1068c0f88edfcf45d891f5dd54

          SHA1

          7d0d10703bfd61d19b418fa58755e03f7b5c9afb

          SHA256

          214b4139a0719fb4e6d1b229c978d33afc11f80984106b32c4f08f51f3f40320

          SHA512

          39c516e71de1b3404d3add651062f9bff3e226ee79674efd1e13541e73a108fbc8c454598e89798c6bc8f2f9fd455d6201626a7cfe0b568f9c1637ed6c6d7e06

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d4259b479ca59926cf3ef9f1024698ea

          SHA1

          f7866cbe30b9c8cf13a1bef1ce84a1a9c119ce98

          SHA256

          c45e21bc46060dd1edf2b33a5095ce9eb663e1aab023790d3707ee764c8d8f8d

          SHA512

          8e37a9fdf5e0b905fe8fab5b338ba0ef837e33d55b6c0cd446402f8f2145e74b2212d5b9fb659efb615214c5c5f29e198ee3635c002831421f6816a71c8d9e6f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          da75de27599d838ec400071421e20a3f

          SHA1

          8065c9ea737e27789cb45fdc04cc428582c10bc7

          SHA256

          0c4b3de7a12cad331a9e1daf40c5f09a4d82330bf8d4f826123f748b7aeed0cd

          SHA512

          51961afc075878290e0a2d59a79edaaacf1a04ed80c43b33bd9c65b2ce35935dfe33cc35a7646ac5fc62b09fb264a9b9395dd2177b58605d746642647d28780d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a9106bfe29f61ede3c74e55716f3ac49

          SHA1

          002c62ce149221fa58c127ba17e9d737308be158

          SHA256

          3f752efd9d1c9aae452c29033eb0db96a8456a3080b0cb56559a4778a8022120

          SHA512

          c3c507e1410072995d71c3d13a1b84452f68864b34b5a79cf538ed243cbea8f499f36b1e4f3ea138424d531859e070160fcfc8a37707cddc275c2cf85d8d3291

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d0340cae748475b52c8364b2ada02f5c

          SHA1

          455fb5383e2ae71bf1b2b7593750b0960fc240e1

          SHA256

          6f728c5b27f63fb357c5d529b21327374e99dfeaf4ea89cc502689727ae9416e

          SHA512

          d20a6015eacbd3de2115a6ba91528464606ee559472c5d5a0b75c0c30573e85f0da24502df872bec63eeed4435047215a1facd0cee612d1cea97e53e70363902

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7744449913296475c79d068f581e879c

          SHA1

          ebf622a6c2a998c5a68b29b258236fbb2cd460bc

          SHA256

          eca5d1315073f6e6606da5f708fa7f688e61db13049e447499e7810b32158c33

          SHA512

          413e8b21ca2382f0a7e3fb7a054701bd275ba773eb8c6350b2c0df8732ebf4be257c6bbb80725a688c96845c7b2540ab353b9fbe00b402626f2f673831740b83

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          046e028ff81062310d37f6abfaec5f07

          SHA1

          981b74f6b2fdebbbb04b4d80fb7e90822814ae08

          SHA256

          db66f854007f85e9da4dd09b99ad8347d224edcd025c5ef377424d3526c6fc69

          SHA512

          ce1da3a005eb843d9cbb94b5e5c27de98d12a82a1ae4ec3e09386e0678a2ff2c1d68711139490543aa0df9cbc4cc81d5f6a6b9258edeacae918457017dac370d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          2056e0d26da735eadc49f879a5530d08

          SHA1

          0b4f3bf9500030a8b0da95764388c57f15122330

          SHA256

          20b8881e0a752ee67fddc5b0a3fdc57530caf40df84f4b9e401de0306b2f26fe

          SHA512

          29911cbaa274ff9bd654c6ccd6ef3d5b9066ae6223fd04d4c2f87504c7802fd814d97e455072e7878de8f1677b280fea6ab49521490024d3346c975f63f4415d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          94d43d7a2609a4d22c1e26e70be50585

          SHA1

          f3f1987907ca3c6f1c62ee020efa9091914d1239

          SHA256

          d790abbdd98f650142f0dd1a0159be8efced03ede94470e7a55015042fc0bc16

          SHA512

          96a1601ee411d1cfa5c66051675b0b3417b3548155b16c555bf4f379d8ccf37dfd68314204b16025d39316a52a965820984acccb3db8a828217e134decef974d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          575c5ca0572de05fcb10c6dab6f8097d

          SHA1

          6f5c1a4f562730ae67ad818616c3ab5b5387ac23

          SHA256

          d91d754b4db2743d05157939a33ed2a2f4245bbbccfa16a49f8ab35f5041ec51

          SHA512

          c0d8810eb35989c014d2da1c5ea4e2f0cf98a52a88fd99434e5d65cd78c64812f9b435e0cad54c47b0cdb612d2b2ee79a057cb6d8932406359da0eb86c8ebc0b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          41fb2952cdeb3e49c93cf10050b5cf9f

          SHA1

          d0ad40559cc8506713a98b52f7e9f5926072f2d6

          SHA256

          4ecaef2e1026872055f1db702c4ce0802c9c7f3a94d0d8b7830b0e02268b9109

          SHA512

          703c500e1764b675f829159707e4383e1b9f6d086c1abcd4be676e48e46272fbe8c32a067eb344dde30866e3b50ec90cb6424fb2cc1513012192fe10ad1396ba

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          451d9e7d6f070bd0e5298be90bcd70a0

          SHA1

          759b9bdfcba046115a927f0227ede29882a34bff

          SHA256

          0811ac3556edb1872c64aed947affd618a87f3e82a331c421a4cc47f4ac07b27

          SHA512

          5b79d4c271bd25f77a90f9c7310d7667590279b2ef458c574a8cd6bc2fa7574c6a6fcae8e28f20c181d16a5d642b7dd2b9d3bf61bbb148f4d722ff320c321a67

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e535c37e90bbc23ed781d7ea57a1d57d

          SHA1

          95638f91f2e4991b0c4b2e4e474ddac951effa4c

          SHA256

          a0fcd16c83681ccae41601c008a1f1a75c596c5317628bf0b24d0e64fc08de97

          SHA512

          432862f3a3c0ef6fb2a63a0f7fdbd4c8612a69e0619bab7bda185ffbc17ca4d94a53d583155b52034be1b9da3a67a8747845389e0ed8bb4435a1353a13005d76

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e02e5ed4ecf6acff71379978e8417d59

          SHA1

          ad8d3e0fc8677d16f15c77b7be767c845317634b

          SHA256

          1314a33755376662fa5743f8beb54526420be99088c62ef8b6ca1a5d5cb05871

          SHA512

          508ec0087e6f97dd50080699341d0eb585bbed662241509c858cc87a3a0062cccdfe5f2ac10395f329c5a4db56619ad3429b4f6414dd8bf7727d15589d28591a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          b672c22d249f42f29c27bf7bae258baa

          SHA1

          65db2802cd84b78733ca2e4a4d519c1a532713bd

          SHA256

          6052ec740a00cd743248cd2aa48ef1f94b97185015bfd955bf6b06102e1f5e59

          SHA512

          3c8445aa5e7f21049541608550a805e1e07b7b08d1cf942e204203479afb026d09e79ea4183912fe7a905b9d128259934aab0a7b551bdd929167d5e8a90e8219

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OOWQLMJV\calendar-min[1].js

          Filesize

          69KB

          MD5

          53be4d85829221f66232d883e3a327c7

          SHA1

          88f8b450538e5aee6d142192cfd8ba9496ecee26

          SHA256

          e3468b5f1f6d645c2b1a58636286f72d503b00789205b9d9895b161372a90bb9

          SHA512

          00e5ee012e696829100d11a475dbf31dc19e4ef5220212c34aa0898bf9a1398eef32c361662d3a9df4bf5c992f7990e7e3738f50bd7c730d7a4aeb1cc4c709ee

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OOWQLMJV\yahoo-dom-event[1].js

          Filesize

          30KB

          MD5

          8df028d2d3bb6f05621ab23d215ce7ae

          SHA1

          3fbe84dae8d7e5d0d776d2ca166eb06c4b21ef99

          SHA256

          51322e416967b25b9e30eff75661f6d108445c040f91a2b590f59f44e3991509

          SHA512

          150dfe2872bbe9620f08be7fae51d468a39a7b673e01444eacc9f106b5011231f475efeb07c371632380e1ce48c3fa4e529aac925f4daaf91aa43cb4f312df42

        • C:\Users\Admin\AppData\Local\Temp\Cab2E34.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar2E45.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

        • C:\Users\Admin\AppData\Local\Temp\Tar2F16.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a