Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 03:02

General

  • Target

    7f4b31d288007a99fb61afd00abe4004_JaffaCakes118.html

  • Size

    56KB

  • MD5

    7f4b31d288007a99fb61afd00abe4004

  • SHA1

    6009292a077db77700688343475a80344f624644

  • SHA256

    1df0f5087850e3e0e25e149994203b19e5a09653484abf144c1abed7ce4743f3

  • SHA512

    eee3ce612fda867f9e9ee2720de8ff419d8f6943fffaa5209a02817a9f54a7d39eb0b893f79ce5a0e540eac143e30a51fea9e67d09b3f2ce92102eeba8e625f5

  • SSDEEP

    768:MafS5y5CCLw9AEQIUFzARuazn/BRghr3qtXnTyyGJT0kG2S9N:Lq8UCLw9rXpznZM6t3Tyy40ki

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7f4b31d288007a99fb61afd00abe4004_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1224
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1224 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2912

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

          Filesize

          1KB

          MD5

          a5c01f337cdeb7cfea1fa9537953788a

          SHA1

          4a424c3abf07b4169648765cec1e1d3462edd3a7

          SHA256

          f226294a247fb8da33cf1868a83ee262f7831305b86f5f3dd5805fbc9188d042

          SHA512

          9e48d9738c65450423ae773856c4d708bbffb48e0b047cf2dec0504bf8becd0f75a95587efa94743525fb3e4f6364760a1cab755e91c0b59fd6c97714b143ede

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

          Filesize

          724B

          MD5

          ac89a852c2aaa3d389b2d2dd312ad367

          SHA1

          8f421dd6493c61dbda6b839e2debb7b50a20c930

          SHA256

          0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

          SHA512

          c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_02C4C6ED250727F9B08935C0A9565568

          Filesize

          472B

          MD5

          ab717c7b6b80f3c0b144b959aae3d0e4

          SHA1

          578fb3f595898df0d21f22704fed7e75fa780c65

          SHA256

          c935ad854ace02c1c74ec48648a46b5b40d8d5877bf44ab8909356e2bfe965af

          SHA512

          60e579023b4b77f4a652a53e96c1a30968d3a54ed5e92316d18c90603ee7a469a9da544dc55c6d6198c9065ee6b89242e47ee1ad1d9b5785677fd9e2be4c7ff9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

          Filesize

          410B

          MD5

          711e82a26c57df6a276149b6d11d8ac2

          SHA1

          6e65073e86595bcd51f7e3bf7f38806b6aa33d1d

          SHA256

          e0ef8d6542ce52faee8d3832660b7cd27954cf7eae796964c6278f4b55800462

          SHA512

          3e9d6693fb2b0523148e026a1e8bb993620c006acc3d7c5435281eb63dec175e9ea33ce8233bb4385d2c36c0c31f124eb9c7fd1f26a5ba31c5495b7b800449c3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8d8d2c8dc14e91b29a53d7197a107070

          SHA1

          027fe63555af8bdc710a68ffa50a29fdad6113e5

          SHA256

          bf7543e5c2f0aca7bb4e4c03e5e9483ec3eeb5e4f7a2165a3fcf83ca573581c5

          SHA512

          739294751ea7cb3b4fff192eb34bd88d7a78685878d11bac04bf710a758ff6620decdd7d4e34b27634577996313155db857c46cf52f87aa514391d5eb14cf270

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b81056db6d0fb6f388eb139baf82da3c

          SHA1

          96753546f0fc5f836756904ff4954f499ea3e34e

          SHA256

          4f32e848450188aab712202182b9509b229e5bc8eeaf6aa897d5e5b34abebfff

          SHA512

          108a762b4c9ffcb3503e3e2c63ceae493fe668143291b59da6df06841a848b9b6abf87d937f5284cab7d280a8142bda9bbc155963b5d2bc835ae9b43c2a2e1c8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d8a1584f84e92e22411bd42931e5ee00

          SHA1

          ce5493d52d3ec6a4f8a4f92034b2143ec4c0b17d

          SHA256

          157e02d47453fe2b3fd3caedee7fff45fd9b8d6e14ef8ce1ab94b770b8615c4a

          SHA512

          770b0ece628311ea8516547e0a8a1e09c9264bd1e476bd5c7555e54338fddb841e3b4f602805d94b117629e1e8d4f4ba22ec8bfbe796c9e55f577e0d5257b27d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          45ca1f64521a36370bb5556789eba1f8

          SHA1

          2093b4754b820721d7dd67184a96686a7c003599

          SHA256

          56795f79729b3dac495714ed8d367315a195b1d63046130fb4df20fa3b4f9866

          SHA512

          1660457516e36555382ad64c65cadc03c83c9c311662cfdefc3e7d8119230f54ccef3e3c7fafe09f3475a75b7ee14ddd35728e561931a88a15ed9ac90ae03e45

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a137df9a28dc662c704c52a1fa33f8ff

          SHA1

          5e744821d0458f71f5feb937fa7811d104494149

          SHA256

          73bdab29fed30f16d2d02987cba98b397164f0994211bcab106c713a3a52a5d4

          SHA512

          dee9ecba8868745e9e71bf3bee091375a080e9e130475f6f0753201bc997e28a61222325aef2da92cfb001688e9597221f9b9e8c4d16542749e602544aa970b6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e472ce7e909c6a9344c22709839e0aad

          SHA1

          057c932baeb05dd4deda73898b81b0bf6c8e6cd9

          SHA256

          673a8f2e20652941b8114789c28f4327a73de8957a23a97727a0339277938ed1

          SHA512

          d389011211d6b7502092c53415e65d4c1c16467149294e46b683565dbe241b75117bab811517bfabcd7eb56cbfb7d218dd2dd3384047824a7303aa8bf239ae7a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          df3f2c1f07e5df1409000ba5197b7e3b

          SHA1

          d07ce2a68262ba8a64971adda0b74b97386351f8

          SHA256

          7eb388f567bb94128e1ebd10029811bbc293c476f9beefc4ba6e0d7b91d8b5cc

          SHA512

          5e6768fec001c197a3e39581f0cdadb690ae1601c7007775f4e2663a4e01d44507f711b39c300fc3fae62519de88994aad38d1335eba5bcdb717fc0e7894ed6d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5958e18d43cc7576827c29b2b713ae58

          SHA1

          119819fe4ac2fcc488eb71201d64e34edad371aa

          SHA256

          ac2ee1fa6c6bd5b3247a8a900723d12b4fb3cac347101b5876c55b89c1418b25

          SHA512

          f11eb806c689c6babc28709e5411153dc9dff42a58fea4fb1b817df7909b3282968eb40830d3ed7c323068ff26cf6b12db3a5b735f5064493f77f42b3be6400a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          516b03391e82a264d0c26ec9ab1820aa

          SHA1

          500ddbb1056e76300117730613c1bd848796f311

          SHA256

          9e6ad19a52a440dda015b1fabc63a1ae1356fdff0adef4df390f5e0a89d9014a

          SHA512

          e2344eb82f5f181b27726fbb89ea053a301ac327ed018c6fc1efc819237fd796a0b3e122003b3004a219d75461f4e7343ddd701277145b79b6547e16e6b363aa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5cd22a0efa648255d3daad2758b5c686

          SHA1

          3606f7f4987a7c8a0200f1cebbd8859ffe40d88d

          SHA256

          fab2ecb2b72069e73234ced07908dad9d2f31ca8f863384b55ca9a6f98b37818

          SHA512

          72733e77e85ef9f063921434ec6e621881fb54c06bc2ccb8bda18197f894a0124efcceabf7d91fc8896eff38d5259ec2e5384a5de1e28cfdf4d1b1e1b116d961

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c51d30c586f39d666c25ab15fdedc822

          SHA1

          f2750ff96dbd6cdaf3888d1d180a1ea2c3e61fef

          SHA256

          26670d3270a02a39f9470a62bb30a72a3ed53d1fbc39f895727c1f7d76e398bb

          SHA512

          f7351b862bf74e79bac65aa79e5f701262194011039432debeb857f5933ca1eeaaf0be5a35f84937616da8e5537500b63730478b3b7fb8247f6ecad627d3368e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f57f82a9a31267d96a21b6b0c0044432

          SHA1

          a339bc22e8028c888e878c3db4c2423d8f7f26ff

          SHA256

          29bb686bd84d5c6cfb3d85be703012731f83c54ab4b47eb1bfafc43662ab3f15

          SHA512

          905a412346be38e4134b00e702fdd3b4ffe2624ab19a18101f31e7d93b8ed58e20894910db52d40a58f48f145933ec7b2b9df348aee02ddaf366e6fdb6dcbcfc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e7bd6bec9e1a6bacde707e239ac80c7f

          SHA1

          057da4d747d10f97caa6510d85cb8f81e2ef7b81

          SHA256

          cd2e79eedf186d61a792906ed6015d9903598be15a72fcdd217d89158bb353ca

          SHA512

          b9713bdd39b52fbba887a5bb89e53f73f24af2a62734e118b66a5da51366ff4b986fd0ba0a170aae20da4c59c739571b0a7980b37e374a8a8439c44b932a5585

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9c4bdf700aea14f738ffe3fa24faba8a

          SHA1

          e3295c167f7b1d760fa814f0f76664e9dc66599a

          SHA256

          b7d44ee96e0b631c5fe99b1e9e3161dcdff7fc6907403e8bc36307dd85765c86

          SHA512

          a0d33971ca62484549e990ae607dc6b9dbb7ea0aecdc81b17ac8e806c22d0b93b45fe51f46e121227d28ce1328bdde0c8b3fd8bbfe1a407b4b4267ffee4eebf4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b3941c4b365cbd165d92d8c0b95fb223

          SHA1

          53ac188dbd1dfd192094a603383029e51e59c45e

          SHA256

          7feda926ede314aa8bf7e95cba26ea513a86703631cc292e284463839626ee1d

          SHA512

          d429f3ca56263f0f90904308420caf19115ae2367b19d3c207ecabfe62b438fa406a38a84bf4490a843c6c5add8241982cc1bf9fabeed19a53d4231609995d55

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2852ba3b47e02141f5cbf67a433111b2

          SHA1

          cfa007533696ac2cb7b0719f30f150335a25fe5c

          SHA256

          c7f4b7068eaabcf250b1c9ce775b718af9d69a3e5ba7a5338069ada4cd71aa5f

          SHA512

          5f18f08b41ee880bf7efdac55792ef3e9f520796713bef94d8735a5da224f3f93036ceecdfe9c4ffe2cd19684274267c2b530d0be45fa57233bb34893c01a59f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          23e2f3033f8f5dee2c6012fa6689a29b

          SHA1

          2896bbc609645933f8fc34835c9a2dae4402eb78

          SHA256

          41cb942bb0d168421566f1137e51421b0c3506c539390457d7ff1046b213d0fb

          SHA512

          6a55453d37307a45d4a02ffc90e28c5df9ea7ac331637f5ed19deb82d1045a853e7040beb74f43ee7593d7abe9acd4c2929e765ab00479ad43d25d442a0ec03f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          aabf6363a5c6359718a2d2905f840659

          SHA1

          bd37e598c98a4afaa2d61012caafe6753bbac451

          SHA256

          1585896ff7cd12c000f3d9f268a1ca213a0ebc2aa91adc27d78a01184e3f8646

          SHA512

          97179d8bc9400b8c2b07bdcb93460bbc1148bf52e9316d2df180157f40b5a4ffb36091a0f5c68c5cdba636cfcbc35d5d4983c2df48e4b20c547835a868b8dadf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          668f00f074af62ef93e11c94d81a9849

          SHA1

          180e1894809822938848c30fe75fd693abf730a3

          SHA256

          56e18c890b14bf094c93c56da11207a2611adb7a01f2eab4aff0de9e562344e6

          SHA512

          a1bb0cffac9d00f9e6f5d42cf3943251c3dd820a4d4a4e7ea7cbd63a6f45f033cf88d108d821cfb30c0703f2feed86b0cc196db7aa8b5ce36469dcca0550678e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

          Filesize

          392B

          MD5

          a84772dc42eef2b60e7546b014b5907e

          SHA1

          8245d4de37b90d207d26d9d0c1a2ddc925cdca71

          SHA256

          78e144b9eb48fe5c3763ceb173c194566f31d45d986fbdcce77eb990acd11749

          SHA512

          f81017718f6803d9ac44a1f0ebe6e4bcc3646fc655726d7de0b85262962185d34f043c022b05532a7045f06fcdd78256e50ff67ddad23b06cd3100cf9032226f

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8SD872Q\cb=gapi[1].js

          Filesize

          133KB

          MD5

          4d1bd282f5a3799d4e2880cf69af9269

          SHA1

          2ede61be138a7beaa7d6214aa278479dce258adb

          SHA256

          5e075152b65966c0c6fcd3ee7d9f62550981a7bb4ed47611f4286c16e0d79693

          SHA512

          615556b06959aae4229b228cd023f15526256311b5e06dc3c1b122dcbe1ff2f01863e09f5b86f600bcee885f180b5148e7813fde76d877b3e4a114a73169c349

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TTL9DZJ3\plusone[1].js

          Filesize

          54KB

          MD5

          fb86282646c76d835cd2e6c49b8625f7

          SHA1

          d1b33142b0ce10c3e883e4799dcb0a2f9ddaa3d0

          SHA256

          638374c6c6251af66fe3f5018eb3ff62b47df830a0137afb51e36ac3279d8109

          SHA512

          07dff3229f08df2d213f24f62a4610f2736b3d1092599b8fc27602330aafbb5bd1cd9039ffee7f76958f4b75796bb75dd7cd483eaa278c9902e712c256a9b7b9

        • C:\Users\Admin\AppData\Local\Temp\Cab5091.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar5094.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

        • C:\Users\Admin\AppData\Local\Temp\Tar5117.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b