Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 07:44

General

  • Target

    7ffbc810a725e7021aa4a25d9e03c04a_JaffaCakes118.html

  • Size

    249KB

  • MD5

    7ffbc810a725e7021aa4a25d9e03c04a

  • SHA1

    9a013ae2ede146c2d484e23522bf2f90a51b82e3

  • SHA256

    233e078b3ae01544a2a6b8785dff8e3d5b6a677ce0f063e9634c30b80690f49f

  • SHA512

    166652a14079b22abc3a503dc3b1ecaa3dd5cbf630f472d50ce3e0cdc22289ae88158e6b841d90ae2198f6c95809a12bf84055aca2ebb688693c976233341cac

  • SSDEEP

    3072:SGyfkMY+BES09JXAnyrZalI+YhyfkMY+BES09JXAnyrZalI+YwsW:SDsMYod+X3oI+YksMYod+X3oI+YwsW

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7ffbc810a725e7021aa4a25d9e03c04a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2696 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2228

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3217AAECE20956500C22BDB70A7D005F

          Filesize

          471B

          MD5

          7f5ad6ad8c97e79785f366d540e379c8

          SHA1

          65c12529eec0a5e64128e00d81ba1b2cee3d3b7b

          SHA256

          186a06e51e3114992c0f935fd2c5a66ebb50db079a8d399b3d905f12073a7e34

          SHA512

          81709f3950e368f8a86f52cc64555f53441840337634a33a2d13d4c21047d1ed9a6106cf80bdb54ca1fda18e70b5f0db1fad1a98b13a61696ee974e6f74456a9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_D14B79B440CDC26D7D21C81855E2C04D

          Filesize

          471B

          MD5

          dfe6f83ab868451e5d5a0a423ae10aef

          SHA1

          27a633b172cc0d0cf453e9f1d4d54d9efd0dec21

          SHA256

          c1c3cab4efac73c167cab23220222f55e9c7559e6150014c5033fed4b1865ece

          SHA512

          8e8746aac428a4918f75a0c33a1ea376d230d61be21c506e61c69c68b323a83231837a0471421a166030bc1e0f36094fb3d5095211b035e8000b32d7864e4c00

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3217AAECE20956500C22BDB70A7D005F

          Filesize

          400B

          MD5

          c05eecc3be7a486bc377b5f2afe9db50

          SHA1

          3daa6b36b8deae3076f2e15f76efbaba32e921f7

          SHA256

          61084f42f6f2ea0587acea89cda7f76aab0a24465785c294c2d42c398feb3ed1

          SHA512

          8c2df16a342fcc6d4db4b492b4e85d03b5072aab41ec8deb7531697c99824ac99b65687f3967cc679e4242936393db50435408e94a3243e01d1fae5ce4befafb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          a33c78750ca55b9748daf6a4f5acc77b

          SHA1

          92c727937d131e48421e744887900a1cd64401fe

          SHA256

          9a6864717f6a30b00d9c7753cd5d0cb3074a2a4e70b98d8e849a04628e82096e

          SHA512

          9259080c6e925c865ac2a3196f527aff1daf22829f453b37b322f4c587964172175bb1140d2f1895fb91fc3b10cf6790be606f056646ee8f79fcb21f6b61a9ee

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c549beca77cb555ef417ece712cfc858

          SHA1

          a08b77abb01b7fef18a6c3c896c72fc2f762cfde

          SHA256

          37e7e70a8b02bf5dbf3e1511f2c08cf66f4d481efff2b40496a995f1de8f4c68

          SHA512

          26c10e7ff84025debbf6410d17441db800df878e7d03de01c31d97b5b5498353d98da4df8ce642566b31d2d34abb8c0edc5f91270ca0db132c87d29ada1749fa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4570178c6a50f59c6883a9a24bb4f5b9

          SHA1

          05ccf7eece39292634d425ec3fd624717cc3d7e8

          SHA256

          22346845740ca4e93e8eb39a545ee7e1614b6c0676e1968f725f85746d3b5023

          SHA512

          1d901f66c33c8a6db96ac7bf8ef54608eecf4256d3dcbf4831e23f628150a0addb131a2b193e98fecf2cd49105a76a4f6d0cfdf6c60eb0814c253cadb91776c5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          406a12c93264478f5af8b126ac5ea0a7

          SHA1

          a2f0c1bc852bb915e2910f1ec27ed0a4dc27adad

          SHA256

          8a3cdce68cdeeb0918e70b2af7fdb56cc8e2ac5cc5f1a7a8fbf6b5c144f1395c

          SHA512

          355ca1027ae15b896f0d564f30d3ca8da0af0742946272f72170c4c897231784e1a236776805532fcfbc800c48db62617e4347485e8266e58fff977370e8d005

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7bf26fa9123e115ac7af1be9326154c3

          SHA1

          79fac110f574649ea7bdbb73ea1c50da29d2c874

          SHA256

          f43dd71e48ba2032872b10d88d8558a75a92055d94e62fccd57c8ea855bae7a1

          SHA512

          14a69f3acf7c4756c9c5384de699a855b7d0a4e2e11ae0778b7eaba334cd31539d00298300a8e2cbc55290c71b569c9c94c5e5308ece323b7cbb0c31b88d31d0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          473b4ae2a7b525ef7c261332e23189e1

          SHA1

          706a6bd531e0f020b2e6c6575ecf5789a46a694c

          SHA256

          9c6bbd4a8cc32904ea0c24ac49c4b51d34a822fc94c506da710c90bf31f6c12d

          SHA512

          2d53f0c078f472783e418459fa93f676fd9c1fc7855f5a18f3c0fc3c469237b43b179ed004ffdbad4c253aa50b83fa0ddfc2b0b60234a8125350985c5b6daa4e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          d81a7d8de7990fc5e481dd2a65f315b3

          SHA1

          1b4f491fd55183943d9b61480ecd118196281b7d

          SHA256

          b76bf2a588ef53ec7c715cfd2e01642330b35d4d1d1e4608077f3e44c6c6a5a7

          SHA512

          5d2be25f2230086b42b38d77a3079c450b86c224da1ce3db91797561c3c5d54989789e900a60fc7bb687a29d1b66a233159f60ba256aa3774255217de81a33cb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          aa8ab369a79f13ea25afe1790492366e

          SHA1

          f654f60e15e5fb9b490ae0fbf00925261887fce4

          SHA256

          419bed762130a858022205bf9a0478d3b0b1344a2301759ae89a00be64a85d2f

          SHA512

          ad8dc8503420b357e319729e215679d573e5b727765c94a94a5fb740a52e0df6e9216a9cd55d8debf7cd8be015e4b660552c7aa7ba2ae5ca46084a26a697cece

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8eced405b9f56c710b97c616093cac14

          SHA1

          d5d9ee347cabe2b40ed290d0f24d8bf257d90610

          SHA256

          e5c828ac380be1df367a4ff318efcd75d52fa1e1e70a2a4e7536aef15ecc3a08

          SHA512

          c4558f28fec3134f8c87716c64bad40dacbe3966a197d7f4741cac65e3a5919f36eed2b3ade3a317f2efb468018ce85007cd16bb3897e0645717ff1c32a1b399

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          09cb3a2bae85f93dea9dc024664b87d1

          SHA1

          6fecee9cb4bfb2b72c543e7f40a6bed55f3f750b

          SHA256

          63b697f7fd0ebef63144b92cbb4814d166e084210555b996e71429c9abb9d7bc

          SHA512

          7773d4351e4e0740a0cbcaaf20b605150e8c8a03c3629a14e532a801c3665eb4b89c2f64b3c630297b1ad8006bbe2cbc7a4d345459001f2c7a13a42c59e89ff7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          08ca30144aca16265e56e5649bb847be

          SHA1

          6213074a20a209879564f576ea86fbeb2938ed94

          SHA256

          be2bb1fe3a14ff2ae89f317ecc356b665063e0037c0ac1d76bf64492578826de

          SHA512

          029b6a045b3e6809b1d2fd8f6317cc445a731cc52c9ef1edd94dc7a855c63084c4c6e3b5384b52f346ed8d9c6f6a68ac018290ff138cdc427b31dd1f3fdc1595

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c6bd5624a3ecea7f8f659b0a13c15003

          SHA1

          30cb4bf4f7d7713d99bd7db5a1bf67df1cb00c29

          SHA256

          43ca73ab03d12af09a693f62f783c85ab4c57c953e0a69cb41682116ca807e98

          SHA512

          55679c8127eb1dee1e367f58bc6ee775c2c772741b8f49f1d5a9ea7162495703b144dc7e193d982272a9f46ff6d1ab94551513fd0fc8bffd3be92157c870e328

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fa6e61b0a831bc991a0da692c053f9ee

          SHA1

          71efb1836ca63afe00860457dd64149018c1b3f9

          SHA256

          370366998be35da7cc8dc7f308e467380fd36cba85c9548dc2ee056760a37cf1

          SHA512

          74c2322c1d79d49df56612fb3ded9a4bcd46690ef5b9828b2e638617548c30158bfad05dd2e8fcc4ce0bfdeeb35dcbf27e4fc6e73b17dfed60703a4ea2e912c2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d1bc3cf5950d7a5d0e9608b38c257147

          SHA1

          63f466163e9780eeb58630f19ee63ef96722055a

          SHA256

          41f11f916f9b9fbc63a5400c5994858006c32da097b0d8a9f519ec73f0496358

          SHA512

          8e8d59f05837a7568a944f4634ffe815a9285dd8c767cc028dfd57cbcc0a30fa65832c72ba0c3801cd6f3a99208d291eec89a1d976eada35bc7294fe23e7ea45

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7fd4e5a7b36ea93f05257c1b5c294001

          SHA1

          c023b4af3c86f1bea2d74a6567d24de44f2c377a

          SHA256

          df7b26eca12d7239b1c0d2a74915d0b3f56d53d76bc1e374c7cac2a822405e08

          SHA512

          85cad05008dc62f4f9435e2809474af0c8832d81809088fa9849d9a5e20d85004edb814e7d85377447c58757cb0ce5f3183f9eb69e9ca3114bb26e50818908cf

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8f5d6778c4057578970e6848031941af

          SHA1

          03032c39249955cd8ee5a1e8badb29f1a1a66baa

          SHA256

          fdce8b242b817f0b0dc21ecdd1ee9af53e2e03bbc3ee440b769c901428979789

          SHA512

          fc702d4146fa44806fd1cd80ca2a4c5d06422ef79db1428db6b2d451383ae7fd8336b198e7e3d7702a579802ced7d7f94b1452c223fa8e4b58e6414468a2c6e7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          35327248bce6e5dbf6e5713b3fe5d9aa

          SHA1

          91d3ab0f8d9a76fe61affc9e25116a72917a25b0

          SHA256

          c880a13290d664750587e9fb48bb5cff13c58c34cdca2bfd99f47fcb2f91fb07

          SHA512

          cc9710901f1488d241455667b259fe4c72e778a4305723b100a815681c1c438007838df71895dc3292a0d62af18eb101f1dc1f969b792ae43296b4dd5bc1d31a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          91fe20f9a03dacb18933d6bd3a8a6d7b

          SHA1

          0312428986c071f223fe054c191f2845509e5b71

          SHA256

          0ca43166cac4b67e5513a2c6e1b05cc76e8bf4d20426924a922ea6452dd09c00

          SHA512

          f3c9169733b01153bb90d7024e5ae1a89b9c8d2f4d649da449a18e55bc172814b772bb223e7414b8ef30cbb368a368cbfb5968c78c7c80cd83a3ec75204c8f52

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1da34e950efd40ea75cef26bdaeb3b28

          SHA1

          d0eed4b1f2b61ac57f29ac04c983b138a009c7a1

          SHA256

          5887c3ede5197d568513fa48c62a4c3b61c17faefd14c9083c7c3c12d97d17eb

          SHA512

          50a40fd45d45e734224ae409a5c77b3518575ef5c719cd103ad21b193b04162a178ae4d426d175a5aa5c28cd694df060f4e760a36a1f75d9b876fea394ccc338

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_D14B79B440CDC26D7D21C81855E2C04D

          Filesize

          404B

          MD5

          3a6e1ba1bc2e223403c345e09be2f6d9

          SHA1

          36e669dcbc4a14298a6a7618100f1930a3e33261

          SHA256

          81253846d252b3bfb9b00459b508f65c71c665adf439f2b289624881f6f2268f

          SHA512

          8461666ad4a0a03aab7628fc0a61898d2377dcda4c0c5df332deac7b5c334fc990c453ee704e44d5ccdb18b34a8ce45848beee25e6e0f3c41bf4bc0007b07c16

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          8cd9d612f4ecf890b3e95d600a0486b1

          SHA1

          4ccb46c04738122c2d008152126ce9576bddc6e7

          SHA256

          d75b1b1af0b797f4975854b4e8db041cbaaa11a4d6643787ccd804df2bf54f2d

          SHA512

          1ce850bf66114b6cfbca0dd1b5c7026deab9d81b4ab84db40d9774e4de809729588c290f0fb1643f2f9ea042a712bf135eab37797b9bf4a9fdd4945d5a62672a

        • C:\Users\Admin\AppData\Local\Temp\Cab3CE2.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar4062.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b