Analysis

  • max time kernel
    120s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 08:24

General

  • Target

    8017e7813b4f6f0692905b0f9f2ccf1c_JaffaCakes118.html

  • Size

    7KB

  • MD5

    8017e7813b4f6f0692905b0f9f2ccf1c

  • SHA1

    d1fe3848322e7d1e5b42f63f3d3437340ae14543

  • SHA256

    1691e304c583ad974a25d7360ee1654a3b779cca129f26ef51d638534f9e797d

  • SHA512

    35034057a10b52d5b09324a97720f71758d21de67b9a5857dd2dee21a0688d7af69852f7bdc3fd22c4b9e3f127e06230181350ceb2db29c0361f8295f9fef189

  • SSDEEP

    96:djRgRCoacLFYju1+ic2La/hUJJUO3ERsiAdjvFdifffIQ0P+Wr6cztJMsx:dGCl6rXrW/hCUgiAdjvFUj0WWdtJMi

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8017e7813b4f6f0692905b0f9f2ccf1c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2936
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2936 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2848

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          e03e4a1897f501d7e9ff21927093e4dd

          SHA1

          ca4edf20406af0848b9f68f581bc4e8eabafeaf9

          SHA256

          e858487a86b075c6941fa6a418383d69682585a9649e583207acf4b8508f02c5

          SHA512

          b194c4010d5f75d6cdf2b1d3ab9fff902f8021e90f831f2960893cbc52c3efbed48d9b9d8c2f570e620164fe50d6abe4cbe44af962e0215e0f5249bce1b9734c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3402ae49d4a0528334aceab8919ea6fa

          SHA1

          773f59f07e539105a96e38fc59def6d0a785538f

          SHA256

          104da02165e3c836bf20e0dc4fe985bad5addcd6581512752cca622b245baf92

          SHA512

          96f4a6a38f9845553576ef51a12c1b9eabeccd0060e5a70c65973efeaff92f0ce4c34ad22b1e5cd7fdea1f4e29d93bafcb1840fe4166034980491e0336c8ae2c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9f2223ee1265ad8ab07587e0a00b4d0e

          SHA1

          c753f990c0c8da374f09c6f8cf242f0b28d8ddf5

          SHA256

          cb9aea841306eb622cc99618e9c57442fe0b25fc9f98b69f2ae37b3a3493afa5

          SHA512

          47f94ef784a539c9c2cc8fff3bb25e291785454233645fcf86d5337d3a52882f36f364d1544a06a7988a53a3caceed1cb3f9477135d2c788027c19dfb8950b93

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f248cd0b562067530402d11fe9af7d3c

          SHA1

          aa92bad934613301d1ddfa82de76de623eff2e70

          SHA256

          dccf9f99b25660e269984b91680dba15489272c78b7fb79d6f51cd69ad3d70f7

          SHA512

          6d5ef986c5053c36c70d0897ba2b7a531936a49f7fc13bb62948bc16dd98e1b5c237d0981e8286e4a2bc2457dd76cfccb363dd7a6b1230fa5158fd4cf1cbba0b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          245581cfb891dd9bbc4cb0364183ae6a

          SHA1

          5947aa6498e5d3cb4b6b5350ddfc12ce02091c0a

          SHA256

          3839529a6215e1a2e108fa578e1a2b65d191ea5782939bd4466e95c3d8f9ed91

          SHA512

          8f260a1f095ba1e9af31d87b6e27ec157c4eac8f5b0f68ec37afb4a7bd158c2842f13104fb09e6cd6294a2fcaa6f2fe8f8552cec8d93ab5bae996cd2f1eafb45

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e58428a6377f2895eba6f0a0d18d8792

          SHA1

          67118abb497b331117012a8e0f9f3e6bec681677

          SHA256

          393b14b477e3315118bfde35b761cc7ef343fe36e2f31f3df85086cef4cfdb74

          SHA512

          f51b5964ee3ebbbf4320d16b9d46e8956a04b64b6abd010f84d302bb7743c587beb85b7416e1905aed207488bbe11e460487774b49151a6adfef9017b5ac534c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          637ac1b1dd70439a455940b31f4f4a8e

          SHA1

          a6ac448999aeb321b013dc7efca948160d08dce4

          SHA256

          21eaec98e356f44193a5c75867dda3ec75f15a9550df7f02a4ceeca873469f90

          SHA512

          c9823726a63ae9c738fa9b873cb1c8bcabb58478c4b0b825f46588ed009680ba1e239ef1691041be253f511f304b9b4cb7a28798d4b3fb9d9033f9f26b30bc06

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7208d80d493e7085d9eb23d98378cded

          SHA1

          fc3b473e9dfcc64d23e2eea19454dd4da3b64d51

          SHA256

          1139a812fd5e837a28aec50829fb18d5e0c97764a04d3f076a05265dacf440d3

          SHA512

          9a4d4b132760dac0f21ba7341398bb6ba6fb4b7381a8df2d02c9bedf5d2b4369a0685018ae4fa2ca7c69ad65e4307ed1b59c957d8b11d3ffd19d9088af779f23

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          044736ce8c02b823c5afdd38dd9666af

          SHA1

          797a8d8ed665485b060d74b9745417e0dcb9a296

          SHA256

          c9f4c658e8ab443b5cee313d8c00d729bd7c015e81ae26f861a8f6b4d9eff615

          SHA512

          a9c9b1e91a5d33c1096de7ba9ecf43488d3377b4fff2df0baefe06979843bf50621f21497cfe6cf8ca5d2fd91919bbafd32e748e212b5b10819ff46908636b13

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          123878e962958276bf6407dfb76f2435

          SHA1

          cc5be5ba6b6a4ca894fdcfba7d70fc1a62f5876f

          SHA256

          d2a4d41b6f95092fbfa61b4aa77b67bc32ffb06f9cca9ccd26cb76298548ebe0

          SHA512

          ca2863ef455ca928133561a998c22e99121ef5fcde87127014064ed77e2f82dffbe264931e356b755d0b88877bc7a09d941f26ab4965f45a2ed9015a7036cca4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9ad002ca478fb0300273fa86293b6341

          SHA1

          154d898c1afa7d4fe2d513d551a0fb7570b0a30d

          SHA256

          7ad8c2e9680a95a496cb7f1f3b83e4dc2a01b1a6ceaf581d11831a64ad9ec941

          SHA512

          e002e00c8cde297ab228595dee368601151145dc087a5beae88cb1b579c331fb5313e2edd5829e25532a73cf3e4e91e1510c5e7bb391a4498c27a5d7195df93d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c7687993de32eb350c88e8c4f3302251

          SHA1

          f2d1a1d8dd5553982faa690a6c4173133fbd0457

          SHA256

          bc8534c057e2a1d05e3ad841a9d41cfb9b124e46e66fff9f0a96fc4638601248

          SHA512

          41e69f334e18721197bdc39053f6140abb6cc017d3b72c6689fc99a844874310e32b1fd072969cfab793fff88c3da3f86350cb2df13a8689edd07c32795af80e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b53955f5d77aeee91c8b7d841bf2a1f8

          SHA1

          1d2ff21cca56e5d1d34e8da54ac7c3d1579bc2f7

          SHA256

          08d39f8cbcab888bfc28b03c08af2d2b86e275d7e7265c2cb8648b5978646112

          SHA512

          8549adccc90e3cea031bb7f839d15119eb81e24cb11c53fd3f763582d636b0132693b4d00321fad7be80f928f0c28738f4ddc0b0057b40fdf2026d1bfca2d9d9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c09d67c2bb396c9907bf2a02bc02e405

          SHA1

          9030a5449e1c9e4c1bbfd638258497e873d1c64a

          SHA256

          32dc1e57a7577a25a028e1e1d3f1ac8bf57aaa911a8b4defc688c10a1232758f

          SHA512

          e48651eab7e057fd7835b098038c8ed63b7b5fbd166df9332a1ba4a27d9bb2aa08a50791fe5f4212e61c01f158aba0dc0d796fa610ae4c7b0a66358c89f502e6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          749e042f14f8ac7041bb44b84c08603d

          SHA1

          24c9146e15659d904d4c1131ee294cd8b115bff2

          SHA256

          0f133f665c9ae10e945b4d4af9efdc8ce89cea294dd7f6d06ca7719cff6cb968

          SHA512

          6a4a53d732bd10a8273e2a1fd8a89561131af59420f68c61b4362f369c59bb99099fe55cf22f9b2d9e9aaf2773572e754d53214fe7afb19412d927d577cd5bcc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          835ff6d66da5f253f871cbb26b6e4d4f

          SHA1

          4931b57c3fbc7af39f75f7eb2b296a898fd21f2b

          SHA256

          79bd22a3abf2554987978bb2e36074fa5a23dd9fe8bdf9b1845117a0b9279109

          SHA512

          0636ecff26ca590a9150c6665e7987b95ac779b39dc9680303199eefe3ec5500f6aa562fe3b5ad40d1bb9081b883b95ef6f41ec24ce4369a5fd3699f3a85f5c2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4a6856eb52aa3eefd2dce1256c77460e

          SHA1

          ce5bc60510b115a0864ee0489d0e8b2318bd7fc5

          SHA256

          56127ca65d1171ad507625d86126fa5697fc90608a57bab0748a1b483b8108fc

          SHA512

          7def288610927c99e772134082343562d978e55c5f024714205f56f654dfcd419ddb63d7a305f3132e026bb45b91be253a76e482140b9f6ac509c3fc6eabda87

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7973b93b34ed7359ebad2b7f7662f349

          SHA1

          ff7cab2a2755f125196fa095294018ad91acecdc

          SHA256

          431e703adf128dfe74a5c94f2e2a732b9a1125ee62453881cd4d27f82ade4eb8

          SHA512

          81a434c29c98444004850d4227b8dc683b774bdd9059fc4c94b00879d14b3979cbe13371dd34e2fcfcc958a215445e6468cdee3aa3ada0afd37f5fb44dde9bac

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7844c14f1d6b51c679983b166f36d7bd

          SHA1

          41a97e194c79ef05bf83da199c57cba79a75f78b

          SHA256

          eecc11557fd94fae913116a46830de81ceb9d601f5c540f1867bb9c0ba427207

          SHA512

          95a253a38bfbfcfc0e978de3ccd54a81e2be773a37584b4c18f4b1152d333142834e3f849725fb4e70d6836c2dfce0be3043b60773ea6c1de4cb12a2ff673338

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b733aa3f9e1739f68ecb3ef8bf0ba760

          SHA1

          8edcba0e7d1de0a8f6804ae8761ac72a0b2908f0

          SHA256

          3a5a90ef04d63c962299498c3f299f62cb3fac04190d4fe4ce7611070c340931

          SHA512

          87d5fd71c81150a41b74d9aef0f35974bf08eca1bfcdc9bdee6e93393246ae6bf0462c3f49f5447194e0dafa35d4e7faaa5f3c134c602923459c1937ac962a9d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          dbbdace170bf530c0d706fc1733cef2b

          SHA1

          5ddf83397b6bc30cf25f1757958778e621e1fd6c

          SHA256

          f8a171da970998ab3a4b5e0b49cf12f59fd991877f8c41b96a01a5c63896a3b3

          SHA512

          2961efe44623481ff35ea9fe00495198bcba39a96fc26ad3cc46d45a199108145986468dadbcc1b5a5cb72818f84cfb36d1a7bb5b4fc9588991d027da76d7cb4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

          Filesize

          4KB

          MD5

          da597791be3b6e732f0bc8b20e38ee62

          SHA1

          1125c45d285c360542027d7554a5c442288974de

          SHA256

          5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

          SHA512

          d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

        • C:\Users\Admin\AppData\Local\Temp\CabD569.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\TarD6D5.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b