Analysis

  • max time kernel
    118s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    30/05/2024, 14:07

General

  • Target

    846a2ef867ce3756461e2a1f889c7bb3_JaffaCakes118.html

  • Size

    41KB

  • MD5

    846a2ef867ce3756461e2a1f889c7bb3

  • SHA1

    565efcaae8c27fde0f7dca4a29e712397c87757f

  • SHA256

    f0088e0d5908a97480de232fd43ff20916784cb7410602772889e30dacc07328

  • SHA512

    3dfdbcfc0a088f52a3b38414c63ebe7d721def0333eb92c8a2df02902c044ab53ebc9ca8a6a6f1d3047b76fb26bed09b3a410fd0eaa55e1a442a0399fe20e8ba

  • SSDEEP

    384:7y9I/KKvwF4VaTaAYxemvyXy7yGHuy9y+oacTndhfGh7ssTaT1BIr5kzhxMQe3q+:7CmaGzTaT1u8k4G

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\846a2ef867ce3756461e2a1f889c7bb3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2972
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2972 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2156

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    192fdb1caf5b6fea6ea51b6489d0a478

    SHA1

    8eaf0c15be897025eff7e19a5ac794e194ca60d7

    SHA256

    6831992745271d89159faf2d213594666e2aba84480db55c25c6a039a95d40ea

    SHA512

    0114d4e09e7bb4d519c0951ce9f3431adfa4c54c8edd1257feee4c047f6cfe66bd65c1c328da0960ef398d893549deb341a0421316d4c8a7aec4793b6a58552b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bdefee82c157bc49c4cf73ab1491ab9e

    SHA1

    f1fd46333651709239bc7444a27dd236043335c6

    SHA256

    14a9dc9af76555f36095a172ee1a58642488b46d091a7cd9dda18f97773fb2f2

    SHA512

    bcecdcf655b00219d77739e50855d15e93025c393c5c154d57241a89f097795ba0260f67ae16a63d5926ee0a54a2ed434e1b7f9e2146617d02a720432c3be835

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e73ee1056f59522f9d663af051a5cff

    SHA1

    84de193d1c03d8258355221b8e7ae47aacc9593a

    SHA256

    45e543528670f4e768abf5352e32d2790469a94c24085656d33b229190bafa4a

    SHA512

    c76589283d03cfce99fa100d6e770c593849926f2fadf1c3ab50c8cc0ab57bcb0ad24fdae8346558a3981e8fdbc0e6bbe99dfd9de25d4f6d9bd480c0b6e45df0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1fd51bc247f90c99e5cbdfec24eac401

    SHA1

    e0d13b39f2bd1f450547258058e67d899afddf94

    SHA256

    ba541a2a89646b6f7cba5ae41bb63acdb02b20230151ab56bd0fd93e9fb8e136

    SHA512

    092692f40873ee8e95b7c8ccc818a475a691be4c538b48f93c903cdfe01447d9e50db2381b898de3eea1f31ea2a284ae1e713621dfb7a8fca1f375b02134bb9e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d7c34c87f097cb1b0f853c2b9ce76564

    SHA1

    ac208181f2c63883cd304f2eafbf684ff604130d

    SHA256

    ad659810e486c6d9383541a617c181f398894ef3f98b92492a42011287309449

    SHA512

    f16fc783cb20d6eb315e1887fd42db8fecbba8d86cd2b555905dfbf1b1450953af9e393177de10f581f61b23e6504e6de569224e2e33530f897dab8ebeafa631

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d43b5315adb5402900153a779ac5873

    SHA1

    e33e0bc0a41fec19fd4a29f68251c70c2793df76

    SHA256

    b0e7f64c7e5a2bb31c1323ff83d6b1146021f178e9a51ab4fe20eeb239efa79b

    SHA512

    9cc72404a6cd9260c436b77f61f2c10d231202c92553d90e50342db16ab62da89b3d0bea428e1366da1014b1632e20ad0405be75a63703f8145532048e06c012

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    064adaac00de5c8cc812e83815eedd27

    SHA1

    efb41b442c335ab80f1f9ee9572bc4ac828e1d5d

    SHA256

    dc31cb19910e2b707ee2b8e26121fcf48cd7a63166dfe3a72678320444c05248

    SHA512

    d0dfd94ca0895221276f957dfc7d0df8c7cce5092562851d0ab07705fce70d5bf145a2d6780b7c6427898e73b55f471b27f6d7a45287a81f4ccd1cc9d89288ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0edddc7ba6dfa7679984f0013cdccd5f

    SHA1

    32d1acd91a6f72ba31dc57072371354ebbf4d510

    SHA256

    f5e77b0e91f83816d57d9afcc735aa670b20b6d32ba60e047a05cac7fcc63cc8

    SHA512

    5f3aa58f0c110489481e0e3d14c0e81b40863ff518d24087e8ce310610a865057ce7e7b3de13fd320b9d361899d9923b8b6b115dc05f7eb1f5716e4d030f09f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fe3baa3ff19bbe214d91caefbd7c3b53

    SHA1

    a01b31f27313563cd3d4e01cade07230b21f2034

    SHA256

    80706d6a55d42892a026bbf1100c5c7ae5f851aa34ece6aeec04e54e694d0ad4

    SHA512

    262658a4019d244f3dc58f50ba72290c2de4ee95049120e8a7dc687fe6f9fcec709e3001e7aef76fc3fd90dc111122fb8e08440f349f8ac1c4d10b5f3f8a1ac8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    166767ff3d45351595de6d6f8826a468

    SHA1

    de1069b97f14a5ec2502379902cf2490d403f988

    SHA256

    37ab70f9478b577bf6ca32a11cc19615d23466a8d889993705e944b8d0e97402

    SHA512

    f49e502044086929fffbd0686ec83b722330c010d79105299188157d21015e567cd1eb39730d51c7c159bb3b8408b95ee6fb2f11d87470291b49181e26e866f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    24c77b1dda7483de4eb92ab75c750552

    SHA1

    107130a4d85b134134ce81b58d18168680bf2573

    SHA256

    4139ee98526a086bea2b97f033135edee72a6c28aa6342a434194e2220a0fa34

    SHA512

    f23b7634bc826692a823e245cda359d1b1d7ae16bfb6a69a3ee4b3267b09a3337a09057a33e7a45b4619c2a094fdc27909ef8b6d0e2efa596e6a311ca6e5b0e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    316dc939d0aafdd6529a58e04c15c058

    SHA1

    2607c90f87e010ff508d2e33a8017018fd9b2f34

    SHA256

    9cd5c785efe5bc3a3bd89d210472b70b6e2f29cc684f22baf4f40c5b42a1cf36

    SHA512

    a34d20ba2f52393d832c5246a02d8a6d8eac80e8c40b4c7c0b6c5574e7e61cc70729d2cf23ba1c6a48d2f386b1644cf02db3c3e580a04a6ca57b52ca1530de50

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    050dddbf58ce971c9acd7cf727258108

    SHA1

    fe6b60c6378aba68ef9799bb27ca69eabcac2433

    SHA256

    d2978be648d3f40e99a07feafc237a0aa54f9ce959517bdb9d96a25e93af5da3

    SHA512

    4a70a21d02f6cecd98deff04802576023b55a3f49a3e51174534e4adaca5e85c4f0f754a60bd76646e6b6311bd4108b0394beb0b7b1d0f88ac68707a728a1f58

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6d9bd92b0dca4cbc1e0a7cf2a6166561

    SHA1

    99b404920d5555ea3e377f9f0e2d363cccf89eb0

    SHA256

    2e15a781b3c8dc3c7a2113431fa7b1024a1e9eea0b83988518e1e32252012dbb

    SHA512

    061541cf388d82181b1cb910ed264087c7e4b10ff4ec7f4061be2a3f7e1617d6d84bb5928992adfe099a4e55254ba340bc1c45aa6bab97bcf929b729a93b63d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    de710ee4c44bc14960613dde95c3662f

    SHA1

    4f558485747a80aab18c0cab77d89c28b4e3c72c

    SHA256

    89fb1e33bcfffd53ac3a3eb74d2e379eacca89be392c308721f992c98753b66c

    SHA512

    32eea1c65b13617f0e53c318a1cfba91b6d60a7e56257234126dfc93b72269b88bd386aa081ff5196e219a69931c08fdec5f7d70fb102cac4c2d7426167dc34a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f143b3e0fe6d4f37b08bfe52e05bf90e

    SHA1

    1c93af2a9056560d8d5283260b6cc443d650459a

    SHA256

    d3bb4c3a99fabaaf63371c36982421187da4ed76dfe8583bee172927732ff7c8

    SHA512

    e2e16fe651d7e683da9b5c43fa48ef03687ca6cd7bfed07a6c143c375136ad0d1ffa58dff2e7b3db8741726ba9eb7cd13b2fb81fb3c9e8a9e38baf7d4034be20

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ec3589eeb6c43a31d57fa68fe10a2b7

    SHA1

    c8f2497d9abcc918c8a220f72d66206aaeab85b2

    SHA256

    cdf230699354b87d1837d8037920158e881d86258c62dad98e070a06f3f468d3

    SHA512

    fd11e639de8166f3b025603eb693deba572a7ffd6b7777ee29f37ffa5e156a046fec7a05d5eaae98c32fa7f7d00c1ddd5ef60fe2c15d9742e199bd4b1941ad81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    373a790dac15c7c7a8db315110d77054

    SHA1

    b94cbb0d255a8d7c40b842dc657bb33f64f8ba38

    SHA256

    35dbc1a57d2e08f3bc7d57d69f26ee0a4d29a5ca1ff64d641d37d9a8f3503b0d

    SHA512

    e88727730bc0415b659cee01f5ad522e3300365997912c2e15bb2e2a561b7f76bca34ee9d68e98d75a14b12b10a4f8e1efc4bf73c935fdd1c6c2624e9c66f92b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    692564ab34274d259acf33b16d1b56ee

    SHA1

    9422448e1644b04f839efe895de32b7df7d7d572

    SHA256

    774de7e8da0322bafe1ed2a1a0044ae59db0769c9e06dd3af533f2bfd3beb1a1

    SHA512

    24593064776a0be3ff2c8fd338baa6750ef40ccef96f2ab86764d493e2d416132c6d3549b671479971cb9288aaa06e7b8e220a07954b61cba9740777b30c1ac7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e49121e68fb9f93c60e58c5d82ee4d4f

    SHA1

    3af565ca87f3912f534a0453598802ae65e7e28d

    SHA256

    823476e33fff1352e29c96968e1aa9f63cd3500e2b7d037d8e4b717377dfdb9f

    SHA512

    cd07fd9858e40027cfd0b7cd6e02f51c894d69e1c65027c40d0ab1cf7bf609a25e66a922b80ae8558c736488a6e51c5190531a1dbcd62cc7ca12ebe90f55df27

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    e9170e0003a1d2a6fab7320d2efdecdf

    SHA1

    80f3f1745b4a6a785f7a8f66eb384fbdff9e0c16

    SHA256

    5956a9532631eeb0bfaf6d2b822f650f70d3168f3dc74f7a17ff50efaa51802c

    SHA512

    06573ce5965da7df550dd15a016fb54c63c8de502d16857301f6c200ec47dd28bd80c721cb4f8a7b0898f0725dd4660b4dd4feec96a034a2837687906aedd01a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Tar2497.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b