Analysis

  • max time kernel
    119s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    31-05-2024 14:13

General

  • Target

    8747e3fe60aec0fd7fa46256021978e6_JaffaCakes118.html

  • Size

    114KB

  • MD5

    8747e3fe60aec0fd7fa46256021978e6

  • SHA1

    6ecf4dd538217732ae4349031365728cb6fd2d38

  • SHA256

    20cef14e6a160ddcd7b53ba986756b4be7e703538a876ca024c229a92a0eedbc

  • SHA512

    98aecb6feccea96e722f55708da4772fa0d2cb0717baf658f1ffef6e90b452fbb77a480d50b080407f57b57d4cb46b94db4c48c131b1805bc9114ce36d3a0fb6

  • SSDEEP

    1536:kkclJQvH8l0v4hTO3nOUkOuOcOrOJOwi+Gg1r7Grg9OytJgUWxMj:kkclW/w0v4ha+UzFcT4Xy0UWxMj

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8747e3fe60aec0fd7fa46256021978e6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2416
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2416 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1400

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_1DE53A40D87952CFC53E36A93B17FF42

    Filesize

    472B

    MD5

    e9850770cb852405ddf9a037f289de1d

    SHA1

    febe4f22d72263c45e2bad5eee4baaed235aa38f

    SHA256

    216b6a4588cf6d5a725ec587f8962a18abfd59e78a51d2630a0e46fa8f22e042

    SHA512

    fda76a8b87d692de72623e736be3d08887e576b89c2615c3eb7ea7654443b31665112aa8777e1cb9a65a0f879c308b9c31330a333f01a299e1ae401d7012b098

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec55c7fb76fb9e35b2707b913ce069dc

    SHA1

    e5a77efd3397605700f7b9c270970a3375d502f3

    SHA256

    56e8a8cac619a23da4b0b8c89d4b38012a17dd6573fbde65572c530acb703c22

    SHA512

    ed78617b49fca2337b396a2b0b20342fd50a42ad53a9e4e09908306d754d0f5cad5694427f586a206268b28943db16f694a5160999bd03d67544c93ef15f40c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    38231006488d6744fa4480bb45054736

    SHA1

    b16eb99710c7e5145ef0e60e80063b7c4744b5e9

    SHA256

    3c67ba86bb1dd2ff67e62653836cb9f17b2100a1d4dbf2a31dcea61477f90056

    SHA512

    92fbd6e5abba6e1777e8de406cc115f3aa0f2cc359e87737c329c449b5e38502d3854a36b7a7fb06367da775d85fea1704f47cd2203310f0646e570e1565e24e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    af8d8e104d9e9f8070a8a2ac186c6272

    SHA1

    5c39029663434d0de6c2768c54dca40f646736fd

    SHA256

    131bff633abe0d4b14d45cbbe7db8c207cff417df676732f7f3bc7b641b2cc07

    SHA512

    7f1d78e2109b98a73f70e109cac743b24311ae47d779230e964f355689bc64df09d08ca2870e6fa8d7f9835bb710046659861ed73d6f6ab2b3be80d08b4aad15

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    46b1d4e20450d0a7cc2df86d228bcb01

    SHA1

    059e0ec6e9bd2e4a435169f00fee78a427b0dbfa

    SHA256

    8983c0811da607f4717b5debdd58e639b2a025f5e72c0a621ced8584355768f6

    SHA512

    22c9ce1d267d48fec1e7558c38ff0180465fab2c1065c43a604b894df12e4154ebc02daeae33537fed509e984b67274a8c3fb61ed7679ab23d16648764fdd6d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    43cf35020ea2c3b1685daa71a251358e

    SHA1

    f0c11b5c34ac44eca62ba7598bf54806cfda2f4a

    SHA256

    6aeae5bfd33845de43f472272c131bcff0540954e3de882173e1f5d450ad550c

    SHA512

    ad347260727ba51faec17ec26b141fbde949dbb5c9523a6a681383b097d2dfd2802d6434986852262d8a017d58f325c13cb961c8fbfa52ce5909fd41fa196528

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ed4c3e2f4bffe9e730a95463024b48e

    SHA1

    11f7909bee07c4668c4ef3e4abcecf58177361d9

    SHA256

    c4fb9004ecf185ce7d983507c06da6193667f4470b926f5b777e6d2a193330fa

    SHA512

    72bafbba5a5c1f24ad284190dceb744f0e8eac2e6be8dc1bbd8ef65da0de231a43f35eec9c4b0c0b75923531b72435faae13fb8ea9048fe67edb0b78b631a55c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ba7b0dd3975478c6f40bc10807b6a80

    SHA1

    5cb1b86c68615cca2aec175d26716be00f446494

    SHA256

    8da7510bcfd48c5da0ef5ae5755222ce9cac35d17dde1fa8a623a52f031021cc

    SHA512

    22e5cad8915ddacd5a40dfc2a92721140c076e3b85ad6c51d8ecd1b074266ea9e6f3df43fe98df60320fb7831352a12c49b840194a5604eea1763ef1d6e57b79

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a3f85c9efdcc4875057e216b16dfc834

    SHA1

    d1f8009761620f2a416601d3e84592a71ba45978

    SHA256

    2ded59a32abae37bb936af456ea092ef135993e7c58a63a78e328625162145c3

    SHA512

    954d9b0d02be132be596eb0ee03405490cd5424e93de886ec2ae2b3ec730caaccef3432c7d453c380ce4ec6cabd7a2589f060a843c7678fb8088204d92d66ea8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd8b90bff0d82c56ed93c4f214b52c32

    SHA1

    21f49b71482b0edd5c302ad8d7ce30e770f87e7f

    SHA256

    97f1d0684ffb9e983b31d52f669568492158c5ca9fe8b69d39ff41f6c4105fd7

    SHA512

    7689622aa4adfe1eba6ca3d01f96cb1066bbcf1b3b7a46cd92c9620bd03c1978cb6c10769e76234f4830b4d643b4030ef1d7912b0907d1335c08af9f4380a943

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36a26f68be023ee707164c73585b4e23

    SHA1

    12e830ecb204feb664417bb333175cdd50ea84b5

    SHA256

    3237cdc093df9b9d0ebcc458d2f8e430d35d81b86a16d759796bdf9b7b6836b9

    SHA512

    0154d2e65603f7960355f4fd98db9f93a32020f482a6db184ce582a9f9e7ac4e1bed882542843c86d4f2bc07aeacbba4106ae2aa16e7d058c53b6ce47cce2032

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a3ded0fcd7416cb8b4ff8ea0390c6802

    SHA1

    371277a374dc950c2f757d077793be66be9e3074

    SHA256

    9f854cfc58dc3da581627d60c3e74aafd97e6843910f053e6505aba8dbc7add9

    SHA512

    4ec504846726e9f7d4d0bbfc1dd477aac7dc62aeccd5f8b08b281413f3aa217e4a313c85d9137e42e0789bfbcfa823a50acd239de628f45ef42de5181213b59a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f7e9c5f35882446e087ddb6ddf15dd82

    SHA1

    68e00c4e6f89b66681d435bccf3ab1c089ed460c

    SHA256

    9a43115caa6b339d571429679fcbd2b8d754844ab007f0f9c62ce280e3570f71

    SHA512

    906f3982c180fdfd4f8990749ff793df9dee2f6b3e9e13b0f6be6711ed8b057a40853e2ad52770486f15531fde33908cf404c26244b3f2091be54851f6de0c63

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c8e2839bd71b9131adb0030e0cccfd4d

    SHA1

    01a1e5287e0ac380a5d411af4b47df83ab673c62

    SHA256

    7b366c19971b29960f800060cf42a199798ba05d473a008ae0177e9d7147f0ea

    SHA512

    6413ace23fbdd6aa516a6656ee24f43c8e2e23d4d021086b28a00cad2f6c6e08990e4f118e65496d2e8ae92508826f40fc5faaf584882a2e7a6e55124ebaa06e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2731d7bad7f1992b4fb5d1fb56e6c925

    SHA1

    71db70d4d3d3ff2eb21b845306e453fa10daeb7b

    SHA256

    666a1247a80492e377670044de19f9a5f2f1b79a1e8e7942e28e70e409c06de6

    SHA512

    094f02feac250453e84c9759ff288d3ae357e9b6d521c1b0193f108014d40534d5afca37bd175edce762f2603cfed5a73b0e17d1126f1c549969c60605ceecd3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ddfa670b10aab1e569468dbb563cb15

    SHA1

    65eafd2a7f50ca2375b4e79f85be0a87fc826f10

    SHA256

    5501aa2cfa08918ffa9c8bf79c23c57262502e394a3fff7afb9b74d834cbee94

    SHA512

    8c722d70822f71d557faa12bb3cf8a42e270ff74b0430186adbfa958e28881a5d11262d9ee73b0a0f37aad21bae917284a23f18e02e2992b7ab0408615c27148

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7937490d92f2b6b326b0d5e9a803b506

    SHA1

    9e7daede34b5d0a677e16a4f9f1e963ec336feeb

    SHA256

    a19a08ef8d46dfa498f301e6fa4f9e632b36be22bcb82bf6429089c12f43801d

    SHA512

    7b211426c08ca2c47c4b5c6e0ea64633959c12d4b186485072e340c1d1a6351b0319781323e8fcec7aae2172c9156b6d86887214590fffc0dc8485ee47611b9d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a924db20c810ab758dec34259c2b10b8

    SHA1

    54222fc930b6771b9da09f1f3be23615505da7c9

    SHA256

    338c34bc2a9941590a302a6942794de26eadbf3812bc0950d4c61e0e09bce6b8

    SHA512

    651776e0edab18ad7c3407bbd35169554c46e4db382e45d6a1ff75847d4d2675281ef5cd060034fe28ea297868ebb2e094929b5a14bf33d01b7dbd8f1c8884f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    27d1680ee201a2e3045704281eb5347f

    SHA1

    19fde5da8945f7f8cfbdbc49ca2257afc039df73

    SHA256

    52c08823bdea9d954f56c5c0f2a6c8522ccc1aeb26b6835c605811e94b754204

    SHA512

    26dd48e51d630804ee33b777066c16ad91bb06859c4ac54d593bd1347d7b2f0af2396fd3ab52ddbe36671b46e49b05841c732f4675d3ec84a57928ef1db676f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b33f12fdbee27acd9165ece2d054e09d

    SHA1

    82b56a5c4460656f54c8fd4d5078e8a6f9bfa158

    SHA256

    08d4cc1458f1732d521492f521670668caf0840dc6b2097d26883181a1515b53

    SHA512

    712fa705b2458b4be6c7d681c62958a2ea533dd74a910e56eae8641a52066b67858e58ab740e489bbbcd207a87eae94d69e6dff7de0664ae00f375ceeb6f7b24

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9dd29f5ebdf962d6adc70124db3d1ac3

    SHA1

    498623e1d15cf7a3a93e2f6eaa78632760cf7057

    SHA256

    577b2372d286df0d61fa59a33e4f58eb192205c0cd46a7899923f59be6bdb97e

    SHA512

    efd6eec828f24baaf4dec84e0eebb945b0b244058746285689ae32816ccfbd4dec4cd38b56736b28660ee66be90b9a88c38a52d7b8939b10cd5a6a043acd623e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    07e40face81272a44724e980896332a9

    SHA1

    9d868431d434a62ec958f2e6c219f14e919d2d3d

    SHA256

    a78e696886769489aa9e0235c56693a00d1bb7221b7fc9f5f134f41ac0929583

    SHA512

    27aa69e56de137687f8c5cf7c9d936e3e77b559a417cb121f145cf977ee0c5fec84609a6a4deb58ca3ef8d84ce09453a36c4dd0542559aa093c5e4f469f7c06c

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IO0LJX84\plusone[1].js

    Filesize

    54KB

    MD5

    53e032294d7b74dc7c3e47b03a045d1a

    SHA1

    f462da8a8f40b78d570a665668ba8d1a834960c2

    SHA256

    8076b082eadf0cab4a8823dbd7628a0b44f174c17b3221221c0e31e7c60307a2

    SHA512

    fe263fe86aea2ba1b86d86305650cdeee45cd1f7b4339f9d4fb81db776b78abedccd0ae77262f45d579751daa26f81385354b3d126fdb5577036e9dd1db33276

  • C:\Users\Admin\AppData\Local\Temp\Cab25BB.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar26DB.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b