Analysis

  • max time kernel
    118s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 22:32

General

  • Target

    8faa3b47912137afa3ef342e62b5b7ce_JaffaCakes118.html

  • Size

    63KB

  • MD5

    8faa3b47912137afa3ef342e62b5b7ce

  • SHA1

    18756c3c9f4c4b74317da097a8b05da8b4a4a758

  • SHA256

    e82c428886bee1d3a3340e0a7b791f57d1646647854c99295f94638034b867fd

  • SHA512

    9d2ef2db18cc4d51677620007514716e9defd4ed01c86482d2aa1df78d81198c521237305cd7f8d8971f3bb049f1baaac0e19556c746b872b4481844eb1a1e6f

  • SSDEEP

    1536:6oh1JTKo4r0Xhiv5LVHryf3y6onwQl0OAP3kw39Q:6cHXhGy/y1w1OAP3kw3m

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8faa3b47912137afa3ef342e62b5b7ce_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1420
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1420 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2000

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    aa05bcd2eec5e15dd21a1503af5edd9f

    SHA1

    02e38c066c1321178f033cf5ef7d57f46c7e4ad4

    SHA256

    5743fa86cf884d94c15913daeb54e6a9cfbfbf95e9fb54f089c8a16fc5920e45

    SHA512

    a21629ef1c09a65ed4cdb41ca94bd0db1f201392f44ef5286a1970a4ebba549727785b161ed37f121cdb00bf21d254494d1232bd79c1ca152bfc81bcfde5ec6c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aaa9bd305c878a8c726c6ff47f1c1fb8

    SHA1

    1f1deebaf203f321f0ba082f229cb098324b8cf3

    SHA256

    1226ff64e0c9509af003590b827ee36e1b0502c679194c842d9ddee03de7345e

    SHA512

    9a8c50a59aec33ab3e7d926915e6afd003c6082043321e5149b82d595f5dfde48fe5a550d2c303a12048ef0c5977f127e10de3b7ec6bb5897fec5ce0d5113cc6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ebfdc81ff7c08a0cf4f34a60583fe9f

    SHA1

    867fe326fa3267d366f657316316a07a3c6cf652

    SHA256

    b400f3f6004f7b0d9950a69350681b2a3c0e949214cfe2691a31cbd4504dced0

    SHA512

    69474882eb09e3c69d776896982636980ffde38aaa32bc1d7e7f3ca20405edb9f18d0fd7676b49eecd6bbf17def7749406a19478db405211c3bbb4b435055fb8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d681b4481730460725b205ae4115377f

    SHA1

    6d7acd5270335d62a397436267a9413786f796d2

    SHA256

    92f64f44a2e871670c1c4f0b144c5528df808ba1d1754ea7fe7c67af43a95908

    SHA512

    4a81542f8805fa60128807fa854e9e475a73f578384d82c452d89439a52c10d8913e9eec078ee9a7a49d6e1fe9ae7a73df1f72ef5e0b6b13c6c133a007201d10

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0be7e43f1fa66ef4efa87bbf6c47e957

    SHA1

    b9fa76aac83c7915327fb351f3fbbe19e60b9ab0

    SHA256

    f58adea2cc1bdfd7d3abd85ec3a0d464249a4796c5e936eae4237fb15e5f3497

    SHA512

    47279cfc2a2ff92f708d41b18e5553ad93a404401e6c9c8fd70d57bc6bd53bea8d7e07b9936ab99af0da6a5b5a60852bc3a5211f1c1c9893ddec77ac3e662657

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e434d45c4385fa4f837528a76fc97cda

    SHA1

    26f495f5199623fc45aae622db9b634a514ca554

    SHA256

    9466dac6eacb93cfb43203e5008ffbad4e0efdea9808f0dd9b76d949f752d8aa

    SHA512

    d049318682c5c5bcdc4e9c25c09257b1071579d6cbe83a2382a05616cd860cd9f4b945342390b7cf5b7a7e7cb04a955af6aac221923c69989e6abd109e8cb823

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1172b14e9d89592046384e9491f2ba24

    SHA1

    d87f742859e37d4f0cfd0b67c8f02056825c9b1e

    SHA256

    db8f63808affb41770ab731252ccbdffd04dcfc7cc3b00f704e91f33669fd111

    SHA512

    385bd6eee245d5c93bea9f42f9a654b5c3f68e1ccd91aea8735fdd975f52a1a997bc37c94ea650fcf7a35809461d9089317815f1118dabf12f227e1d46b62541

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    41dcab2b5861013069671e3d53e4b2c1

    SHA1

    3a60cd5c54507b95ad226b8c27a432913a04a50f

    SHA256

    55488f85699837a3ea3bce90178b40ca4b4a24f5a539dafa02fe0d2651115c90

    SHA512

    d82b40726c9160c76ed051f44320bbeefa00453b0d9c155c6db4c58c863f7f4decdc8098c060928d91e20b4d87a321d3eb117071eda38ad6b91d50075b27427f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6713e148412fb99fd8489bed9ba10b1f

    SHA1

    72e66a0b9b6bfdc326ad197c04292484df354e2b

    SHA256

    85531504ca9fdb98c4fb031906983cde4b0e405f887efebd1e4af023877c0267

    SHA512

    aac9c748749f495befe05655ddd145a378e4ff279c542cf23c0cdcff9118564f1ba5bd7eb2fdb8e6c3c6f68a36ec0ee02b00b3060fdcdf3f94f709e39eb0c1ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    71cdb89706f4b5efa421ca4f88c1d196

    SHA1

    0131ce06c6f60b9902cbef50f3bc7f98ff3bba2b

    SHA256

    4a70bc9a89a671cea315f25c47555e2d368c5df48c1f90ec6253aca89090ba43

    SHA512

    9fa0c642a0b568b18b02fc3f625b1cd9a0e3f9f0614305e3298cc7eca3a18112862c6de48cac5945ca9b382e72ee7928e370997d8beedd8e72edbdfe3bda6ee5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1efae1d6d8fa1affb9a59f3043aca551

    SHA1

    15b8566a767429bf493af08d5e6d73fb1856e8bb

    SHA256

    10c13e58800d77577e19ccd56be7b7d20da11c24462d6d1d486ee3f9730fc435

    SHA512

    4aa2b1527a3a424b61b7bfcb0a8aa9ab6d67d898bb9e23a5af57b8bf81c6848c7831362ae274f229248c02863fd4ad98dcbc0400d83283b5cff2e80f27a40b65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eacdf0fc6d591a3066e38599a23ae7d8

    SHA1

    ae578fa89658db26c7a44e151d67e5f01616837e

    SHA256

    3b0881da2f053be0ca80865c719c82647edecdd2f8a08ccd729e0db1bb39bfda

    SHA512

    ceca009a4d9c7c9fae818b5ebf212ff867dcc78e9e03d624d521ce4a6397669f236ba4213f30b1c7fe1d923caa24e97875b0729e718049e6aeca5f1a7413613f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8920b7f7ec376c9450a43c48bac64ddf

    SHA1

    834a67199d6f2bb4f441ce2f084286b145192714

    SHA256

    c4465f135267cb2e13e18757668b754729ace721ae956d44a1ac87bf4ee7171e

    SHA512

    a39408ca5a24ef6f52700cadee0c3bdadbc87d03e7cb3d614833c30bf1a67aa3ff7ac89340323e86b9136cbad50cc6a4a8882013dd54bb8c4c4c960b217fad48

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    57f42d8b371ba601843cc7b8cec6b4a2

    SHA1

    900ebab717cdfc76c5c59d651586748b12e55308

    SHA256

    ad1eee247ccfa5c506e5fa794cc654c44fa3854aa906c0e7d6871b67ef7fe12a

    SHA512

    2378ac2e6238ba8e0c531ad201850265ae9f5a7c83d7b340982cc4ff061565fee7a3db7af2e75ebdd5e457253323701ab63c930923ad285698e8f883aedc8e30

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c4e728d9dd34ea3a2daa9581fba3b2b

    SHA1

    6562d96bccbc4d4b2a0f0f7d49d996e0efe290fd

    SHA256

    77c0a49eb0a1f355c5b605ceaaaf67659815794db452caeee87b06ac8f902629

    SHA512

    6919301f02b7279d9849ca82b941e5340100e99f18efc50a8f42cfe78fc3b5831bbbd9cb3b5dd440e7e798ee1c79269035fd522c2d94a7e22b352ff61e60fac7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    de55c1abfa086208bbc3c17f3a95a6de

    SHA1

    78921f0a79118024a48b4b1a16b225c5da515f2c

    SHA256

    85b4d5bd0483c78570357f2d4c4ceddc8592a45f67095afc98acdb136b0e2b6f

    SHA512

    88413df4e6debf7fba765072dfbcd721b8792c9984207ffa11487c1bf1d2747901e09c3015f0f6c269c5e65bbf4f8e3b176ed1d9c75d2b6cb911c02edeecc9f8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    243813d5197c8f90d815f152a2e61349

    SHA1

    86dc36e16a56765368391fed3f09a5548b8b9fed

    SHA256

    634ce52d18e59e1c2cc97b5274a905a9b0cb71bdb95c31c14e271fb950078199

    SHA512

    9fcb108d8b265a428d7fc54e6df7c80e0e7585d40220e141fdf7787f8abf73d524d2b7534cbc24fd6dc47910e9bbee4bd2d1a2ffd53a84c6edb8e09c631f5df4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6f45e1d844bebe064436c0b6ef33ef0c

    SHA1

    57e81308df8eb0df9f6661871cfe89543d1f75fc

    SHA256

    1233ad74cdc6eb1ea378d24ec8acf70249fffe07d96b9969e3ec5fa2ace3b5ff

    SHA512

    327added60edc12a06bccadcb4843762d7835b7fae0f34def6e22fb7252961d633d32b34bcf2498f0614a93476284df9515cb52c310fccc58a1fb4a497511f68

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    62b12e168c8c904b0393c93fe718c3ed

    SHA1

    47dce616e1dc8623914a9f9d7e257dfac394e6d6

    SHA256

    c1a1904b19fb363038f7ed8019fc80add864a03b470284bc4e2226f579c10773

    SHA512

    2db41aebb107f6196182d3743fedebcb1d08fa5794860798a804606d13c86023c3691f048ea2c635683f3f0537acf827e31cfab7dc45b11aab9af5e791d7a7b4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3f431115cad7829deccc177125c9bccc

    SHA1

    500f6444e7623bee76404a7422d3880b13641446

    SHA256

    9f476f381ba170014ebc50a72fb40ba9dd27aec61b14908bd40f536a68f6e962

    SHA512

    601b677c662a2e27db0ecac6ffd8db24bb735854f1b699d1e2317e2a287e0639bb215ca5904a4ddd6f760ac0076228f5067292bfe1048470f902debdf3e84ca6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6d50aeb69addec798af02336cacba74f

    SHA1

    9bc86376c57a9072c1de7a82d127fa37b10497e4

    SHA256

    c9896a1c4c515aa65dc032d2228f68870462b658019118d8ea2d01b3ce5e5a3a

    SHA512

    eb54b646491e661e053c37c6788f903b962cef875e03d1b15215d2fec978c68771ffd62e45105087a3c04b4ad139ffe1b268a4ee2bfaf08f8d8ad15d0c66e2b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8619b2e889c9237b0db50a0583a44738

    SHA1

    a938f15551df96aa35444201d0d146b4e61e03a7

    SHA256

    e19b3f48b58051fad9f031e1691e1e9cf7986c44f61126836c004dcc9fb75b33

    SHA512

    4cdc57a681681dbf1c385a3dabb9e8a8508ae0942869e2aed4826269a6f30cbc684054c2d39f3828ae04ffcf144a802ed07352d4708497fec2c254cf75b5db28

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ee3b7e765684af0b12caad6905804195

    SHA1

    b87bdd9b859fa12dc879660aa3b7eb32226bee71

    SHA256

    a0e4209df92affd3bee2c24c81fb101c715cef8d2ffff00a0dc52be70439164b

    SHA512

    8c662354b1719aa38335f3ed0c0d9373237d5f70302e532e3faf06cb798ac41ff70741c09b90fbf9aab314618c1266dd5eafee8204d6d04231b09a821cd699cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    223a3a937b48611d0531d01a7673c0c3

    SHA1

    9ec853b7ec69b280e8facfb549f5d3e35e831c03

    SHA256

    585a97d9d9810a8b1f4bb138fcaadeb2ce040d84390a1fdedb183a0b32600373

    SHA512

    7bd35c3ba896c409e6caeb8846c369bd1396ae76bfc73d942b37e66ea60fc46aa33d29c07dcb773d5443495db895735e5e619485c383463d03c4b77bede88ded

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QNXIQUC2\ncode_imageresizer[1].htm

    Filesize

    830B

    MD5

    3c3c5deb7a667ede691d54c1fb3260b0

    SHA1

    16b2c1af68a248e4a37f9817c8fe3f9d3b2cd298

    SHA256

    7586bb4333f996d1085f002ccc37f7ae87ac5231caf0243928bcc9aa5d2e07ad

    SHA512

    56d3b12972b655b3f566e38b79a46a219be660a04d2f0edd547c23103911350940096dc6e1d2fa1da6454aa65f174f20925a2760f16bfd1eb1e902bf9db38bc2

  • C:\Users\Admin\AppData\Local\Temp\Cab36E8.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar36FD.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b