Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:05

General

  • Target

    8c67a73e06dbacf9a73f098a72d43556_JaffaCakes118.html

  • Size

    13KB

  • MD5

    8c67a73e06dbacf9a73f098a72d43556

  • SHA1

    507729c76ca14f3e3538e2f8c233002540007c4d

  • SHA256

    4f9e4f63d26c3b9c131cbb34b5174d01920013988247601238eb612df379fdc8

  • SHA512

    3a67673d65a449a3328d3b2a12ad730e13a5030d07b4331e8621ecbc8f7c73baf15495b67a8f912801fa7ecb0fab9216ec964c586c508a040c78ce16e6f68731

  • SSDEEP

    192:SI0bPAT7fue9mZDmBFx6DQjA30kmWD5zLAgZcuAd96ffaxFWM:SI0C7fueYZmBF+CWD5zLCuAdOeJ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8c67a73e06dbacf9a73f098a72d43556_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1624
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1624 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1616

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

          Filesize

          252B

          MD5

          fae135c2ca00179dba105d84b1fc4efa

          SHA1

          bb0e4cca032ca974f133285e7bfbfb106328ca01

          SHA256

          d60d54c10a69cfb4a9ee768cb10eb069598b1f0fced673b2f4867afed566f876

          SHA512

          f6453695b634c631d96eb1b3c40df32d0e591934163a0207a2e0b19400d6ab2b6c7d887355c079bc0e24e35d45f4785875cad6f31c959dcd26f87130d2805b39

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          80fd0a98d12613529e867006d8a5ea1b

          SHA1

          d940b11cac5791ea62c13eec415b5bcd17448196

          SHA256

          e9a618a7cc5f327dd7860a0cf269e21c460632d932d370a826d919d0c204eb9d

          SHA512

          8cc57595b523774c624f32bc6f0c6e00a0a33246d01c749e69ad69a8c39cf164f3f18a8e24879a1d0a881d5d85b3357b49c99bb28fa385e2793038ad7225fe31

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cd451f7aed6c92cbe2af103cb09ee8ef

          SHA1

          c5ccfe21ec381a1e8db2667b18f712dcef3e9c8f

          SHA256

          85f4406c33dd1baed6c5b7d3ef51a8654c940f18326ef68a1b97271b53a734dc

          SHA512

          051608554a9b55c990e824db38420e395ec15a2ab0b9ff2ff1f6b4cdabfe288b7eb4b327cf8b0846cfd377408f4e65584cc5ca5e5ac77b56d69ac82099912619

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          524a6b89516555c26427c953e8d55802

          SHA1

          938f9c4bb6babde4b370cfe09abaf839d7b39793

          SHA256

          0130fbf327197dd65f33b0034959680f6168b9b2af61fdae811152b9779073c5

          SHA512

          187b92f9f459e3159adb7521d8b5b8eae25b5c70f4424d39e320750927a40f5698b7888959ebdca43e974206ff55108dca6e29107c0482ac44d598bdd1d3fce9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          10125d0b6f27025ea7e1e3d8fbb855ca

          SHA1

          a0b5f5c97346b11f8bdc7071f84970fd6a7b0221

          SHA256

          0c9aeae3714db5ce7ae6acb70c686fc977143f458abec45ced50d42e666c3e35

          SHA512

          51b2b46f5bc46a7a46e0f51a0a2d4888a6ec665d2eb36001e33ce84afadf1b880eb958b2f9744495561ce1f23b3fe1aaf939a88922cfffddd1e72784964526e6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4e4cf2603293ebb952cb8bbc593c62b3

          SHA1

          4c28721909e5e3d1bd3b7de01f751df894da0a4a

          SHA256

          0596136942c1b78a6d1a0b5c2a0c0ecf7224a7fca530ca4f5720671b0e376d19

          SHA512

          1d36e2483f6555ec2e8200c6cec2a3e2c32fd1dded2290728b0cb93aa10a2f437edb73b56c620a6b159d9190d730d3dc756fe251f9dc4ceba087c233bdcf6da7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2f70b63ae42ef96128fc4026819ed96e

          SHA1

          0dbd9500f72fb198478c66d10597cf4a4bbfc194

          SHA256

          8aaf7c665957e06d5088d8fcc34641fef8d72549089b8ee51a7869e4fc22c77b

          SHA512

          dbffd86fcd83f003b42021352be34118be5191a5b828559d63970d27784c724790daa2d0de5ad79e2ec1af57a77d7407c2aa4be9289084f1f871d4252729846c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          780e90cce8164ffe3abe5c425e3ea868

          SHA1

          c5dd2cd8f94ec74b432520d4f5b615567cb2f97a

          SHA256

          4ad5013ae01e000393d77d3c1820e026a081184a3a590a32dbb89fff66ef978a

          SHA512

          c2edf4f134fc3a319c5309ff4b7bed96cd67f48ea82f20f922904195df4d9f61ac1b79580da0a9e63396f3d963aa634b42680d40eecf78c4173e0e3c4c27df6d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1b642b558900c29af86c7a9845cfdcbf

          SHA1

          16cabacd48c88a665e8b6a5b9c42e556729a9ca4

          SHA256

          ab1b9038763983b18193defed7c16e20685edeaf97f0d4a668267fff026f13a6

          SHA512

          b892506bbdff0786c929c7db8134ca47a6d63c32b64271ca486c1dd7deebb1b2e2cc8fa113b3c6a2c3b6c5c6abd53a403dceb6aa482939c5d4f8e4442bc25e19

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cc5182d87b6c3c978acdf535c09421d6

          SHA1

          04798b20b4d9e1f02e7b6ce604d45976dd837bf1

          SHA256

          9500a5a13a04df26a2ec35bddb40081ea9b945ba3058e0e94b816fd747ca2743

          SHA512

          a0fd530d8c232155f653dd7b82c6a633e491280d5035a9dc88e7f87e9fb2726c2536d42235f5d98af5f8d14dd157852d1abd766c0262716d80dc79c5989a8128

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          94cae307bb9ca44d23a564f15dfa63af

          SHA1

          63ea2f8ab0d8444e13751792a9bb6f5444e720b0

          SHA256

          0d54ee78cd24b7be3629c3531ae8f65af441c456e5ac7ce5a24a49d7a352810b

          SHA512

          262d02ba73f1a03dde976cf70bb2babbae262742d5cd9b4b1d7fa8088744b1d826c9defef3dca4a11daf7b812497bc9610c87aa913f62ee734beab2a36b4ef81

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c7b0a48d00d604f03a00f9a7055a178d

          SHA1

          ef78beb7a4e7bea796ce18621a21a17259adf4ac

          SHA256

          fb55abd1dc15272fba4b3d7e92cfaf1fed8e5050aef66c2847a7823eeb4bb66a

          SHA512

          f7efa7a060f9903b68820b78384d59020ecc0ad4fca86798f0ed166b1fa37a5920cebd2969fe2c966490911e26bc0d94009cfd93c11269a070c3cf8260828cfc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4ad4b11c628c95d815e7af8cf1ea86b5

          SHA1

          613ef9fa4f32ed390ebd65ba58c04c697d6bd0f5

          SHA256

          c3ff8fb408ec067b655644105e393b888297f48d965731af74ca95c5190a68a3

          SHA512

          f69cacbb4995707bef7dec82fb800c0cb6b74c97575122f6239ead7dd90556d0251ed6511aef1aac7afc08decf09f38e4c810f267fccc29a328f562536f1dbba

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a890973d0d91961cacf25e044bf25a8c

          SHA1

          0c2baf37757af2a6d972512352930853b5457f2c

          SHA256

          d184e75ba0351f7b2f7c2d70420ddf8fd8738b56e7d35b364b416f069f890917

          SHA512

          70cd35cf0afdf3ec05794d4e1172de1a7170e6fb7ceac5a5312933c43472b545fc30e24dddec104a911dfccfebd82e27b4ba7f54f4f69cefdd316ad839669f93

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0702de798b61a8e32f7be6536d1b8973

          SHA1

          42fd7826aa449faea0f5d2d7d0d1e039f5ad9b97

          SHA256

          3cae7e7ff669288fee0dbf30be08464e900ae24e5a39707bdad7341658354eec

          SHA512

          5c06681837b57ba3e967b8f30ec1bbc814db66e5aea5981cfa9e027f559485f4c0923b90fb4b147ada7a79fc7b064ae7f714bbd018d8b4b3335ee63942e46c97

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          700af0a0f1d2e448d81f599ec7a6d686

          SHA1

          8c367046415eacb8fda4c07fc60f47520f47b5d0

          SHA256

          dff10580cf5551ae6091eb0f959f8e7948df1f0577d8314b76866fe8af6ae09c

          SHA512

          a2d2045274b2093035a4579e2f7ef234091754078ccc6f4bfc3cda71ee710023fab4e7a5aaa17726d14fcc9ecd6305127b1aabc6703f91510e46e3a8388dade7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f4ad12d15499a3b76de3654848412bf2

          SHA1

          f2c6b1664507bdac513432c5e0223a496014063f

          SHA256

          cf908523bf41dbf07ec36cb00f9c1dfd46f441ede340946234553f7026bd636d

          SHA512

          40163d4f425f511bd4b29c9e29f3c1eb9b22cebaf08c07ffc2c179e145203bf84a78f6a2666a100011623f08b5434249523a3a4ea42bd9242103561f3cdf2f2a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

          Filesize

          242B

          MD5

          f66130e70186434bae61e929f198979f

          SHA1

          4f3b433be3a23de8cecaf2b38fea314e8f9f4c51

          SHA256

          e1f7232be8e5cf2ae35a0eac72a70dc978aa537786930f912781779dda06a524

          SHA512

          7fae626d6d4799dfabb22ffbc18ce6bac21f9ca73954f2d9c7d41558fec7db49f421a121a7afab087e159f9ae807d905e30d4a98c8318cc15710b284b7381385

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\cb=gapi[2].js

          Filesize

          66KB

          MD5

          0fe383a7ddb9bbaefc3105b3297f5583

          SHA1

          f80c9d789f251909c7560bd91a9e1b9a10c26362

          SHA256

          d7ad4aad4e48174c30ef21fc32c9380659d2c99a5c39680e10ed9752139d8683

          SHA512

          31de1f59377bc76e5d602d02273867ce750bbbccb7edc8f2803c0188002ecae6752ac3ec31c2108e64b0d871b01e6a8a06711969dc68bd9823303def0e7c1ee4

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M0HR0P6\rpc_shindig_random[1].js

          Filesize

          14KB

          MD5

          6a90a8e611705b6e5953757cc549ce8c

          SHA1

          3e7416db7afe4cfdf3980daba308df560b4bede6

          SHA256

          51fdd911dc05b1208911b0123aed6b542e9d9f04c94d7504c63d89ca259ef679

          SHA512

          583636571c015af525cddd5b8dc2ac9964aba5a7a9b0acd3908e4aeb4c2ee74cdfaabe49b0aa13d7b142748542426864e91e88e90d7f73bc647f0bfecb0ff7bd

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\3604799710-postmessagerelay[1].js

          Filesize

          11KB

          MD5

          40aaadf2a7451d276b940cddefb2d0ed

          SHA1

          b2fc8129a4f5e5a0c8cb631218f40a4230444d9e

          SHA256

          4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2

          SHA512

          6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50

        • C:\Users\Admin\AppData\Local\Temp\Cab9501.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar9581.tmp

          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

        • C:\Users\Admin\AppData\Local\Temp\Tar977A.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b