Analysis

  • max time kernel
    144s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 07:59

General

  • Target

    910876e76f455eedfb514bd54759c443_JaffaCakes118.html

  • Size

    53KB

  • MD5

    910876e76f455eedfb514bd54759c443

  • SHA1

    93198b9a6291f67b68c2dabc403510f9fae8d2c0

  • SHA256

    6066e5203a4cd0feeac2c53b814481b9cfd36f00486a541afbf592be74833035

  • SHA512

    ddd0ffc9ad16887fbf946dbd71b74a55e56033f1ed3ab6276a799642bfcdf7f1d2113f771a85c6cda760f5af727909f09e84daa64c8ca685c96f77f54c5ecca9

  • SSDEEP

    1536:fSp5W/HJ2XYRcxvcrabdYzf9eY3Cc6duo:fCW/HJ2XYRcxvcrabdYzf9Kc6duo

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\910876e76f455eedfb514bd54759c443_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2116
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2116 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2700

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    2a267c8371f84045236028d9d98b0988

    SHA1

    689e34bfc1f5b0d068c4ee62baca3e32f2a8e2f8

    SHA256

    3e6148f5d2f700962e4ca856d369cf61329d27095aab4081997a69c337194f4a

    SHA512

    7da74e5c2144e31887d70c62f623a0271b33153f0be825828f006ecec9fcb7d1f006249171b2b6746953cec27ce3ef159f980919e2b7ac996ae64d2519938e5c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    724B

    MD5

    ac89a852c2aaa3d389b2d2dd312ad367

    SHA1

    8f421dd6493c61dbda6b839e2debb7b50a20c930

    SHA256

    0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

    SHA512

    c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_827A2BD464611B5891D523F77B43FEB1

    Filesize

    472B

    MD5

    3cbd995f8bc61a3669d6dccec2391d8a

    SHA1

    39e5903bb99f1d045f6b0c2429b43ea8e2d551da

    SHA256

    d302d7266945490d5d06e91e1c2557830688004c572f39343357dfd57ada50e5

    SHA512

    6335e0e9db04d46564a47818a02c3ed714ee705dbc70ecadf252f2813ef62ed14bf739ea545d69e3214d21600a2d9257013545ab3bd7eeba17fe1fb07b2a22ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    9a19b4f848f1777fc443fa391345b620

    SHA1

    e818159d67d5e6cd55c17e82357e7fb1625998b7

    SHA256

    cf52f84488bce999d6395122e26e0a878d2f685389f3d9a1170c8d6e7e40838f

    SHA512

    535490eff697ad8ffb24c304eac42deb589a9a83a5cf4f02ee5283491400e33c46b0eb6ee8880614264e53b515ac16c0b5f1d7eae8115e5b3fe88335e89d724d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2870b6fed4d6cf0150d2dc57e27d707c

    SHA1

    2820507d0ae7a92e577ceadb1cfd96439ef758a2

    SHA256

    a63617ba1164815d18eb4666a55f35b43b5c8119c5a4108fc993e787636518bc

    SHA512

    f192ad329f589a2e9c298ce8867a384db87700a4b66f4fae557915d6a54e875612ef8535f98018d53f8228b164130e728d2bdd51253aa32c00c0cf391d2061af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    26b8e2f7ff39f1b9e1c268f97db9d13c

    SHA1

    e67252d99d62ede6a6b3e7dc5d47693b3665f570

    SHA256

    7e159605fdb6043df949fa0915adc1c680fd3d3511deaedd4763fe41bf60a164

    SHA512

    b861b71a01b5e5c72177aad5b2ab02f864f7ce0f61773d92afa36b9e716538a426e137bad9cccfe100bba6cd75b5ad98b0dcef49bc9e1973743888013cfe56b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7753eee46c3f3791535d69ae19f31925

    SHA1

    33f97f41656cd963335ff009f7f93248f81dd0c9

    SHA256

    e842d1286676cce71abefc4bf22ac31693b81f07a393170c1df33a172a309b45

    SHA512

    066ae172bc85e1fa4c403c9168488374e485b01bf4f0e17a32ccbef1e76a9df6312eb0ef725f9a5ccb1510d915020f1e7f7797e7f586547104aeace5535afd62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e5ed7282e610bb3a605d6101130ac00c

    SHA1

    9bfb7f26bdaa091c7ad9a6f32606a402136a15a9

    SHA256

    9ce4fdf3f05b036b77ae771491918b227f0851a77fc9060146228fef04354e19

    SHA512

    1935f7eaf2b4ed20ac33151495bc70ed063919222c8444169663e8533d914a392d49dd6b3446cb6fd70d25e8ba8a9309f15a8ef725d3b66a9a960678a45f2c30

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e77cef46ab1b3261abbd5185e6a8daf6

    SHA1

    746260a4adc9bc0d39bc959f27f1f432c8062135

    SHA256

    a339a1a2a4980327048f47fd321d44e49a5db54d463d38b9e64470fa9ddc3c13

    SHA512

    a912ac6dc505a0f524e067e149f2084a6e82c30bc810a29d57420b3d00ffcec84508d269b6ad84103ca25fc9c7d8fa9d82faba6c6a050cc72e2a5ba98e76091c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2fae739521c0ab49b35cf41cdc2c2b4

    SHA1

    93fbcf8a1faae54a6c149aae9d6e0c82dcd35bd6

    SHA256

    6c715ea4502c8f28354d25b1cd648cb6e5e6a711e9259836330d918f9cfac884

    SHA512

    463da355922acec75ed8e9f7b1c44943d73749e30f5c57d354fd37a680be5590ace62b1f22484727631497ca67b64fd033abd3e08db8cdbac56e718403299cf8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3643d9dc066aa0327a6392e2c81313d9

    SHA1

    0ba235ab7ade3c4ece14e2d8c118fc42750b480f

    SHA256

    c1b890fa9ac49d69e9e7efebc62edd1fdeafd643816f492b10fd46a6cdd3212c

    SHA512

    ef401e24207bb4217d99795583711be3394f4c244480c00c30ba6d7d42d8716e59d9258ceafbfec4b8fbe70c56c85e3758d71ad22a6c1516f8be81e9ca1d6a74

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ac8eb18664fd2c19f28a887fc4b2278b

    SHA1

    73c5058c8943552703d0b9cbcf4a8a2bc25bd6a7

    SHA256

    c56f549adce7308caae01189fa2519d15369733c3c3d630b1c60134fe7718e7e

    SHA512

    6ddd56a87855584b1d81c529d622f0f53a3df90faa1bae380b6133b1539cf0da661f1050c868165b9b1b1359b697828a7f9c28eef4d2c336e8f4d544376d9826

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4b9a7a796bd8c1f4d40aaafe7cb360a3

    SHA1

    4d0ec8479411e2598a96d3a2d20fa02cad6496cc

    SHA256

    7b14dfc3f85789c5b329da22019fed81f47d060589ee5b6416c1765079c87c8e

    SHA512

    2a2311e6e10e1ff0f343a21744e34161e904c79d97dc0e125f0b26a75e96cf937aeeff27ed582b833193e6c7c4533b4a2f7fa9b9085ad63303ec76ef0443518d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    60934a5f6492f66ee6c821faf01b48e9

    SHA1

    200e6b4ae22daba3742b4125d4449ea7cb804ed5

    SHA256

    0c879619c429eef8f9de3df306d413511dbffe7c7465861950d87f5ed296a948

    SHA512

    012d7a52127a7d4aad623d2b2aa6716c1ed1a00f89e89aa5270edf0fabf7077605e130a7a3ad4db10c9e45318d5ba6ca9f3fe36b4516b5458e4107d23a4c57df

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fa59dcc29cd2ac65849397b11e88c505

    SHA1

    24dc9ed9777c462f4db25346d30d698bae307542

    SHA256

    5dcff01e9df588d5ec0619909e0711c95d923aff5bc6b777470cff2bc5ac6e0b

    SHA512

    e3219db929b700b7db48acab717512f2aaac0af91b24c9b484ffd3cbada9f83aa8ffc1989db6aafa798a0508e52049629a74d5f9183f0c66606b7f2572ac053c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    be430203c383e09966eb3005e0879cb8

    SHA1

    16617ec6ddbbccda9c69130aee15fb12a706e80b

    SHA256

    71ebeaf7a52c41056673b112e9c0da90a7c2106d238a06649f99b1c5a1e85775

    SHA512

    f63972a6613cd60e440aadec20aa3aa0cdd13de2fbdd2e58b8537c3b5307569feaf5bd7abfa3c80efe0c176d6460d72296b711709d8888e87d62a8c1c1a8f92c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5531f437f3891bcc3cf3fc593e7a88f8

    SHA1

    d426fcc353c27baa476f1d78f6da6b215b8aa57d

    SHA256

    a49349d579d2996f8fcee6f91b4abf02d5595721c91c45dce3b3feaec320d284

    SHA512

    9ad92a2561ebd5959dc27d7fa3b885a1c59c6284da83d1683b2309e656141d13a21e2bf79313bffa40ceb1db2114e31e075bd07c88ebf4311294cd2d5423b63c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b0c4a3f872135976b856bdc80e833593

    SHA1

    6852c48e627fdb55708f357c91e35db23e9f21f4

    SHA256

    f1b9b88826ccf5378aae2f11af5786991669e6a76257986285ed0c6e50048970

    SHA512

    4667cc17c1614c037fbb388bed154b58717e300cc0a4366e636f37f016a4e94cb23a945e9f83f9dc1dded745602b7ed5d9e4d300e2edc25f7b712fc4a00d78dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0fafc2fa823d4949a3834d746349921e

    SHA1

    236a5bc48bc6b27d7b60be78c381b2cd956e57f9

    SHA256

    98e91e0edcc7189485c3e624df66248d4c016e2489fcbbc570c0e37cdcdc3482

    SHA512

    49a864045f117c54b29e7aa7ecc9a631a64aa8a285e66f7094cc66bd2eb86b155655fb89bdeacac7efb7bd7c8974f2a555ca59de651f16de0277593375a03f94

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d1d298e98ab83e2cb39295b2e7620d1

    SHA1

    a3ebc16de1f2d7f95f9fceb2431c4d6d7e208b0c

    SHA256

    9728451c58758caf758c168af0758b21c0aebf6773263e773646f92f43473646

    SHA512

    81cfdbbe616d264be2654dc679d999ab253e830ee646edb251ff42107a5c28e6162dc36b9bf5cf20784a1aed8bb98f91b8fc02e1d97a731dd3d510fb9a720eed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9782d5db6637f65f360d62ed08dd10b7

    SHA1

    50df06c8116137211e85f73869df2133d62ebd24

    SHA256

    0ebd5a579564103f6806cc9a84cf360b732fe0066b546f94980e8996cdb5b81b

    SHA512

    645bf7c9ea4a0f86d0b127cf7f1eb63c5e860aa37c1b55ad1050cb7f1c8fa9716c0486574bbe3c09763a0e622b6c1894887bee097aa8ff6bedc4af92f1b8718b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    331c9585cf52d61c9cd063330a397956

    SHA1

    5f0c5f9a749b42462d035566126a93084567d38d

    SHA256

    c0c63ca09393d19400edac8c46fc13080b0c2e1123064d4eb9c6adf629b2a654

    SHA512

    5d0ceebf3b5202478c1583b877e8c5be1b3453d6711a5202bb163437789fcfffa0914cf1e42d047677b90c2e0e103c7256eec97c91b07899494d3077b3ed81ff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d82ed983d39d4a4a3d361cfc872d967a

    SHA1

    008b6ca527c0a4000283e8ced7ccf74503150a09

    SHA256

    1619dfccd58325c1afab1c1e763c95e3ac11b9c8226c6c112bb98e1db746aa9f

    SHA512

    fc4dc6c0ce98ffc5403220ecaab740e7ba74b497f38c85273c4de750e2a5f97affe0c48f3b49a047017d9cd69560d531c9e73849719784e29e6ab8c67907ef4c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c953d8a0eb1428a7272aea4af31acaf7

    SHA1

    841f940d42ac5f4193d54dd84ce5d20a72086973

    SHA256

    62ff220fee1a4eccf7acd85b3ee75f075f1c081efb3b5198b62a0091e990ee18

    SHA512

    70fdc347925026b343d5d79e2770cc811006de8750b66fbd9ae3c223cf821ad3f285e9ee1b5371534e0a2007287368253b0a70cf3bcfa5f5f50ad46a5bd735fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    392B

    MD5

    fa5138f42b1197db2761b68545d0c987

    SHA1

    a38c4d242052a69b70e0ce195bc942279294c092

    SHA256

    a5eda39d0961ca6e8d3fa47a74ce8d23cc036d3403bbfd9e1fd32004dbd2bedd

    SHA512

    521f9fd00af8277ac1bb5e849f4278bf839a60f0be6c9cbfd5ce38a9f36ee35719a9961229c534320972516e92d021a4b888445bf18eb816799f83966fe70f2a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    392B

    MD5

    d4c0cd034c2df524c4becb044d379089

    SHA1

    f21dfc1f8abbd6b2a25f4f3463694ffb6e7c6f56

    SHA256

    60244a016fb1012cd5c0ecaf75c32559ddb4f274b5609de428cd937f449c8db3

    SHA512

    d22f5408cd532600defc2902c1c4c5f9eb19e562f6586905c3b60a05eca20d0d6ee8bab4f89ef29e5a58241673dd68efc02697f7a75d53bc3c039c28213f911c

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2XHJXO3H\cb=gapi[1].js

    Filesize

    134KB

    MD5

    f9255a0dec7524a9a3e867a9f878a68b

    SHA1

    813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b

    SHA256

    d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d

    SHA512

    d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IW68H88T\platform_gapi.iframes.style.common[1].js

    Filesize

    54KB

    MD5

    682c26af19b240f98d2cb951721fa54d

    SHA1

    18e58b652c7f82a55ab4b1910693686049e25d62

    SHA256

    96428f0f585a874c185d560538ad83ebfad0365d760fcf9fcefe80add9e3c980

    SHA512

    078aeef086271b7f9cf0f6e3a1e7908d7e38465a1a7a4de6f2a785147e9130551a2995e80600824da9341d58e5425d4505518e90eea9ffe1c64f4f41825a9660

  • C:\Users\Admin\AppData\Local\Temp\Cab4693.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar4695.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

  • C:\Users\Admin\AppData\Local\Temp\Tar4728.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b