Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 07:59

General

  • Target

    9108b05eedf1f6dc8d67b03706acfe63_JaffaCakes118.html

  • Size

    66KB

  • MD5

    9108b05eedf1f6dc8d67b03706acfe63

  • SHA1

    1870b6ab2aae6514642c966dac3d6f807175b79a

  • SHA256

    3e1371e3a82bc06f514cef34e7c0d36bd28f17c8eacb12e40f7c81bde9a87ff2

  • SHA512

    fe66b03debd1b0a5cefa69121d21ad4745a13663f2b292a93c362e75202dcc974c46d93ea83dfc32b64c4acece4ff6ef3e9926b4d81cb6865b6073992d90d927

  • SSDEEP

    768:JiCgcM0St8tN99OIs84xaLmMcmO9oTyOqhCZkofnMdtbBnfBgN8/oycc8QFVG8sy:Jm+e8L0PaTIgeo0tbrgaCcFNnzAC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9108b05eedf1f6dc8d67b03706acfe63_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1676
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1676 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2344

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    2a267c8371f84045236028d9d98b0988

    SHA1

    689e34bfc1f5b0d068c4ee62baca3e32f2a8e2f8

    SHA256

    3e6148f5d2f700962e4ca856d369cf61329d27095aab4081997a69c337194f4a

    SHA512

    7da74e5c2144e31887d70c62f623a0271b33153f0be825828f006ecec9fcb7d1f006249171b2b6746953cec27ce3ef159f980919e2b7ac996ae64d2519938e5c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    724B

    MD5

    ac89a852c2aaa3d389b2d2dd312ad367

    SHA1

    8f421dd6493c61dbda6b839e2debb7b50a20c930

    SHA256

    0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

    SHA512

    c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    64ea3b81299995be352cf620d15dcbf8

    SHA1

    a7c5e9a3a2f4d5531e0f573118544c4aac085857

    SHA256

    46364d11c5943ea0dda64c6f53a2d295c23251247b7620eff9a55221568df138

    SHA512

    b8a22b7d69175eea334da81f332ed02fc5eef404e4e2aa56e5548f6e25a1be0ffe04742a8c58b5d5c4eeacdf4fb9f82bd7e9cb4b6ce86e707c43bf69cfad9003

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed1ca7b12a234c99977cf23eff4c41ae

    SHA1

    bd720898bee9b19faff85ad5b1153bbeb7269313

    SHA256

    25a2a048532db17f7f31d5022191ab85d6cd67019bd86f50aa1638daec8dfcdd

    SHA512

    f07115b93480d9ce8e9dd6313adead62f5a74d2e274a700a62aebf508f68e32d30dbf65fd97b67ee616f7f2d5c2782f0173fc68b1e7d9246a5b4b95bd5686397

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9fc81e886cd1dbcb48afdb9816a426cb

    SHA1

    54dedd2254d3291e5c31008f96708d272e3108c8

    SHA256

    e65e143f3aab299b851c2a6727d91f33ec3d677b57413831d1f25001d5732c72

    SHA512

    ac2ed63eb603da021467ad099a73b5979a7c116da0fffd520bf2869f3b0824640b487acacbb2258c6312c04318597c969780a176f1b02eb92a1d326a39bbac34

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6ea71c5377a5d0e7bfba75c7c6e9ab13

    SHA1

    17ea98c19cadb4d47a2b3fde400242a8052d7ea5

    SHA256

    d0109c62eb55c0a189d7273eec146305f18a2a32f3953cd7e21ccf76be746c92

    SHA512

    9f8338ade315cd63d95f191210c6d1307bba9764e35a7dcab6b668435975c47a4077cc8007a7bfcd7e407911273eca7a0362fcbd5dd40c47116221e6508d2b92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c37fdbfc6c236af6caab029a9752ae5

    SHA1

    59178c86e19dd2148a05201b7675b0e8c6fb24ad

    SHA256

    40e7cef5d512b0fef05981a72b872eaee524dc155897f45924300fc933903a1c

    SHA512

    e58d32dd6236b92bc0272eb64c5561064122aff782df79b864ab0998b31a29c4c2d3442381b7e4b1e2bc9f7120ba489ec5edde38f87e6e0a60a51b52101329e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    87be4490d275689152ce158bae869608

    SHA1

    018b13ef74823072730c97d0ab3dee57c9da3a73

    SHA256

    1b54858875fd7857dde5ed88b6333722a9d86fb6630ab9e45dea93873e5c703f

    SHA512

    9e6e7775c57dbf153190e0da14c782b83f675c6f105fbd49f4b0d51d62dd910d71fd5c58bc77fb640b38474a991ce791b132c71f845f6b056edcf4504d8a2f92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ed1b9157419f141ac9d139b6ae8dd45

    SHA1

    9586dd8510bdf8190ed5f72ee29bb36f16ef7aa3

    SHA256

    45795523b74f351db73ae60a8a817c5a2b91ed57f8840b73d68bc34bbecf90a4

    SHA512

    95ff0cec9f47bd84ac8b5edbf7b97f483e9150b75f6abb86a908953336afdcaa85c54f4b9359e07fc6a1c93b95700ef1e49ee67877e3affbf4c156760e7f1b97

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67d801a4b227a4b68c1790b434c0b3a8

    SHA1

    32849327c6965b5861979b02ef8f3d24cc206970

    SHA256

    15d59c7b56371bf3c1791bd383a2ee796d2a21e6c20ca184c1ad4ffee3bc1e85

    SHA512

    66d4c94886b13cf55f149bb021aed395d744743d3faad2e462f0b2b00029b4d1ca62b7a832b6385e859a951dca29eb2ef5483d71f2f656f34b5a1ac5cd5f12d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    97cbe3535c40a1451df1fc11f8d256fa

    SHA1

    77fbd13ffc13641008d36cb4948ab34fcf66f7e2

    SHA256

    de202cc931942e639116e80f51a8ca5554bd2e2cd1a690b7ce6e52f6474280ea

    SHA512

    eccdb4bdec5c54e526c164f7ec24b3dc18749487372d3609297691641f3f81bf7eacb32e88f0d53ecf27709c2b899dd46c204f198beb86aeaa0c9dc83cde8cdf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5c996d55147140557d50dbceea2848db

    SHA1

    c62c5897fb5b0832d1d7a3a051fa8a2404f87699

    SHA256

    d7564cc5efe059b798bea4c01ddcedd3c0e41fcea907d8deb074ac699ef4f768

    SHA512

    15c4d886c2679a8128f704c86e164621fe54e53028ebe7bc60aeca853f64a8e0f67fa45f026c585fefdf7a7ba7abfc80caed47c266d5842195c50f0bb9c02709

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d37767fa043740a0e0aa91e9b55e927a

    SHA1

    a0bf07c34d6689d5d8da76dce0cd446b80af9c41

    SHA256

    58662a6524f77b793363b896ec0e7c0e16be208633cce1d369d915fbf4fc7d4f

    SHA512

    9df76349c06ef65b87dcb2e5393870672fa8e679912d46b5d21e22e56ae5a9321eef8af19c8c8bdd3743624f4d053ee45915b28c86174fa2d1657967cee4a89e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6f577872ebd2de37846a49f87ecf3ea1

    SHA1

    8db39b7f01d4072bbcd78d58b7f1825bc2ed51ff

    SHA256

    0b92892448ff67bd7e396a752f82f29181062b6edca2d40663fade42888dae2b

    SHA512

    badde611e28b0ad32d93785a6496f31954fc9e13bca730762eefee4616d463c40d846610a9138e86fa8870b84be49fee748b604f76928d0ee8e3a5ff4db3d05d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    84c642f3f0993725dd83772e9cc1244f

    SHA1

    4f8a1420119c4699c9658e60c355a92678903533

    SHA256

    f0864caecdbd6206919971e3672bb790a50c9c040641872548b46af472e7d490

    SHA512

    adf5ec6b76c99dc5d56cce2f169e3a30bfbce491a9f9b61fc635489968cd157d8fc0465b55d2f268711db180a013f9f511f1c09149640e031a52362577e1f667

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cc8ea400758a7f37cb8dcbc910fd2eba

    SHA1

    6137e3a486d572fe66b24f09661d275b90cd14c4

    SHA256

    b8fd8975b63842de051adc3a5da91e6daec5d4acf90b1c725f7251562f29d1a6

    SHA512

    32c6b504d5fed56be7ea1fe359a1d1bbcf019bddbaf7cf70d20a4391b65e02e59a40b30bf983663c120a918c5331b0a39682a63e0ac7a710cf0df5fc12243fd5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e91ea4336a5f6b110f43b0064e617d7c

    SHA1

    006914c33821809de3e285c16272c76d848054f5

    SHA256

    834344fec541b0abec4f65bbd65c96ef2516f199f66922bc6e9dd56fb0e2cbfd

    SHA512

    07b8463f4c3b1b2012b4e506c44e373f1b09e16266c3dedc919083dd3e9e65e9f5fde6cd3a15cedf03df8e8c5dd652fb53604a589c46e7b1b5a2120e0545209a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d7801a096dbaa658ed8f7c1404ec8030

    SHA1

    9d070caf0b82f95a5ebf6565c501ed7ff8088ad4

    SHA256

    f3e626473ae20d5c9b28d52bfc3c32360ed1eea408eb43d36d88c9fe58bfd5e1

    SHA512

    9e6f50eb7274f375ed3d02e9c81221b0f7331df8ef8c0b9ca6a759642af88f7345aa8c2abcee5dc938cbb5ecce6d40f69d2c61911f1c446d8d436ed7dc4d35fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b3d26349d2e439307588763585feace

    SHA1

    38b87efa67aadd8caf3954d929165d60d019666c

    SHA256

    8bfbe20d96494ab0a33b7554a92960d02fe0047fb2ad8173eb45a7faa22b8714

    SHA512

    764d8d9cb6da4ddf0e70c395f4d8cb737314e9954544020df8d1ddc22c42717edef7168e8c0956fd41bbe5321b3d9971e7f7e2cc43d37df4bd42f26feb6a7ab8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    52ccbdab063bb46a420eb606e0970d44

    SHA1

    9ca87c516ce20089a15a0c81a104d40bace38301

    SHA256

    112245fe695d4f218e02f02c216444592ff8f3fddc0e76792e8fdf1dcf5f8a1d

    SHA512

    cf447f1d7dc0ac09c6585a894a445b645c83ef4d15c413a5be02a13632dd952bc6ad753a3097e94890ffa5f6f4c31a6c611c5e119e9015c2c3bc7deae6bf9932

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ca63953915cad9a7d997d788828d508b

    SHA1

    fe3b2777e8b354badf2fde30c7fb05c8988fb718

    SHA256

    543043af229ea0f58850746518712a164eaf9a2a31bb6bae1e1707a5a76c624c

    SHA512

    2bf2407248165ea8d15ce9ba6416e8b9e6c8a532e5cf523e9056b1168d57e7bd7d3d2b75f53417591e1a86fac9809db32605d2f9fa1a349d020376482d9689a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d528f70980c80da971e265b7beb79ded

    SHA1

    4d918def874b86f512169da1ad77eb36293723ce

    SHA256

    ad3d04a76c74545cb0795bc411b96014a5bfc4dbd7ff7dbf6ca7f7cb0188325b

    SHA512

    af41c22a4ce1ccc37aaf0fec4a367a3e42bef58487344815add8040e4e5b4987bb313c5078d26be365079ee43384f12a25a1f2fe32eac889300b39e88d1aacb1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1465dbb6167804f1d20019a5663446cd

    SHA1

    4315a310f1be23c842ca7c09a22bc8d8bcefdf7a

    SHA256

    6b23951dd35a7e11b675d1c62b2e8da02cb7094c2a8f356a35d3c00d853dbc94

    SHA512

    0768b524976bcb77a12a3eb43cafb608a192864371d88129df1574568f5a448315a8391c855a4c25c8c3d911da94aa2c6f9d851343443c89bc5a92917d575403

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    3838bacdb17a3a73e89e9ee3a8eae8a5

    SHA1

    f65af5160cf3123c1d955fe0fdfdabfd1ff5a148

    SHA256

    f493f5828c0975bb29a01bd7937664e0da4f13a598cacb2808044c021847e0c0

    SHA512

    f6fec60294f0e06120fd9e3d21b4f306d664b133b87423acd41ad110b85fafe9cc9da3fc3aa7a4ef227f7ad1cc3acae2093e63d357e334aedee9a51098cef60d

  • C:\Users\Admin\AppData\Local\Temp\Cab38A0.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab399E.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar38A1.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar39B1.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b