Analysis

  • max time kernel
    119s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:01

General

  • Target

    910a00dccf4fd6c05f30e7e8499e1617_JaffaCakes118.html

  • Size

    22KB

  • MD5

    910a00dccf4fd6c05f30e7e8499e1617

  • SHA1

    ac909039768fc924883f8742c79605c62632f504

  • SHA256

    320465b593086379c1a05ed88b7d27c9149667cbf310162a7d4cf6495d62b139

  • SHA512

    cbf732e711a55764101fe77b8316b7d61ed8f5645a0b259541c51355ad94bfed8aa2b6c1513507a0d39fffa9999d50429b27117e9cfd2e53ef962cf1c04e04b8

  • SSDEEP

    384:70N7izwlTp7foNpN7Sip6XOOqOOFOOHnJocOOnOOUOOEOOCOOnOOijtOOEOOVSOs:q7gwlTdfoR7KFmDqCVIc+odr

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\910a00dccf4fd6c05f30e7e8499e1617_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1720
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1720 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2276

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    94d32f983479dbcd80161f7fa0b21075

    SHA1

    c306728400d983a3efa7eb166c32a9aa89df9829

    SHA256

    dcc476135032bc2322d9acd9275a550082be8225dac78703e0f3b3f5a44ec45b

    SHA512

    0c6e56eed0bd4e509bf27ce1ba1a83a488a825f80632f7b500b6538013728246cdcb00386b83ca3234875e2064863443e001afcd4821576a990502669bdcf122

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    b3aa060a5feb862b9dc28306b8ba22e5

    SHA1

    97c083d6b1621cbd7e48e29ed32b7508f2a096a8

    SHA256

    a44984cb0f309d951163d476bdbe6b55fd6663528de6030b2b4491047711be07

    SHA512

    95821fb14fe41a583a9ab3faec886fb5a6e56889bb5f9c48a60b5511c66937d77099cafe320639f4ed963c2246e6582c6964ca3d10ca82a38fac99534fc05eff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    19ecdeaa4983f96acb8157c6f21981e9

    SHA1

    65693a9e58a0a7bbdd635207ec59cd30fe972877

    SHA256

    c8b87085f11366145b7863b3d5b811253ede8040e4b4490267c6a2bb2acc285c

    SHA512

    504623636fcafbb1d2908f14c479d5ab8cf00843a3470f8393282e087b92aadeae39515cbcea95ce62de9f0470ac9d21696e0f27f20dd7e7ff347008005a9d6e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    d895543b213e58a771f0ef75ecc61fa3

    SHA1

    78f3a85989261c2c5fd6ca952e2e019d63d3e333

    SHA256

    7c8cd6432eff94b1a19f6cf1dff232fffc45666e3ee7cd497b7f3f1965fd74ab

    SHA512

    134cbe1ea0ff6b316fd20574f8aeee51d3a821894640db53c5b043e425a986ef8a9cbe1826ee9a1534a19193f0282757826110a921c96e86371a2792f8d974c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    7faea18332d476d9ccf76b1be6895ca9

    SHA1

    ef6d0b9b7b2c8ea8a2b461ba71d9578925e88a5c

    SHA256

    488c412e5536d1b94cf38b44cdda5d1c93fb94fe51a4fcbb1f7697b729ba83d6

    SHA512

    3d7308f187951ce7c3e7323c28136d10be6d72a0654100d6942501e2171c154db4d979b50d3c5108a57efd8d0cbd89b822dec95a80fbd45fa10d746a44490dee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    c41724d8f747b95bcfc88e025f8395c5

    SHA1

    7f7dc2149d4c6c6c88af766396fd034c9bd7112f

    SHA256

    374562db8fc6ed124d4e7398e9c00164505bcfe885030754a4a88781d06667f8

    SHA512

    7b0e9a654e08a7d2be7ace7f3c32ea0008a83de247ed770c6ccd3f3e6547e65bd9e778a29494cf47bfa2e70ccbc9666cd27898c580c44033062b8e7e848774da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    fcda700076d74382f8d177c4632cf8ba

    SHA1

    5cfe37aa2804347f090bd07d5992f0f7ad0013e7

    SHA256

    c2f013c6dae95717b30b64520303ac38f9539b8bbb84d1b767ba0999519c3a8d

    SHA512

    4cf9ac9b9c9ce0b763c5eef07ffbb8d5c964b84e5888d454104a9a88664444648fd8fd4b1eae635ef5901b36bd9a09e369dd734aa4287aff9e28614f8b8cfcfc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ff3bc92252e7dd3fe00138677978b31e

    SHA1

    c61ac16778c43fc5728bf86625224db70a7d15e7

    SHA256

    5a013c0f57ba3b3b63dc6c6408e7430de49747f084778faacc2c3ba869f70204

    SHA512

    d7e7c0a885361ee4660853d6b3781ac6d69cb10c68420ad628723c1591a414d060716342f061d2306bb7ac741867d7887cfa1cff69b64928bf10ae55d3d9e6ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    8e58955f7f10926a9c7fb45bb52d7ee1

    SHA1

    dc1ceb0c50a003a017acb8f21c9aa6ae65077248

    SHA256

    50bf2b70a55ec3795b644763189d58c08a24b88eeac9bf50915d7ddcd8f11284

    SHA512

    18b19dde2d37445a3cce2784ba21a83ff41367a27d9ab7b386905d2a4e711bcab4abfee9cd8203da869ea454f98ede462ffb6455bd8a80e91f955567ca191074

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    2606ad7db7f546b9b85257f699fa1617

    SHA1

    ae72ee19a626f3acb1c859e9e06f75cb6e569b0f

    SHA256

    21bc3fe410bc40fa609cbbde5a115b07165ad90b2ddcd3debe2f0fd6ebad792e

    SHA512

    d50efecba64fe72dce38e3950405f7c960e7086082327cfd0f46bde6bc8d9f46cd2e245a7fe7f63a31a0f373648b4f82b3ff8d7487fa9ebaed862b771240bb4f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    458ce11d3aa29feab29401fb85faba58

    SHA1

    99ff4392f49409a2abdb60939c6661837d4e803d

    SHA256

    a68831989a2648a3ce27eb5ba60464a2574ba66abd8c558746c77a514a219edd

    SHA512

    837953b9a9853395d02371ab31188ee2515e169e7ad692f1dd62660da04339e4e6f286656ee461577c9880130d3b35fc9c4d92f28d5274ad2b05eff8cc91bddd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    d203eaa258dac42fe6c80160912cc4ef

    SHA1

    61c062210312e0a13d69bda0896d7c26fb4aa67e

    SHA256

    b45ef22ca0744e3e1a79e59b22f2873042c71b862827729f9b4c080b52cbf6af

    SHA512

    2666678bf0a9a2ed53e069b69d3705b9aa60ac720d438eb561e1389ac58a1670117334fd06b68fd017e59c1de156eb1db7a4d3e0143a21cad1a54aa47511d1f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    869e2ef51cc9ee5eff388e9da23190a4

    SHA1

    c8390a3996ca7046d9cf5b2fa24b6aabdba41411

    SHA256

    67e93d8c2320e29c98bc77f8792102c140415e6e91816ddf35bd99e1c560f67b

    SHA512

    c7a8e92a2a7141374da7988107408a5578b79a822e9d6100007795f3a9db76901e851b9e212b0bc5377a5c53186cf4c9e85411ecee9e62a287dd5f30e2af0ee5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    3400d8fd981ac260b3eb5540d4623329

    SHA1

    f5032a8fd4c0f19cf6093d175ab387222a2d1f6c

    SHA256

    6de13d0325c68dbcc8809db5061f62946c5a0c26f03923b6fc62948bf3a00726

    SHA512

    474bfec31feb2fd97bc0daa6808b42ddfae107adf8d6561cd4000243b3f6069f729090a0837df5338d468f2a3b244a5616da43b5985b589083a4205462ac5eb9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    a0a857d1a2d4b4a0122882b25590fc47

    SHA1

    646d363668cb098f08a1bac3360a8ecff872c3a7

    SHA256

    37e2208667b8d6bd85921d81bf1e8156af8ea2d21a4d8f07d1bce61a2928fac9

    SHA512

    2f24223c9d20b3c4358ec3babddb38ad35c9b03a92b90b4af0d8520935a804172d146123616a6f3952c3239e949ff0406b906aae320d872fe573dd7d792396de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    c88808d270d182dedcaee903aae71763

    SHA1

    bcb74a7ec00a726dea6480ca00bfafbe1a0c8963

    SHA256

    5af7bd050b9f9936f950680009229e1c4fac2ba8459ba0b1220d940c7781130c

    SHA512

    64345d19ae801b89a39808143533b9a7c9527987e5c3ccc9cc71540003b9f73d13f99fff80ab160c4fbb0af896e6288f4303558ec920ead00f4c175ce0b738e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    2a3b49b1c36d064ca09a466347afa29b

    SHA1

    623360ab37b77137d85eb9f7f66d56bc0267e4ab

    SHA256

    9fdf37fc507d1c0927a5757bb1d6abfc477b39e1372702d4b34355d17214bfb0

    SHA512

    fe996f576f8fbc146ea69b1e767883114323b3d9d499fb05768f8ed1d24ed745171fcf00c12935311f37a4ddd05990c14a4ca361bc1ea0b757baa1ae041ffc04

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    79a91120b5d514096291e8035c6a042a

    SHA1

    eec78f7a7a56e7f823c7c99aec4c5f12ffbcf343

    SHA256

    1a17ed760a52d5c92eaf26c8dd5d2ab4e3868b8f0e645ff91bd28b66f92b7b5d

    SHA512

    4427c48016fe4a14933b9bce46ac54f9d317851b9df04fab8e52f94a46d288434ed3ca6bbb997d5e798c0903c533d5597c7f13eae65325e745163c7c412be439

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    50d2de0fa897be46329ae26ed9989136

    SHA1

    ae6bfedd73d8a868f113dbe78302aa6964f894f4

    SHA256

    1f2a06cc340fd9d560c50001e67a5d52efcf90bc2f47fe79aa456a51a3d8ee74

    SHA512

    dbd5ae4f674dc474cc978c7cad9708943e5f3ad95a71f0c8b46e8be6ca5922ed211773d2067b3bc3c7af1aa84cb7e4c89d9aca0599be4133838a25149b60758b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    1ff440e321645567669a4d2262634aab

    SHA1

    53c1121554912ad5cb8ebc2681afee7961820d70

    SHA256

    91ef53413e03c6fbb2972f7dae3f486368d62fe08de6e91ced9964b59f880265

    SHA512

    63f9bb50e4f3610ab33e042212d8f0690028d897cd7525b303fd1ed11deee3267e9102458936d4ab661dcd3b08fc975beecb409237e64a6bc34c650bc65e57f8

  • C:\Users\Admin\AppData\Local\Temp\CabA8A0.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\TarA8A1.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

  • C:\Users\Admin\AppData\Local\Temp\TarA925.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b