Analysis

  • max time kernel
    120s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 10:34

General

  • Target

    9176b1450f38b24d0fa30c009d531643_JaffaCakes118.html

  • Size

    65KB

  • MD5

    9176b1450f38b24d0fa30c009d531643

  • SHA1

    e829c725a3258e5be7fe1f79fdb934bdfc4a60d2

  • SHA256

    25f27daf8e62211118a22e1b4cee878afca59277e5383f69c1653a0cdd4393d8

  • SHA512

    ec5340e423de32d3331d54b3606e13c0a0f9b4d2a4b533ec9a5a79bfe253bb2556de997e68122cbc1465d41471cdad5c8ccef5d671ad48a2515bf3375d80f010

  • SSDEEP

    768:SjTUGElKh1SgvtO58kVF9LfGj5nMsRINwE44PyNs1bz:mTTjSgvtO58kVF9LfoxMf1H

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9176b1450f38b24d0fa30c009d531643_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3048
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3048 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1852

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04

    Filesize

    471B

    MD5

    5045963f2f3edf90c8bca8ad623d8ca7

    SHA1

    c0a2729fc8e9b10d01658b5391a54e783fe13ea1

    SHA256

    3638488981c1c73205ecf3c13253e8fa4ae7a70110f6e87da7f4746962d587de

    SHA512

    3e054dfe0a69c357ad6eb0f7cf3abb574962ec21d4af1817e5c95b2b7766f87c108ed71e9bdea020a09ef4d6c971e5b8ec502554f018ccf1b1c9092ae491ecc7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    512b1642e23fdf9d7e93d5e38092f469

    SHA1

    41598583f1d0e51c72950fec6addb6a743f34fad

    SHA256

    c8f8ba383a5ab255b61a45dc17ac3231fffc34e861b2adb0314f84eebc99114a

    SHA512

    0ecb1798dca81345be9581d980d9882dd8f7db56848c656c052551c91779bd1091980a180f0a824842dca7db058fb403be355a5fd257443ed3b98c015b4dcc8f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eb9045a2b7dd7ccbf3ac054ee1b21e5b

    SHA1

    3895e5d813ed4ef4687d23b0482604cd85b78934

    SHA256

    792d23d5cd6dfb48e01f4c29e8cf0c6a53f85fd5aea8054251120c3a65a1957f

    SHA512

    301392bdce0c2314db0bfa16d85a2539d8576620c3bb556ebb6b5b20480a56509552ee3f9f083679b67345a2742204ce7e48a555ce7636b5e6623f676593c30b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6c8a59b801d7183458fe1d7bd60c03b7

    SHA1

    1308c94a1cc0e045adf2d30cf51684577d487e0c

    SHA256

    978920e8dc4951040bec8b00f3ee0497dc727fb2e55eaa94d106f4d45d9ddd4e

    SHA512

    5b814a49aa62781f8c20e105a72f3eb25aa8a2a644f663cb399b5a8309d0bae330ebd781a8da9e53f5bd3f5e153e11afaa2eccd12739e2036abd456e18a07fc1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2c0786bd4f11e26fa611589a83126bda

    SHA1

    70c27f09eb380a8710ba1af67bc379c43a024cdb

    SHA256

    db7d0d7d40f11804f5adb146327e03612825773518d8684e25c8460d3243f3b2

    SHA512

    34c767f4398a2cab6e05bb355b01128eebbe279d5ac8f421d98678ba4a1e478e3ed33bc4c731e20b0194c8f05b08f659e6716498a0360a1bcf58e526455c06fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a2115d4ef59401e58ff8d25d18347358

    SHA1

    81b5e8b6f186454b4063cb0c7087f1274476c6cb

    SHA256

    e92edcbee031d0b430b66ad48750e0d8ec88fc73223387139f7d477a72ce8093

    SHA512

    663a6ef86615ba7d81d17a7fa8e1edf3ff9d888f2203a75d1158476c9090385f58868438ca947b3eea10e64ee3e523aae17b95553bd56c60ba93b43230dd82ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3efc8208b799a05acd595078cd2a370a

    SHA1

    514ce514ac86c0f3df2db194f8e8e893644c9bd6

    SHA256

    1dc30b2c39624c7f8641b98453ec8332682a170d490fc731140889c711e66af7

    SHA512

    0445736cd861d8fb672c5e22b2ba0ffafcff2c1a4014e314ec2f57f1b13e5dbc23ee7b0819f9ff71d83547d7b559baa80ad46b023a8fd683b67c9b9834572fb7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    54d3b1a73a1443a9a046c7a5d84da611

    SHA1

    aff56c243d8c03febcf9032aa340299d7798449a

    SHA256

    8398c09d267e7b02e1e549748faa398499a197ed21aaf05c285e3da0fefc5099

    SHA512

    09c490d9af7f2071161693f71121e001e1b1f05ce0ae18a0a47bf46823df712f7ee39b7646a0ce65e82325419ba62f485a643909ad565f72e7676de5853a23ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    56170d046238a0e4854ba61d48ed8964

    SHA1

    4f97456f1bd79c852867fa7400c8748944149874

    SHA256

    52199d0092dec5f2a1b69e8c787d56152535d7d6d91a28870a26966b4bfd51e5

    SHA512

    021fb74ae938285b4512e28bf2d917b01daa9abf17bc03afdb9a475627c4cdbcf893814076dea10ade3f0759bde1546693d42a61d13ea85e92d36d48ad5685ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6b7cc34bfd7f43647a692ff086cb8c68

    SHA1

    b6079d8e0d19bf5ab74ada82da03fca10f71a701

    SHA256

    41e75b38eb6b75b17abb665a95a7d12f29a3a661a927273900c438f257fd17dd

    SHA512

    1cb86dc0093de7c5735aacfa095d6430afbe660fc963b688e3dab2584114fa81e59ccb3faba21e6f00f81193f1d1a5136e0f398a83f21fe272b4a463ffc14d19

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d9a25cfc11e11fe02dadfcb7bec94ea1

    SHA1

    2414ba6f689d9da1b788f4fb2ab65b31f4476402

    SHA256

    cdbdd06f368048a00b88cb03de996c8175bcb724667f8ca1ffabaec05aaff4e9

    SHA512

    7a7746d208352bb50f76e5135e0601c534bcced0c039c6ad74672e8ba2dbded29ba49a1526964a3ef4df130a1be5594e7f6959abd96f84c65e5f68ab971272a0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15322bfa09c6d4cb9ef1d49143553336

    SHA1

    bca2e1a305059311963a8b39b4a095f39522b4f0

    SHA256

    380b7be11ffcfff5cc9bf8301702461a6ca10601a4184aff680700c050974a36

    SHA512

    dfe2ea9180f19c7c2371f1f1362a233d4f2beef829f9397a3569f6203131c86079ae40cb889635c20c05dec495d8faeec3a85d2c54fb42a33dbdae6fcd9952a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    72c0c6f9b2670a9816a59e322b9f6148

    SHA1

    4e614c69ff3d8657db9c2003e2da3e6df6ef96d7

    SHA256

    458cca0ee014413695e36d8a4199c958e24c4f207d277c7c33a57ef86429281e

    SHA512

    b45d3bd4266a8cd6c4ad890fef91e6180e07c8bebd24c10dcb239d321ea1aff83de0c9553c36256b27fb4844c23792b7797dc8ce9b2e8e926daf5b71c4b5a7d0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0ea33ed9bf3152715ff2ca4884677d83

    SHA1

    138fc08be27c3487ea942b984b6515e95753bbe1

    SHA256

    d39900b4aa51e7a67971f3dccb394d6b846cdbb1eaef9a59bb7a9563887f0986

    SHA512

    e5889be23248b14f2e994ace9e2f231cea813bd2f5a3f71bf9bd9dce740fac56853ffa27a988714b9c1d92844f6f083be375e062fbab938ae763021f8fc41da6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e63b665ef0e3c595fbf8493ee0b4d3a2

    SHA1

    90c6c47228cfe386fb90e44cb3cfbe58371b8641

    SHA256

    7f11446cc5dae48f1d3d3d4c431d3649890e9cae657a37c0ad955818b7a9a2ba

    SHA512

    118eba080ce0eae11d9d179f312bf56e6619ddd7a78879d66f4653b00562415db42dd260476a0a9752375b15454169237618125cfcdfc790ae7679203e5408cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15292b9b367ffe17360890ee442c35ab

    SHA1

    5b996f4d8fbad9cf1b2fbd415f70f87062525831

    SHA256

    84f68094935fac5c4d715d94fac919ad3eb5d97f5c71f2aa5c5fb287fad2688c

    SHA512

    8e55d73192e1fd87041f8139915952cc4176212d7a13c3fcd203917179bdbc5e4cb96ac8f443815317ab567d625295a2dbbcc36d4713c7d92fef56afd0c82eb7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8c44b69ac35f3554312fca2856836de9

    SHA1

    e68f8f11d505799c012afa91a0f6c3bea3fea6bc

    SHA256

    c1489da600fd9e3c9c1560f33db14fa9348df60cc68dcf717fe1515a080be6a6

    SHA512

    b8db4504251a099d712671a241d08dfe6be6c2cec0ed96ea3ec600481e308de4b12566583b2a52ec991a1696326a1b9a2e47395a90b0d9ec43c6bf0e306670e2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cbe965f3e1bf796f92a6074b309921f5

    SHA1

    ace0b611938d99e3233a92f19c818b7a62a183da

    SHA256

    a35b92a597485af3b084ea0152c6a20fde522ea18a45c8af45edc41ed1036e5b

    SHA512

    9b80123a9995a3f31d7d38df1bab0b8a70615d06124e462918f1f7da4f67223cdefbbb376b06c9d846eae9910c6953da6b3e69afd44af894f689bda249738b39

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d0b4e9376090f64b33bdb8ee12a57301

    SHA1

    85b1414379559f542af13e7006d96862eb8b2dfa

    SHA256

    70e7871e23d66ee2843ddaea6df247e1b4f9f99bbbc4df23b0cc7b383924a5c4

    SHA512

    9022f534cf557c9549eb066ec5a3d9c4b14db55cc3531613abfa06ccf9b5ae9ef69da63511dc8af8b394db308447f4aac7811c186707cdcbf382a05c5e66eeab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c217b651512a3f0dcd16436ddda2bf70

    SHA1

    cc2b5c20117a7e47a02bbfd452013abde4ca10ac

    SHA256

    8b52d64780c653e127ea85064aaa1d70fc2dfa23d9f1e6dec5fd37d9aece329a

    SHA512

    355b422e7d88142ceffbbf9f83a8e2f3fd77c1bf4518f56850273a025496d516806aa43aa18b7ecf23f44fa3e0a14627b0a91334401256e2fcbc4a7709364ffb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    11c5a8fe7f225e1ac00c65f85a6dcd93

    SHA1

    2c5cc35f772d73fd0ebb6897aa91fb8dbc4353a4

    SHA256

    f93006989ac2e48c1aad186dbbd336d188cc883f392359b69c9ecca778c9be35

    SHA512

    50bb4a5b33f09f0efde4d9b954b9783e9593de0e968bd6badbeba5b4fa6fcfca11abd60e5fd50cca9fa3f80e64a07e3b36b798fb644924cf53890d0a146ea575

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04

    Filesize

    400B

    MD5

    8e9a48adbc4734745b0cf256ae3aecf8

    SHA1

    f2356317604a404be170e5648c4f9234a274cd72

    SHA256

    bae41e820b9b9a9a6fcd574d006498ccb8c4a082b405ad322eeed51dc4e775d4

    SHA512

    2f355a73b6c0c6dd3c1a2a0dc678e0cbe7af6dc486df16580f141925f69c08fa5917db4cb596e8cd30c793c0c97d4e3d2a1596a04106fc6ecb7774c033e7fc4a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    0fb7b0626f06acff6f6cc438def88e81

    SHA1

    9bfc37877745e6f01b5c549a8eeca714e0c91689

    SHA256

    369eaf4a37ca7eef6b22e2bed377fb861ec2a37785428b7d0ab9d61c7e42e5e0

    SHA512

    a80b3e3e65d5e1ccb2afe96134ede3965623e05c653d408c4c15102729a223b9b3c05cf61fffc9820f6a67c621ed109596300a699f836f55d50c3f68c0c75be0

  • C:\Users\Admin\AppData\Local\Temp\Cab2428.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar2439.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar4BE9.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b