Analysis

  • max time kernel
    141s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 22:55

General

  • Target

    a2ce9a8a13f7b4e264739c53e4405f18_JaffaCakes118.html

  • Size

    35KB

  • MD5

    a2ce9a8a13f7b4e264739c53e4405f18

  • SHA1

    2d1aaab4eeb9d50c4f21994c9d35bfb5fd6aa704

  • SHA256

    9ecee91ca9ed94896d2cdd52321926f53cb763da96e8be7a8d0f8024b3552df1

  • SHA512

    ef4039c7ccde41eb16ef465fd34417262d246e88c365d44c4ed7cb3b818bccd2f15f0ee64ed4b259912dd6425b9499e3767424102c692404eb8099daf5dbd8f5

  • SSDEEP

    768:NiWExQjT98Vd8RfhV8UA8md8DzbFZn95Y05AknsRD0A:NiWEW8Vd8Rfz8UA8md8Db9nAksx7

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a2ce9a8a13f7b4e264739c53e4405f18_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2940
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2940 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2336

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    4680eee4112b89b852e1a669b93328e4

    SHA1

    6281a1683ce2b9bc2243d16aa607e2c7e02201c6

    SHA256

    214690e15ed2396b08a6fea5326347b13e0b9f84cf2cca13e781aa4715a0b12b

    SHA512

    3b29edcc54c4608ac153f64a3b8bb6aea5f7ebe907a676f45e3fc16ef965924a9c80cdddc584509d6b6dab2df9ea0c8bda50e25b040ed4dad01e6a5e2556b927

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    22b221bc96a1d1fc406ee207de9a4f04

    SHA1

    2d3e602fdeb5f358bc2cbf097e596fd5ec460d25

    SHA256

    ed6035eae319bd5c0e0b646ae622e8dc6b7b438b6c6c7d2c38c8363fbae6f322

    SHA512

    494ef448824298b12613eb7d6b581d90a089fc7af98959dcb22a54e53c613ea08ab5fb9a6924d3ebbaba3f6f786ce4b45a73f6a249fba89e1c3fde0e83ea68a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0cb5bcbc66f9b9c2f834d117889d4908

    SHA1

    f3b72d66fad533d23a7abe5eefd2cc7c12792a90

    SHA256

    24d58ec992b5495c1edb8cd3442f51f6d8b697f3a159116ef9fbe1a44ed35f6a

    SHA512

    33f16d3c1e280c774ead290789b0dd8d9a1411db3a8af99f5ea9f197ac88ea8f226bbc87f29ac8719b0a1a85b87edfd0e6c5180fc24e6875021f8289a43de385

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    533cb8cc86239faa1d100a6cc9c90ae8

    SHA1

    4c8ccb061111387a4f9aa6d516537f22c83f2a7c

    SHA256

    6bdac9cf168ec64c939dffadfa7d9b3cccf1a79c744cbd08ccfbe39b11402611

    SHA512

    c965c42e5a0142d8f30bdab717ff660dc91ac9e0affa83381d976b3b76732fb432d8b6d4b1ce555b548b131da5cc5086519c7d8ed5a377ce44d41e1ff0376f8e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dba1a3a363d6bbb46fbda0156ea02d99

    SHA1

    ef86bdc11fa7cdfda2e5296cc218694dbb4a1fc1

    SHA256

    ce818d4089a0c348ffbf88ffddca21b8b976a23ac0744c6be8e2856b4d89a7c4

    SHA512

    9b92ffcb7f6cf535ba2d6e8f474dc8275f1d9729e1ff09c6b8e3efe0817337abcfef5ed9ea602afb1e896cdddf6606ac9b73e04c14094924b56923c4d62505ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    48183159685480d7eff246f3618a6003

    SHA1

    962f51d8916f30d1a5c34dddeb0f050e078b530b

    SHA256

    6b710740c8976578d03f8eda74cc76340c9b43c403ec514f810f88352e3d1bbb

    SHA512

    42812b56fd2775c4595e2cdd7ba0f2954874dec1687985c987d5680df59387c6fcde1806d51a606405dd4b603fa50e68f76fd1ce1e0b2c4378c87458ad967dac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    faa2caffbc9785997e5f90817eac9910

    SHA1

    4a8541e0e39d0308637ac2c9a9e0e2f3fcb4e36d

    SHA256

    96dc2312e6ca80b8ca52747789786e9362f672d6cede8e0f73d4148181c28618

    SHA512

    f264b459645045c39b29b728620b02b154bca175026e0dcc218fca1ce88a43aebbfd8b83a6c61fe835c8382e1b521f7b504ee627c60e62c35f26c84bbf5a071c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b96e5433ddf39beabfae3c36886d2de3

    SHA1

    fbd4a1100d157067bc7d2b4da24b35535a6c6844

    SHA256

    dcea02ff7c61f4aa6b11b5e0526bb61f9c44e38ccd045f85ae93a86737b2902b

    SHA512

    bd24df74e11425cfcef8668c6257cf295ca57db304d814bb8064755dc5f37186859be35063a9a02dc8259687207dc2fcb24cbcd27dd0159e73d332f24b20ea63

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8294de006240a0d3170f2c4126dfa7b0

    SHA1

    2ca86818db3467e9e931b370eedd7a74bb7e2a16

    SHA256

    3883e79899507efeb867368b075e1d9ff4e1ee14687522739dad3d93bd263dab

    SHA512

    b907216cbffb6cd048ef5b917d5af3ec9c0ab2267a88edef2849306399b03d873d6ef6f69dc1b069fc493f64cea06d5e7a3f16958e4317434e09ff88992f94fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4df01491482f7c9c729f7f8858c44e74

    SHA1

    ab7cec9734b6abaede52c98d5eba80b9836e0cc9

    SHA256

    a832a312445f1affe091134e45b027836854169cd3d8a5f425383775a9ce3166

    SHA512

    65d17e5077f285dda5e305a4e0aa0d7568d06edb66fb1673e1ae7d2067617d71cc8cf0427f512f7b08891489a790aa8b82070160e9a1c32796f04072b7e3155e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0503a4709d953c818b68a9cbfe4a7d4d

    SHA1

    3a34b62434326854405bb10751cd0ba9e057c37b

    SHA256

    0daf72db5cdf9615ed90217cd19c6d247bc629a03f2a95fc66eb87e59ff435d8

    SHA512

    c57cd914e4d9faac1c4b35e916aed3434012b72aec1b8a151f228cc9e843f9ca8f3b6fa467b7cc5b8c15be983ca0817f350cefd7745d23d2341f2408be3f3394

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c214abee5ab0d6b5f2f497b909910d58

    SHA1

    0146cd7cd181b3002825f618850ff08b85b27347

    SHA256

    eab06d4b52377a67c81ca27f06c4b58904b86dc8f7dab0cdbf59da2b57b9d36f

    SHA512

    6c70c5195471b6ae7fa8b874dca0e072a7a28992c5576b47d28ea34d3c1de69bf83249a1f1a77b0056c28815ac48f06d50fd8ba15f4a1e83676bf6271cc6c412

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7454dcba52bb30f33a8a8ec462117260

    SHA1

    39a019dd5995d9914840a31b2f46435151aa7ea1

    SHA256

    c05ec3677622ef124ef2db982298c910496dd7481811798d8e06266cb7837f16

    SHA512

    4c9fb517918296f96d4bb2f8fd7d0083bf3c216a713493e9150e97d9bf8a8e0f53f674a0fe0edf275335e42c15e58fade9a81fd9990893fc64adb41e584b916e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b80c4c3e37ce6fab033e0859c52b218b

    SHA1

    6b2888e30cb889930faf71bc2af01a7e8ae9cf0a

    SHA256

    be836ab9a22a34ad8845c1c216e1c4b02df5fa2d7eafc554d59e26ffb27d51c7

    SHA512

    9f09d04a1c3f06276ddc6ef5a441ac23d8c00488b9735ee8909a31135b7dcf3ecd97c468e54168d2cd4580616703fcfafeb4f0f190b07b68fa1b066182d239ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    706b015b2857759dc3b1de2ef28f619f

    SHA1

    e740ca89bac796fcab1618bf124c7e11d670372c

    SHA256

    7f72e4ddc81003831ea87c480946f847f01232642daae0526bb40e74a26dd59a

    SHA512

    0b1c7100856eec9728ca7110f77ff15b6a78a4310a661824977eb875849fa1cdf01fcb6c1492138e56d6fade3ded566dd6d9343bd6e455e8e0d8ce1bb25010f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    facfc00dcaf4e1b7392eac66ea44559a

    SHA1

    69bea868c5b93a8f0e59295575dca323aad694e8

    SHA256

    1f9365fb71d769da844f5a1b05861ba8c575eecb6bec93ec89f57bb6c66032e9

    SHA512

    e3a71bd08d88adc99c2c556a7d6763ea2c9f49796f41dc04a3ad56ad010490a93f6f317ba437d6757c9ad28d34ee78bcd6b1811aa47a17b303f192fdc32f7753

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    352c6cde952a28ed900cdf7f00e05de8

    SHA1

    5acd0b7321244c895e3261e57647a65165902756

    SHA256

    50495aca23f5bb06fe7f1d205f66b497b732f25668b08bbf243531653ad2c130

    SHA512

    099e23a313d17251008a800f82a4425bdc5f5c42247467e87892089e9ca908b906b2b395b0a564d7f1f42347fe09cecbfdf98726fdc76e9e0acf728447d193be

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab466839f27d0f6747617e9d2712c03d

    SHA1

    23dc37111413bbc9d281de38e3f0e2637af0a2de

    SHA256

    b90b89e890d05b2fbc43785db9edd9f910a050ce3dd5cd7741b624e08b4e8044

    SHA512

    3bbc5f016aa37430af80280dd3b568fde69b7a392ce310c4896700090e0142d433b5c38d7ca651639f36c64a18519cc9739e6c8702a16ed31a66134d40310471

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1a7aad0af178ca119f34c629347e6158

    SHA1

    48410d0c295e33dc9259006d1fdcc490f6757d28

    SHA256

    7607a4216c471c70e8ce2754f877cb6f387f16468596648020259a07ed3446d6

    SHA512

    adfbb629da29023a6ea4fb41c727f19d5daed15bac7cefd9ca998eed70cf8c879ea4e38823c9d9f187a10fb841a3d3228a14a5fe89c78b823dfff9cbd777de90

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7adf99873096e95c3ca7001804d4528e

    SHA1

    ccdbe5899508f902cc6a8dfa7ab74a3e229e2470

    SHA256

    e7bdbd44e80b9398f0f138801bbac87453b6534a7b4bcc907add9848a8905c5a

    SHA512

    2a69c87e3697ed81d79c55b5f91cb08716e3ebb72901aa6d5772c58a1cedf14a47a34a89678a98effbab04756824e42c46fea9f8deb3d355131af8632d35b734

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dac5149203dec4af5c834ae400d90aa1

    SHA1

    d7e11fe4ef16e99ffd69518627ea48662fa23936

    SHA256

    8948c711583379b67956b23142becbab66b6602c7168a253631c0e4374916af0

    SHA512

    87e1fb2320e5958cba3e603dbc994d564372f785f1916bbe346c2b12b20c2c0beb32d567fa179c5a482b8c64c3b4fa179991565200fe7e154865c72d26db851f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    22782d2bd06b5bccb1f9e53e910fcf82

    SHA1

    6e35b65d98e4a0e442a906d66ecce0ce8128c27a

    SHA256

    0489faba8ab94fa75d2d01a992c2c130c14aa8b13edb3dbd384e2266487e3290

    SHA512

    55917d463075495f1cdf4c8f2dc2009e806166767ccf472ef53f32e645c1dd2373d076d8b8ab6cd01c8fa91e00d87f67e143801daef714304148ce80dfec0554

  • C:\Users\Admin\AppData\Local\Temp\Cab30B3.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar30B4.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar3186.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b