Analysis

  • max time kernel
    136s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 23:43

General

  • Target

    a2fbb11dbe3b80ff6c31d027ccefa1be_JaffaCakes118.html

  • Size

    156KB

  • MD5

    a2fbb11dbe3b80ff6c31d027ccefa1be

  • SHA1

    8fd87d28fb3cd804dc42b05e9a55b47baff36921

  • SHA256

    af6ccf603d97bb13a6113a3924c32b90730487484ec3c57daa05a1bf9615349e

  • SHA512

    509dde70ef6dd96e6695ab420b503fe2b535372360f891d15709bd8992198ec3e9b7e04defb0fa2cd5ffa257bb5d1eec58fc3e4aff499ddfd78afff8a7eb3dff

  • SSDEEP

    3072:S0225Jct8y55ADWyfkMY+BES09JXAnyrZalI+YQ:S0hM8yUDTsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 43 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a2fbb11dbe3b80ff6c31d027ccefa1be_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2924
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2924 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2060

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    8b8900edec82bc09858ea7cf53ad802e

    SHA1

    6d53cc5155ae2b22cc2d609ed5b8cc681c5a1c3d

    SHA256

    2a80f1ae5b216a66fade01e6b16a6594d61c1c6133f04fe2721f246fbfbe1c0a

    SHA512

    ad2a8134e8e03badb4dcc1b238b27365fab0ac1e136a9a4ad7a1ac0e478b47fc27f323be34e68c7a779192e2a854191d3dab4d48fe46871d20f22fd294f24622

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    02c47459573a9095a561054a27626e70

    SHA1

    8de776fe788ea148aed369fa8f3a6399a7ead476

    SHA256

    5173e2066c339f054374b163bbf8418604f20dc76e20b2ad295e28e5ba8f557c

    SHA512

    7bb824ee58ebe9fc823ee7ea26d51961ab9d9a6661aecb8db087ba5ec2707e541cc57b8d16a22cd813f4e1f11225f162bb8f33f78e63fd2008993e335462ee5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a410aaaffc7b3b2f2d9885254ff457ca

    SHA1

    1d5773b910bf3429464f7bf9ba75b4d12544d687

    SHA256

    9d99b9b09d835c574cdd706f7f053cfc4acb97dd0f3c5d19426ec6be40adf7c8

    SHA512

    0ebb9751a5c955d83c503ea0429262d33b8ae367386b5dce66fac0de51084660e689bde1c49101a26bcc122836014278b8e621a9712eff1e0d007ec35312c63b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c55ac2eaf1d72af7600a4e18548eef69

    SHA1

    ab20dfd51dd732c7c206c6335f9e84171b0ec441

    SHA256

    b6f79eef95f776e301301996adbddf22bddfb5bbedd6f36ec34a4a5f1cd66484

    SHA512

    6695c700c60507734479ee4f38244f098228739220f50f0d7adb09c6748e3e53058fecb0e08ece5b6d30d695bdc2fbca29a647a422d94cdd837346b524b49bba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c76cafd329ef9ed538b4f1e17f19c21

    SHA1

    337a53e6b7e26401011f712d9a86a1639cc3b169

    SHA256

    e17644d2142f5ae0cf6cc3a156c82b163bc0bb48f56bf28b07d176ce84acea46

    SHA512

    506717cc11605daef93b9bc0278f765a78dc455e372668511c929f9a91e4e7827d545ca2a4244416bb10fd29d94bd67e9a783e030b4300b59e17f42ed8ff88b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    91fb28a89f056918af7bfc478254e930

    SHA1

    78f34692862cc737c4f23035707291db5c1959f8

    SHA256

    d29f589a39d0904cfb8f78c919e22233b1f6475b798867478fb8ce46af18f19b

    SHA512

    d3a4113bf24971e8cb2efc0a2bad42a5f5e89da21bd1bd5b79e4c656b820148ce7f1d2607b9f7e5d974386000ba38a74002a69aa58abc61700061e85df82701b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    770e88c841c7aa24b319650c37120f35

    SHA1

    b9b0aae3a7ddb3efe990cda0cb0a23069e2ac544

    SHA256

    eb0f44e132c4330401ea44d18460696e4f52f4ea093f5d221e0a8b5f00f0d406

    SHA512

    d1646218d0fd6880730cbeba40ee0bd3d7ebc1130c934609edf5b4503a24d82b55d0bea5ce06f9a3f704df5cbf51d537b7320f2da83a5ac20548ba66cf080f8f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b446273a5b0a80005955d0435479676

    SHA1

    ae2b723f7863d5fa5374075f32f0246309f49df7

    SHA256

    01778b2e40864023ad09b1982d014da4c719da9e05d4d918ea70d79781372be5

    SHA512

    7c9e858225c557025b6c87fa400ec432f0490b2496356c3e181a9e9e265833ca3b9071de6ac8dadb3c7e1d68eed23a13b61de15d02fea353fb6043a5dfb516c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d3005fa098be5b44cce5a6b90331d281

    SHA1

    bb9b0e100297d99b68e89a4608d2f4f79b73f946

    SHA256

    98e589ee7dabe68fd137f392fd071cbe5c4a36ea6a89d88c1b97f5ffff05b5c4

    SHA512

    aef7ad1022ada461cece92ec744e5105f3ed21ee0ec8c364718d834bbde65ad0a3ae3bd89ad75e32c1515051d3d77947bdcb9d92f564be466b3c52157351043f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d25d96d8648e8291159b14f9e4123db1

    SHA1

    2fa1fbff124d240368cb4717e71685572d33f984

    SHA256

    1a7b573c3fc142e5ff7fbf9ec68aa3914c9ce89fd7a460afa78c572521b6199e

    SHA512

    78438acb4ab1a8fef8edec182c131bd15e46b9a4cf4e1c792bfd78c7aa998cb8def3047b3466bd0e3d49d8023cedac3c3aa3e807e70c182303b80c892088a652

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c4628be4cceca26f8c26c366286f1c5b

    SHA1

    c35c4f2b487692d7629cf76f3e62f24da04ec8e1

    SHA256

    e02f6e1ad7d4144b7c0dc8507bab605443c78485ce48356f61f77e1d50c8cfe9

    SHA512

    46d0b73ad56cc2f75c43b4243918d9c020c79ee7d88d75fada6b6794b823c147a1d7283aca3b6304282a2f90d03137384d632377ffbe03bf3782ac9bc51c3f93

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    684e5840e163319cf4f6c74fff888175

    SHA1

    3fea8ce4ac5c3a7e322dcb2354bfa34c9af6983c

    SHA256

    540feb3a5368a4649da67fdbf94899d2c46d2ced466ede0af338471b7d332eb9

    SHA512

    08a5a9153b1dc746ec5aba7dabd2f4c23270ce6a82c3a3ebadec0eb16e35e010124e53cf23cfcf0ec7d28e9524da490019b780251d280a8f020b871f51ded0b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1cb5a961a141cf2bc85136ab241dd9fa

    SHA1

    5fb37321f9af81758b1330888c1efcb7d6e66706

    SHA256

    c4e7c02a6210f52b16974e8e6982746bda1a9cb0081988d34562a70c95d7cf34

    SHA512

    41d9de18b28a64e85b7da3652dd64557877abc597a85add10891fd19ce60c5e80e4b24e73f73f4aaadcf0069e872a6af4eabfcc714f4986cf1e9f2efaa618296

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    09f6029368865064de018278fb07d571

    SHA1

    f4ecc71f9e4f7f18c097b6e8eb7fad1a710de39d

    SHA256

    43dd1b5d4e307a41a1ea9d5ef642a2caab49162b6ccce3831cccddea038a7892

    SHA512

    42710610241002549a56ffc9c95ee44908dc72b1921e4be5d01f84d0964b7d7bebf1e45df5a2721c04ef7950252f69ba1405c8aa07c886e71a58704707eb330f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6b7097e0851cb7508bbb7fe7c73f8d53

    SHA1

    9ef969ad830ff1964e52b25687fbf5b12d17b8ba

    SHA256

    ad3f72bc7b6ef235257fa4692f20bd62b8a4f74d18ca01d5528082f4bd484f22

    SHA512

    84d359ed88a4da5b460a78b3f27afaf3bee40e8eb14aef4a099c0cc78ec908ef86eb84657af9d8cfd686e1fc7c4a0aa9cb65a4a1db795f74b6d39e99c20a8593

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d996d27d5295bd24e08f756518e15680

    SHA1

    31ae4819c06ed44f80d74e2167d574b1e1da89ed

    SHA256

    f0fd812a83262c371bee68c0c21f4ac88b1fed60101c672ef8f412da65fb85d9

    SHA512

    39f978f457d2ba2da5388cd06c8a29c4e261bcad19493d4e28347ab1db031706c64d4e52d4928b29580b3bd318642a18c5db73f0d07a959a1eed29bb3b94052f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5da8a2bb6ec3e490a92ceb64608652a0

    SHA1

    68ffa90e4479fc4576ddb69f466441f6f179c886

    SHA256

    06d3b4a81c626b566076706d8312282cabcc05d888797516af68e9ace461ef44

    SHA512

    c2d1ddd9a0888c9c050f634998d8e193e84645df192eef95893d1fc5e418270eed4c8843aa806c730d75bdc08055b17d48115ddd2a1134a26f88787bfdeee082

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    094b9c92faa18577f8ec08f558de5d51

    SHA1

    b39fa722d5cd13e4bee683aea8fd612f1ccc4274

    SHA256

    bcf285a1403d6e9a9098a4f16185e36bc860eef40d94aa4ef271c96d2b6f9171

    SHA512

    a7d9ea4a0b072317af2bc0e1dc53f95e27cb6a1e2aac6bbd320316c7c3e414c8fd155cdddbfe088c9a71d4e1280243518288a469ead4292907fe35824e020403

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15c577d509107210c5ef21b4dfb267ad

    SHA1

    24ddefbc63e6d3ae04d02eece95c7f3103df55ed

    SHA256

    ff0727050b20ffc434bc157d60c68a14f1bfb90418ecf5bba7b742c73e378a11

    SHA512

    e3054a643eb526794426803a03cc82fbad5c18698919756ba0e4ec35433cb950e763692c30cc87076ab805e22025d68b273b1cc8ec06221d797e24baa4d25920

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    464817a7e4e03c044f7bad3b53e1262d

    SHA1

    c4ce94cfdf62664d4764aee1417ebbf9874d2ed9

    SHA256

    e2d34cc034fbfdfb47c34b095220a094ece0fbf9054d0e6b86b712356136fa10

    SHA512

    45b126c1b36547d99561857303451a487bd61da87345b4242ba9929ba4d1450e1172bdfeb63da2f65abdfb37be452a713b6bb9e28724f34a975f25b0377bc226

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    d986aca35437e6d0aaf7c2c0ee98d484

    SHA1

    7d177d382e2f90743cffc13de0a38a63711956cb

    SHA256

    9bc75341a5125dab947da5e1d5c91e846981a617771cc7092c45eaa1237ef765

    SHA512

    9481d565a13ea2d4ba791643fd6d4240edab349c46ef9085695ca1740e0f583b4dfb2ec04f5345d19bde940cea038af3f73354bc68f5eca49b0c9e392dfa7521

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Cab1A64.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1BB0.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b