Analysis

  • max time kernel
    140s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 23:45

General

  • Target

    a2fdaba2bb59a51597ccd7c8f8aac8f9_JaffaCakes118.html

  • Size

    55KB

  • MD5

    a2fdaba2bb59a51597ccd7c8f8aac8f9

  • SHA1

    431b0e6eec88eca13ea04484b0c4a7e347565054

  • SHA256

    85f16f09b87cebec2421dae87dea31504c8206a9b178d56c0035464eff14e657

  • SHA512

    9e4142b86139c763b2418d727917b02895321f7ec3460735d4ed0e51cc40281c320141d50314923212a0d40b6d4728de3a8988ef10edfefeaed764bc57b9aa24

  • SSDEEP

    1536:flz+4bbbbvvvvqqaa00HxB8NmEjkj8Nm1nmuDoF8NmSejjd8NmDlfLDUaUPUz:flz6AnhenfLDUaUPUz

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a2fdaba2bb59a51597ccd7c8f8aac8f9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1368
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1368 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2708

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    fc165d136eb2b8a6eaecbd60487e9eaf

    SHA1

    dc730ba309ed41af7bc40db8cad7f3b12f04f796

    SHA256

    e147dcc54d6e074b1ce6fe989ebbe6d07addfa478987c7d50e95a3b4ca6a84e3

    SHA512

    02f165103900943667aea30b9d06a81e57c9b6cc153bbe86b07820cd3a13a43727195b1c6310667ac1fa8b28f50c32ecab814a6642d39cc60668a04847ee4e3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9161f1df7d63d786b9353d09bb530fec

    SHA1

    1b0cf85f6940ec4c452652a915a154f89cda7e23

    SHA256

    e3c445b8db34396bd87fcc18fe71a2ceb7c305160507a6605b4f262550121874

    SHA512

    caf342dce98ba89f3f65cb7e6e39a984d4cd372e4269b4e70f285eaf888b9879ced621c012c17e3deb0720b1b209540756a40ab234a5b05f9df4ba3bdf74a361

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    befc68c85effe248c15f5033ccef13c8

    SHA1

    b9a54eaeaa73fce12e2c8aae92cd01bc4d8c6a0c

    SHA256

    bb4fe3f13fff57da199c203f0c47c243e16cdb8ca9f7ead42cb5737f8e2220e2

    SHA512

    530ebd4cbfd1f3bd80698351bb02d50c0fe87bcd4d176168a6c1218c7eef74acb2f8dc5a8930317b6c32df4523a5d058bc68b3daa7226586ad7b86de52f38ca8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    499fcac606156194d45efe2b79d7cde3

    SHA1

    1bd68a6dbd33c52482620c8d27df2fc8403a2f60

    SHA256

    ab1ad0620cec64f522e072bb97499e26306ed6f52fa91dd76ac55f3dbf7aefec

    SHA512

    7073ab9330c9cf6ad95922da77125b26ce63796405564ed26f0174a70633a02c5a737012132a7f96711fe12fca8c98a64746fc7d171f4d4a65923f9f3b334c8b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    beb4467d58e8f3de5d5d4306ab36945c

    SHA1

    5c935e3e92abf752a9068120874c374665b60790

    SHA256

    ddb527cd5bc7de33374dbfc6f5a2f9e56b8e7dbcda229f21ab92c74e1ea495ba

    SHA512

    ee6b9fd92d5876728c4ee7f30541be9dbbc02f6821d05f5cccab29b79d5ebbb45e0a4b466d9abdf6374b6d32037d1cb0c313b02a8ca0d4b79258c5fa785a8b05

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8295cf16c183531b79cefe12a9761a12

    SHA1

    b4a5fa207949c92b73dd8bde5d111d70ecb76a71

    SHA256

    89e0173de64bca50d47f5b350d439354c5d06648ae879afeccaa97d32eadc2b5

    SHA512

    c405b893935b6b73ecfd197d2daed5445ed23c9ff5508a2d45c4d7843a54ade78ebc02fc8b22859f5bf8a65cce69ffadc4f0921665c4bbb4c6e6223bbbd7bdb5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b6d062680c2458b99b46e1e92460a6b

    SHA1

    f4b5f46f619f8eeb89102c3e2deff0f37694bdb7

    SHA256

    0935e3b848366166aefcbb6b55fb466dec64c467e0b5bff59c6c73461995f660

    SHA512

    091049fa7e0903078024c2ae5b63c7056ce67ed6bfdc4daf381b134027ecc2ef7226c722181b03bcffb0f3b5719b2fa5475fb6d6d2f8ee6156c872f84f066cf8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf04174b58f1f7069e0fd47d2788eb0d

    SHA1

    06db4b18251b0335314d6313aa3220026decc843

    SHA256

    7531807c08168942204f87d804ceed75e8ab8e851b28ac3199e624ffd294dd5f

    SHA512

    917c5e8e0f7ea526ca1a65b86c0dcec54ad1253a722fddf08400ca283de24a92bf9d09366efe97ef043132049a0bda4b5bd07f9e6b60d9f75979b620d2ff2295

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    60fe4461b070a598e7b9685e3882418f

    SHA1

    8bb5a8e8101f3a0c6909d387e7744abe45d330de

    SHA256

    915978c76559987366ec809cb424cdacfeb38c27b8248c4d57b150e87963f4ed

    SHA512

    aad3c8919573b9cf0f7b95be29bf05dea5114316c565594ec867ed6a4aceb9d0012bba32911bba05768c923891ca3ee036e611a4c94eee8ef5ce2953f293d138

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f3a99a2eb18c4acb8534671b8a2adc2

    SHA1

    fca4adc759fee8a4be1091f069289c725a0b7523

    SHA256

    ea9432b5a7cf831e22b3e7190b795c6594d7a2f6d1ede3804c57ad96804d5706

    SHA512

    a66dc9d897afcd8c3d0978366d1cbb61341ab52b5e216d78e08e8b2219d65ff4be080ed2f7dbb9fcd576e9d423dfa322ab1b9dda19113a88d41912e720c211cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3b6db2c7cebb36a07c3762a3ab16b623

    SHA1

    17efd9b79805c16f55d157ddac012d3ecd2a3218

    SHA256

    229deeba6a23cfdf6f922b39625c483a1f8601e5f3aefdeb41b42b916f7716b7

    SHA512

    c31557ad7d1bc8f62bb94ee43b76aeafb6fbcfcc0725fce9d2dbfd981535a1fc9112246dd0ae5057f76e73c3fd5222f4e5732fb42181545cf5d9cd0d11355ffb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e159c126092043558a75121b3fcbb6da

    SHA1

    1c98c0949cec615131939c2508b6ab643cffc752

    SHA256

    ffde7049a95dc0309c7ed8f531c3a13553ffbcd391c4ad1e50ce5aeeb85e9db6

    SHA512

    5c49d0030a34342f687a2fbce5d6ff8ae2e280134092bb055c4effabacc66cf9f8ddba63d19b1d0423d3c33c7b87ecfbd8b61331a84c9cb985ac29f9b546703c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b135d72c18b6d98a3d7fd0e724cc3011

    SHA1

    78c0bc96c7df68b349af73d950950c53ae28b782

    SHA256

    28c6a56965dfbef602de6495ccd1f195e4afefee7938131bcdbda727dff544c0

    SHA512

    57fc6b5e0a0853c2ad52626755482b5edf46651cbdecc9fc0ba9b90a3882d334069fea93214c600465f001e4874d9aa0c211f77e0bbc9bee98ea6eb228af54b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    caf937482b2bef707f008a7456e4127f

    SHA1

    b60d078b91ae42caec445dea61f86ab516ef60f2

    SHA256

    e40fe95a365822100944f2e4d69a216c2fcc629193b2eb5890cbb531e73d09ae

    SHA512

    063831f113288ea6c91d931dadc21266e67c29b851e2f677fc61383c3d11e00ed8bac5a985f133244c11b64be976b795029ee1c9145516f05df000e290ff1628

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0fd29c9ead3902c75110680d218b3868

    SHA1

    149065e9dc2c718de48d7aa35cdd153b8fd53b85

    SHA256

    084bbcef25c921b07f408b8744c087881f67ff5462702210438e2c24c26d8aaa

    SHA512

    efcbbd633806a3361f80801a75530b4208e63ca169384a239ea1de4a9db8e4b1da31f42ea614f5717a1c6f687a852c4953f6a4752af4078187eb4f796ef9eaad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6036ed609627f3b4f34199d5ed70ba7b

    SHA1

    b9eaf237079ff1e727ed843d64bf225d35ab452a

    SHA256

    27be9bf5538e5e5c02a29afd22c3e4a8a5fec8668f29a21df2a60f45cc89b65f

    SHA512

    f4da958389cbe49a6e67802dce4896718cdcad64d7bdaedea196f4efca482f5705badd277d37dcb816aafe4bc4b5c9aa6e104b797ad8444003acc55b9c0c7450

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b7ce9d0730d546c54f355846171b9902

    SHA1

    7c162d29dbb02c34ac6a2df92434736cbc7004ce

    SHA256

    9985cf2ee745ee6a0c38d2c57b3373bb0166cdab2d5b78eb46ccae1b73f3916d

    SHA512

    80be5aa7956661f7e9baa82e91dce107268e14395335cdd756d942e012546ede42ade16cf3b3acf53a22f94e2630f789d8c78ce6131f120caadd2552e097c463

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f60468ea66720a4c298410b3fbccfe31

    SHA1

    7f217a95b2203887ddc4875dbcea1a7d47f25ebc

    SHA256

    a53a9ed2465ea3c277373a3894f46bcc93072a35b205c0041ca1bafd47ce65a3

    SHA512

    9e24c24c16a02991fe2b4bf87850752616045d16c7552fc8168cd7a65d48b8e1b5ced6a81693897e61f487eaf5d2f0655763c56303543207db07b1b0717096b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    710daaa80c09751c9cb7d39b43faeb18

    SHA1

    6e6032e419d7af5433e2fbcd849c7f326e7a86c0

    SHA256

    4af8dd1f8455be4b926479e539a1dc819080220bb7be8236880ef66d0833f214

    SHA512

    0109d5b9d9c9a836645b9ff0bcbef8ef926598ebd120c0abf1529d9ff1f39ec5f0fdcc7eba6d943299d446a9637a9280f8b1304ac938dfc8821f1866d1b32392

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3044d48ccf628db0ee006404f8337c1f

    SHA1

    89e657642e3c19414bf4f5d00f9afba48dc4633d

    SHA256

    af47a4e20398d3aab0069e3d16cd126f4bae0d9eaae392e281c51d7c39016e85

    SHA512

    5d2d6ec8ab860c549537b464899ffb811cd099fb033d02f849834074765185aff548ff36f0e9bebfa228ed7fb85ea6e60d3a318af011269515623387a095e204

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    8509b7fc077c914460f382c32710733c

    SHA1

    9656ebcd763509a0c58629d4ca31414cd995b055

    SHA256

    6c8f3c428576630ccace6ef289296a225d03d1ad9dbc328e1093cbd69c10f20d

    SHA512

    fc5ce8dad9ea11c54fb08ac8076e50ea118934f92ab9fbc87668b200b25a17de2934317d4a2fc41022fac64b9a38b6e03a48082a2fce4248c14d1514b4a91dbe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Cab2C30.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar2D6D.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b