Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    12-06-2024 13:17

General

  • Target

    a0cc7e753ff157d69c5037f8db0ec504_JaffaCakes118.html

  • Size

    15KB

  • MD5

    a0cc7e753ff157d69c5037f8db0ec504

  • SHA1

    fd7e57c704f953dd384773f81f4988b3a18b4a06

  • SHA256

    985bad20ec9c544cbddcdfee0182521e099917370418a4b63eb3a8103527ad69

  • SHA512

    32c4b2a89a390826f24af5d411eceb164c86a7f9b84e5b5d8f1e469880b8d465f0634b6a58a87a72ceaa43141979aec83e53bf5532ab0134e2ff718adf26868d

  • SSDEEP

    384:S2rth/u6PiAwItceCjzqR7mPU8m66kDgvzZ9wAYdc:Sgh/LPiAwItce/R7nSo9

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a0cc7e753ff157d69c5037f8db0ec504_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2872
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2872 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2956

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4bb1cb6acf5d550c868b083db9f81b8f

    SHA1

    602bf67a5484a8674b9a29452b6fef7ac51ac499

    SHA256

    ac2b5b3cb9c29f89be11e159b39817c8a03ab97fa7c91c4a885348a5b1c493a6

    SHA512

    280c3d8016ed0e9e985058110e5d3dcff7a4e0c4d24dbde4616235a81159cf74d82787f374e75821b059d96bcd0e5afe626ce379dec1b5ecc58ba42e115f87c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd1b3535cbfc10c462e1f261386ae4a4

    SHA1

    3f5c55befc519568be82db41f6cf00924694f19d

    SHA256

    6be5077bedf353c9c16367b48d5114bf02508099183c561f43861d1d722f11e8

    SHA512

    534a12db6975aca1fea11b8256388dd1f86949ecc585070729a345c330c263c6a75f0602b17437f3c226c21c252329744450e123f7ee24578c52680fac0e221d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2ad55907188f8789fd30d44e9b16c772

    SHA1

    4bf36fd291f1148d3cf433fe20bde4c79b3ed716

    SHA256

    00c65ee8baae384f45d27ed13e7a0ca793b093f5a61b372943b3e75091dd91d1

    SHA512

    485918906eae0e1e1251b3e35b079db8aac277f471b4a250043b0621d3fbf2f98ceb6026c6662a1aff5feceb77db67685efe94abf6044e2ce650dad53ddf8a63

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cade10009a7d3b5048ede9e734269d84

    SHA1

    a697b1807a288d05c874f2ff7a1fa87c269fb293

    SHA256

    9faeaf25d94c2319ea299e963aaa2d395f104e5b8c83f0fa5cde8f0667f41796

    SHA512

    3dea87f8947ca00424cd10324e4b6fa2cbd5b599fcdbb40be08f4421bd4c3cce27ff1b68afa06d4ab0187f4448ed2d546284156e0fefb6da46d7e04f86df0944

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1fa485624344d4165d423b19fd5f768b

    SHA1

    a40d2041a676fc133ec409ad181854ee719a15eb

    SHA256

    95926d19be74e63902eae0b674b796bc6c560a303c277d8119738bb8cc7acb4e

    SHA512

    21db524d99e41ee2beb4d3d444a468a692483733d954b219840b59667606af85a5ab15e4a39533c46a381c6826cf985128b52160d2f1be27fa709a5733e7a329

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e7cd094edc635888eb5d06de9f628d86

    SHA1

    54c59c287fa54a01ee6ffaec8c679d841d69a670

    SHA256

    0759afe60baeb093852033ec08ff81e1d97b55d9ee8a9120687aaa26075a252b

    SHA512

    a2379072cfc17b6ba74f9db18a0f6b5c93b45548348ea201ae35cbdcc2352b8a9aaa2de060561075b1a686e0433fe43d7bede633c4265a94855d257c555eeea1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c26e409749c52d8e63f7d3049e8f94f2

    SHA1

    004558a5c64a93036672f5b9fec5f5434f3bd24c

    SHA256

    1faf2c3c56877027d94f728540c6a0792ff74faab64f2082bfacba3c8990a4c8

    SHA512

    6abea4bd4fc70b7063e73f94d7b8c33bf6b313d1829284ae1ef45868180fd9af233a48de942e2f601fd7e98e1a84e2f278aedb2570220a44053efd5e380867a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8c9d8104a58ec192a0040c37b2bf3436

    SHA1

    7c7343b4eda4c18798b0dfde189b97642b7ec178

    SHA256

    e064369c77eea8ce1f4a497556f97abd4251ca32819f03b90246b72e7dfb8611

    SHA512

    ee55cb82656c490d5bebb7e39b106ca7c91029ed90c609397b9ad1bab9cc0cb467c99bd10e3d1ef228fd419606c13b396b46d5cbd8930667b1516264da481a75

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e21695529a9b3dfee92c806d697b5b4b

    SHA1

    040554e14ca859f314f542f2b608d929d50008ef

    SHA256

    8e496d50300439ee41eca47bfc28ccc407ef5113c73e3dcca41efc4449a558ac

    SHA512

    d900c9bef528925602eb738bb63cd50dcc3e70699425d3a11402f9c264520c824ae540cbb6182ac46f6a005370b834925a0de260fa110f1be65374b8e31ac8f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    52f297cb753cc5d2c5a8564e08655b00

    SHA1

    3b70153fe81c9eb958b30b0884c68f31f2d70056

    SHA256

    065fdc7bfeb63e5a473653fd2a625bc17ec9826476afc8446f8aa00e03e059ed

    SHA512

    0e136103113552252cf1245beaebc834a9ed1d104f0fca1d697ad252c25c27fb5b956a9aa326ba8d83270aff952e14038ceb3193e1a4168b000b5624dc95192b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2c8ac8830ad1eecddcc07139fc6cbbd3

    SHA1

    8aa1ea30742923813016aa52a29a97f979fab824

    SHA256

    3ec28836b20bd98fce87191e0329ccbbbec4e9074e18a7db44c1d9ee0cbfd46b

    SHA512

    02e2a8039d390bc2c84bc4718a8ace6099ecfc5558383985c50b07709e79ab40fbec857ff8415536a4c039a184810c6578ecb2c530ff9936c29ce71fb738a332

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ddeeeaef66a43cd49a7eb2bedc5efe61

    SHA1

    11b6ad530185fc10ba372eadba01c7960b9c6e0e

    SHA256

    69455ca4d69f9487633e5272892329cf37951a37c4ba8e76c4dbc897e48a09ea

    SHA512

    e7c9309d6cf475e6146583aa342814c4b16797197e2358223875587c7115d7640b102e43f6b03f29da78494ed047ee5ae5a6151c17c5fa8442a22ce8c4e20a68

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6f560f87cf4ccc5660ca884df62fa3d6

    SHA1

    2bbf4ac5e5a24f4c3020593767bd42993250dd86

    SHA256

    66892a491712ad0e9b47684986580bc445ab24de986210d69e559a5118fade14

    SHA512

    ebdabfce4d9a2463732187185f51aefdda5d3cb249fd73c06afec53667320a4402042a78a7c6fd7eff7091db86fea7e7fd8b52071785706ee329d98bef162191

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc2aaa809befbea7e0824e27ed94847a

    SHA1

    e2e1ac4e69ceaccdc3012999a93523f120215164

    SHA256

    b384c2b3300ffe3647d0a79b92368165b98468283074fb363a749299f147b33e

    SHA512

    46acdfda4ce594080f0cb08239e18709c967a60cc38da23ed3e8ec5759192b55ccc694045a59260b1f1f690b6e00c038548d54f715a233c2082f33feba627b05

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ea58fceabb8d09326598fe7da0eac01f

    SHA1

    c12db490528ec4ba2dea33bf99d00888b877a8c8

    SHA256

    a6ba689472086be35f30998dca51242d94f336f688eedb29e898a4b9c58fa6a9

    SHA512

    a658b26c60ca9ab47590c7a733abb7589abf81e3e888a74bbe4b3852b4dc85c57ad37e0d997f71fddf0b5c6f7a53ef8b6181299c2f3b1143d8000e96251baea7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ef322079e299e3fff4b92d0913deecc

    SHA1

    362526e3e12f67862a210b56fbc1d0caf6d0566d

    SHA256

    b1016a3c5c4021be799b9f4547897c6674da42031db5a59f201bf1182a175176

    SHA512

    e46ca31d2a1d60f77e40520a64ee0e3ac79c91c1ad0b393656f5a159b630ede7dc7c1d091d5ede14afdd3711826a2b3be33ca5e37c4ebfe63612f2e3153373ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a5df20df05a08f10ef3bdde215b05423

    SHA1

    04026129d43dfd8339c1ca33c4be2cf2139a3de1

    SHA256

    6956be0b491b6637c76bfddd6d47364542b62c13d35bba8aba8aaca4af5fadc3

    SHA512

    d2eedf7f2dfb4970d47fc593dbf75c7b004e49f56e126380751329f09565aa03ab3ead42ba6b132b30eff028b9467c4706d56e046dbd5ca51bb2716bcda03693

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    32c91304b6f823d1b77fa0957bed6519

    SHA1

    288b9cdf8e159874b6f9d9a90e45a32d2af96b1c

    SHA256

    cb1cfd2cf185f993512c20c97603169170cf9d63b5825485021d5d7b5ed9d59b

    SHA512

    8c68cbb1c5a1686df685cb60d2e0f37c70ec4206091a04ac1bc246dcab12326ee6a4e9bc236bf40b9e18857125e448a8344cef0b24ebf682e6b6f3cdcfd3d1b5

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CY2G78MW\yd_rp[1].htm

    Filesize

    124B

    MD5

    ef21a6c89e0ef6494c444efca3379958

    SHA1

    17f858b0fc12bccc7322e0db50372d46296a8de8

    SHA256

    edc67947daf0397fe1be61af67a658bd073af0704933d3a0912be635926ad957

    SHA512

    b7f70cae116c04368b0997326b52dc1234e71ed8055ebd312afcfc8fdf5b6fabcf572e4dc7d2befd21198c476e608166dea7a85376ad5b4fc535fe81e69a82f9

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYNL6UIN\prettyPhoto[1].htm

    Filesize

    114B

    MD5

    e89f75f918dbdcee28604d4e09dd71d7

    SHA1

    f9d9055e9878723a12063b47d4a1a5f58c3eb1e9

    SHA256

    6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023

    SHA512

    8df0ab2e3679b64a6174deff4259ae5680f88e3ae307e0ea2dfff88ec4ba14f3477c9fe3a5aa5da3a8e857601170a5108ed75f6d6975958ac7a314e4a336aed0

  • C:\Users\Admin\AppData\Local\Temp\Cab2B56.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar2C68.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b