Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 18:27

General

  • Target

    a1bd25fc2c30f4a7fba4380379291385_JaffaCakes118.html

  • Size

    19KB

  • MD5

    a1bd25fc2c30f4a7fba4380379291385

  • SHA1

    f29349f1b6628f065abbf43b966c0390513f9852

  • SHA256

    1c4e741c7fa70bdb9fa8c96c883fbb0d59595a40e2a0391d5e0b270812d40b1f

  • SHA512

    8981b61581ead0e2d282e5c565bd03835516a155a8630a03bd094c843d9b83edb47174a626d46760574b2c9a7f6f5a1f17d00428e37eb75eac4d14da5eaabec3

  • SSDEEP

    384:SLfFq5pU/qXhbwfbgsc9jbY9AzdilsNQy/osIKnU+:SLf85SSXhbmbdQbYOqzy/osIKnU+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1bd25fc2c30f4a7fba4380379291385_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1444
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1444 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3056

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5a9ff1315cbafa3e76d38bc27e65677b

    SHA1

    48b075120ba58187dfe768c4d9c56c71d3397520

    SHA256

    d99f6e6916655084979b444f2bd28737cd3a4df3be56fb3aedca005943a18b48

    SHA512

    956fac2906dd05713706ba25010d206beebdff961209c2da502b99e54a48774675e52b451bd745e0b3bbcd1945c39f33c85345f8f78ff08d581e02ab44910d16

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b10b2b95e2558372d2ffe4b52cbc881a

    SHA1

    6c3b07e40d33bfdecac6a6c81b0889178304ebf3

    SHA256

    676b503488f39e8535f4a7a158498642ea7ff15ddb46e161439126c985f49dd3

    SHA512

    75c8b150df890c1bdd6d545cc7ad28dd63597e066402fc02803635f300f4db0fcdf673f264529c7a78dd779eb5b6558f79496c96f0c8a4660e65b2613a0d0621

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    93a7bb398cd8b79faf7d6ef68bb63653

    SHA1

    e6dbfde1f5489090e04e7bb95bf3ab7881bc12a4

    SHA256

    3ad72e14f44d1daea3880709d5d181fef939bbf020158abfa96bed5d5a518007

    SHA512

    5bfb1737e2af511f3fff50ab8cbba5a7879a92a7d37f916b3e18a0e7b09abe565ab6091a873d3ece60925e67116f624bb9052b886e44c50c85bb9cd77ac4c81f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    da62de7d61d730cf817db58dab590b91

    SHA1

    6e03f368517e88be6bd3983b2b7a8c65769cd135

    SHA256

    8fe4a893f0f175d8758cefa7a2bcb3e00d9d2bb79f4b699af7ac507ab1496b5f

    SHA512

    f70f7bf8f9a540f180282509924c2cb8fe40a9619f9d446c38be4d5ea7f4d22cd7b5f1b74346ee00ab36be811187be52ab1b3e1131ba13b4f2e493aa3045c7ea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a88c5070a0a1b6db0752d12379ca6dc2

    SHA1

    c6d76ff9b55df24e1323600a075418e8f65745a4

    SHA256

    5ce288ba895e55b6e76689cab9caf9b4eee0534d541d6c70db5a53824e3ef184

    SHA512

    5d850946133627716ee73e3a904d2aa559491b3ffc538d400aaf897e02cae6ea7b44f9e1a0a9c2b979fb716a9c4b263893bc26b056273d36b4ff13add1e56e65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cc4c459e11264362f5aa7716b297adc6

    SHA1

    224abe1a830a0cd41257c4989dd12a68b7ba909f

    SHA256

    041edac79255119465e10f4000fb9fa39130cd5d3bcfe45142b6d314a8396804

    SHA512

    6dad63f80a7d4c662ba8c9e139340d491a86cfdc273bba88f9445a6c6a8714e60d9a6d35b08e074d32bbb0891deccfa43aa69fce2fe1eeaa8fae6d5b40241c30

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e58071debe26076d5c5215e354c2fe39

    SHA1

    b5259c133e0d9bea0ff84671dc6f55983733b6af

    SHA256

    c315a006b0593bab64ad210b330e98d86d0486ddec8c0259be36b39b14238e7b

    SHA512

    6066fda118c2324219826710309cac42f86c127e4a2dedc727b3cff62d45f8cb9cd9455e10db8c746cdbec900e3a36451e6d038db003ee953bd34927e17ac8ea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    21c4ecfcbcc08336b99e46cb0f16ade5

    SHA1

    133adbb77cce16927cbd7dcdf3082d9f133c88d2

    SHA256

    6e22b013f53fb6980f11833df31d20d7bb4c5853643f7df6e9f2c450263dc25e

    SHA512

    a0e6eb663eaf00ed831cda9b2b7c10055e031c9d61b508d45c4bc259bef61b29e01c6f4705cc91696ba28b526c577e252ef158c634734c189b0281a5e5b52c3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    32bd86af8982b96aaea23dbee0465826

    SHA1

    640d81626e11b5d917cb6ac71415fe915d2602ab

    SHA256

    64e8826d9bcfeeb7cfdc263d82902a7daf5349752ba0e979fdb858efbf68f5fe

    SHA512

    d1b43414ae0396898b5e8ba53eb072731f518b1514e5df0e3ffc90daa8469a2b71cb50e3fd77e5dfb14bb4eb739bb843c10cb105161b90ab5071f091731f1802

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    343812919e845a37182ebc61d102e828

    SHA1

    f9ff517fc6678a342a7ad1ed25568097280bb70c

    SHA256

    b091216483d92af24e06ea2443442e68f31b84fc8a7f7eeed5f899eb151166a5

    SHA512

    3223372aba16dfbdef6d0f548ded433236a571de5bd8c70be628e9c0508c01cf89dd596656898f7aeeef3620f8eb9a7506a71ba49d4d14a33b7029d1005eceef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    151c60fc10737d2f490e7d748fdcec0c

    SHA1

    08959cbc9ca850623aa2d21b06dfffc6a0c40d86

    SHA256

    91ccc3a4ee3805c2ad02a968783e4302fa7ee3606138210b943c09fd75a40598

    SHA512

    4a86298011a6c01f5e886ea30a921d2cc614b7d469a15072341bee348508e69b82fb38d1f7a8388bae138267688d76b87cc364694202db0e19319d416226beb3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    be09b198944d1eb1a0101c0cd627058a

    SHA1

    e765d78795b4c4f971f3d1c9d286ec9c3cce45f6

    SHA256

    7f142929c54a00cf5749d880257dc2cdca7172dafce10d8c77e0f32e52b432b8

    SHA512

    eecaefe8cdd4e092b7cb9587c59322b883cc53090ca2d5a9ce2c7851f8f71425c2aff80674ce0b5f1113af47293f3e8da640979a1fbe68d3987857e7ba325585

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    478e96ce0dc2b36f25e5b0c966eb7bc4

    SHA1

    1032bd1021a7bc87b7f017cebb6a29dd3d654331

    SHA256

    2826fd468f0ad3c3c26c79684dd0512c72a438f84d57d7988f99c14d86f9cd55

    SHA512

    8adc8172cb26bf7d679b85491a5c097d701c32b0ec79254d1dbf66a3192cc3cad01e13aaa27898139236763283cb4ff9590c2e5d1fde1a9a0504f2bae7278b9d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a3664f646f4b20ebd70629114e1ec12

    SHA1

    c34f8a006bf9dfc7be52ea22dedf73c645712c38

    SHA256

    f81c539034688c18e0070cd74116d75993b8f0bd1675b0152f4789ae906513a1

    SHA512

    6bebb67afda45ab8d1aba4ae59ad4c90e59a363223f8b8329746083be9d5e8a8cf63a01383a395dfbfe29e663ab8c02b22b23cb5191b6f55551863be102d3268

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ee2ca6a16985744c34c93d7fa1c3753

    SHA1

    628a8eb8eb7eff87b2cc18eb6e357cc295de7075

    SHA256

    3f7074c21b494b224bb70e85e9d7a779b5922ff44ff73112f6fe32ea8f3ca9ef

    SHA512

    1d5cdb1729d673dd5dee25cd4b9132e85d5de302c9f04f6d0ba944539da26c0c104c89963e90bede7edc6f253281119a3617c8d8c1cfd810f222aa3e9c2655d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    882e8a78dc103a9d9f5585fc4c2b084d

    SHA1

    7b867037d46d49905310154f658456ffbe113ff9

    SHA256

    b1df3bae6f3b743b7e2352b50e2971aff63bee56951308ff8ff89e35cd65b603

    SHA512

    9bbc586483d72e782939762f30cdc0f1ce496e51ed79db0d3bcb2c33fe2b73508084cc85e8651cc813c93b5a92767a0b73300191a461d0267513339f57b12236

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    487e5ec8f6f2f8aba3ab4f72619ddb1c

    SHA1

    2c23e097818a78f71689f700f23eef64d3d510c8

    SHA256

    a2707981c7e9a0f242b07f0120507c5f0d90ed64676829e699680eb51c21d0a5

    SHA512

    f75a3cd21524e220961a7b5eb4a55579b280591737011639478ed7f8576642af2c9821913308b5020a92cfe341a5518cb2f38f0eca57b03b46940848952e8419

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67b1635b3b45923743dc67ccd25a9f2e

    SHA1

    6cca2728897e4ddde133b5eb80330a51264b8f93

    SHA256

    e65891cfd62a1753b6a7d84e980663bc74358c0e652941e3bb0092503ef08f16

    SHA512

    c77208cee861f8b42fdcb609a0c160b0c2879e6497ab842dd6655452121f5bec634e598dbed0767a8f563a8c119b4f21bce517f79706791a349340f38744e4b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3ae3ad2e3c0fd0784a02b85c0a43457f

    SHA1

    684811597ca441a820d2717943a2214629e9a5a1

    SHA256

    8a778c744e333376ded2213667a02bc66d83ca5b0d763bcc626d4873c8d5d8cf

    SHA512

    a332baf1a9b5c63c00522116077dc930e5f098cc8ce3f363d085924b463fdef6bf0b126b4e1e720f400bb6f7f589e2539aa37f62d57c58beb796d7a926b05191

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    434858547a341f2034788dd57dff043a

    SHA1

    c2910c9bca2ad0a6a2ef72276547e30da3154e0e

    SHA256

    893a7fa5058cc7b8703149ef38604d17e7376da84922f8f8fc9968d47ce0668f

    SHA512

    089a46ec4ac3e97c51338251a1d757067b945237adcc0e8ed636d66141f01f2820f9f7eac8c6137c959d4cc66f2b771da00f5f7fe660daef9a11fa89024fbd10

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab5a2629fe604b5f5c68d842b89950ff

    SHA1

    6221cee591a3d775a9b6a7ecaa23b210ef3861fd

    SHA256

    b0211dfe134546e01369c3254b5971e1f81d141e619c4306d34ce91e72021afe

    SHA512

    572f28de7d7d0408e68f84200c69c17640b3845f9fbe80f58a2c3c85979ee8ceda7b21fc0e7148a61fdc723542f628af93aae77826c3471fffd894a3a958ae99

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWTP8BNA\cb=gapi[1].js

    Filesize

    66KB

    MD5

    0fe383a7ddb9bbaefc3105b3297f5583

    SHA1

    f80c9d789f251909c7560bd91a9e1b9a10c26362

    SHA256

    d7ad4aad4e48174c30ef21fc32c9380659d2c99a5c39680e10ed9752139d8683

    SHA512

    31de1f59377bc76e5d602d02273867ce750bbbccb7edc8f2803c0188002ecae6752ac3ec31c2108e64b0d871b01e6a8a06711969dc68bd9823303def0e7c1ee4

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3JK00ZJ\3604799710-postmessagerelay[1].js

    Filesize

    11KB

    MD5

    40aaadf2a7451d276b940cddefb2d0ed

    SHA1

    b2fc8129a4f5e5a0c8cb631218f40a4230444d9e

    SHA256

    4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2

    SHA512

    6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z5LT06Y3\rpc_shindig_random[1].js

    Filesize

    14KB

    MD5

    6a90a8e611705b6e5953757cc549ce8c

    SHA1

    3e7416db7afe4cfdf3980daba308df560b4bede6

    SHA256

    51fdd911dc05b1208911b0123aed6b542e9d9f04c94d7504c63d89ca259ef679

    SHA512

    583636571c015af525cddd5b8dc2ac9964aba5a7a9b0acd3908e4aeb4c2ee74cdfaabe49b0aa13d7b142748542426864e91e88e90d7f73bc647f0bfecb0ff7bd

  • C:\Users\Admin\AppData\Local\Temp\Cab91C5.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar91D8.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b