Analysis

  • max time kernel
    126s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 18:17

General

  • Target

    a1b2b2831f9d091e5fcfa9ede8608ff7_JaffaCakes118.html

  • Size

    300KB

  • MD5

    a1b2b2831f9d091e5fcfa9ede8608ff7

  • SHA1

    8f01191860a03551806596d51fc9938a574f7f82

  • SHA256

    f3e401d3621e1c1568813097bf8077008efd90b52acef0d29c9cbc8afa86fcac

  • SHA512

    9b3dfee7bec5326625ac30ca46c0f00398ec2db22d4510837c9090f3b0828faa38620fc7978db5b000add397d4e41075c9e63711710bcc072f42ed6b771b4e0f

  • SSDEEP

    1536:lD+SbTTF1SjTn9NkltM/jVII3IbIre0ld3mp6oQQJLnvq6qkVIQ3g9dE62itikBW:R+SbTTFw9ItCVI2m++cyiTCH

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1b2b2831f9d091e5fcfa9ede8608ff7_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1176
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1176 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2744

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    3eb947495f5cdb54b60f3df9c539d19a

    SHA1

    ee3384e50d2b8c07ec08bddf4ce805a52c82e6f8

    SHA256

    71efc3f364405fee6ccc1d3cb380f307f962c11398155657c5bde7125fc1c4db

    SHA512

    02027e2d6ceac9070b9624df35d26d960feab81a1134a2411e64c4c6e34ed2162308e1c3d01adb02af7e80fcc43181a6f4ed46ea151a60628b56c80a134fa6a0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    479c63378c14ee52d2da3a248efaac7f

    SHA1

    4c3c69b4644f42e79bc2ec7b81c6a8f41d381877

    SHA256

    36f56bc0e393fa28b59818ab595df9356f49c3aab175b58e67d368d96116a77d

    SHA512

    024f85681ce82fba5562fedc799f3d4454180b6a96f47c96fae68eccd2be81273b22a13169a18c3fa27e58e2bc224350f054615f84aa3ea176a8f3706dc68b98

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6f31b4744450dc03f880570f11751b53

    SHA1

    acfcd1c7260ae4902ec1be8e0ed2c95041ad4106

    SHA256

    209b7af1936419da0f17731ec07e82d0c80c0a39094a8f2545f761cd9de340a3

    SHA512

    574f992dc787518fdcc46d1ae0e20c44746bd91e7f87e50be89d6d0a9a8247b1e0d3e711db39eb385597bfe62706f6f350be108cf022aa2f4ba5b17514cb8945

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a0fb745d5d316bfe2b8e66f8097cf1d

    SHA1

    b0d833b252962605ac6b209dc76dfe6efd7fa297

    SHA256

    dee04b18365cd2af1c02366c0c243459db14f01bc3cda34de65471f34c8eb8a6

    SHA512

    36957a9e8ca3ab1d7d6a27e0d7465c638e4946214974eccc2d94105f720b0b70f2e9771a7f29a11093fa31195eb842bf1c2aba1d9c961e04ff631d4f67180c8a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ae1b2781c04b0aa2e6ab6bb2fd5337c2

    SHA1

    b29fe63ab347bc8a05c4471eeb8052b2627563a3

    SHA256

    26a67a0af8900aed39f721bf0d8cf77086f62a2d750f6865a1f4d738f51323dc

    SHA512

    c83f5cb065c9a52ecbdadc31db5c42a4354cf2a6323700c4878d9ed3fd39fd79d9d7c3e9923d4a0fe333130de8efd142bcc04041affad9d5b59658bb5f77e934

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    99f11c0b0f9bcecfb13c8fa38b279b05

    SHA1

    6713bb6cfa0a2d4ee85f39e7360c502a9c60754a

    SHA256

    9c6c655069a0dbbb1910cbf17f732d78a3bbebea2d13ab5dcd681efd360ec8e9

    SHA512

    a2e27771dca02e90c1c693579f256ef6d655e2250749c7f530b286fb089ff0f7a2e877dd66dc6f3bfa56581d5960e3466f2a986d82304a87c0c2a431f4be2376

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4401ff26390fc8ef3216190ce0636805

    SHA1

    55ddfef1a5e56fd4010f37e11d75555efcd0963a

    SHA256

    76e8879ad2cf7cc065eaf8b4f083f702f8b94486b3fc3668fd3e326e73f3f15b

    SHA512

    2f474015c0e7d9694add2f5236b20459e3a439478b06b2f0d6580a4e4e33be8c256606951233eeed9d3bcb7a69abfe6bef75766691f95f38918a219bad258b33

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ee9b009c57a796354dd800f78ff0f626

    SHA1

    728bda37f583df2d0e48e21906655405d5977c37

    SHA256

    b2e2113f4aff3f78fc9e5a23c4bd8a62194dd29ce1a021bd3d034c2b0a0b8915

    SHA512

    445b88257e8bb997635af53dc7015e704e7e53da0039a87a13d20184cc2b1b6489033f02e358a16c4e6683859fb826e8c3ab8a61d729f93a79c280dedeb0e3ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6ece4ff73402e65d5cd9ffe48451e446

    SHA1

    341a17883bb5d6e93915e2fa7baa406d67490802

    SHA256

    eebd098ec8d6043f4fc8a2db9f6ac781c07a7bbe6b75b54273f85bcddf395c7f

    SHA512

    07f22efcc999e8c704e22f544bd8b07184937780844923ad4031bb3d5c36a728bfb29eda74309a892c1db63f0b7a7aa7dc0f0c9c2be3eb6e8b493dd8be3f480e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5da3b0b84893695234eb99f30a4bf3c

    SHA1

    c0d05be73cf7909b8f3627fcd8fdb71a8161f858

    SHA256

    5a9d86aa70319686c019fad96a0ec6adc0452df35331ca334ccf0e805c1eb1f7

    SHA512

    128dc5df530e6fc7fc0470379b4bd71778f62f0223908fb38e5bf30a9b84d44cb13790b5dc7b71a720d53fa3a33be96dbd05f2bf4c246a601de6b21f7f1c811b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    145daf56602b1f0933b768cfc970037a

    SHA1

    24721f917077e53428fd3f8ac33ff16750d34e63

    SHA256

    d95ec06b4d88cc325d91ff2324e16eae8c380db1cea2ec54321860f9d952d681

    SHA512

    2c181c5acd872aedb274ee5566518e38adf351cd7a3a7cc864816ebf66832f25c443d334d7e303477a11bdbcdeb3e71d9bcad6773c2887beec52abe9879563cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9bf13c242aca633c6d2926a3b8fb209d

    SHA1

    60c4e2876b00f8538e30df9bf6c22c451833ffb4

    SHA256

    68722412a63ee2dd1c420db8ba2989aaee9d8b33666f460e1361a5666e2d356b

    SHA512

    5f1bc9ea5e16b3991c770475c3bda708c9db241bb140d39f2fe477ab7f7b5ccf31c38efc4c4340120ab8b811b5ac9fccc7f47b408a6fb5e0015a5e7b61f790ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f26db8fdf0b661c032e8c0b4b648512

    SHA1

    c4d4d62a51b4e41c2b0df4d4778de08f0cfe7d4e

    SHA256

    6a47f9353d1e9ab80d95ed3218ee31768dab0345013a2092347d40947c659f13

    SHA512

    ca130b67f2f9d506a83fbce49dbc6d9f2c5970d18ac4f36abe3c4883e2f4f2d3a8bfb4980d5173e8ec23e897dc85b4b600ff66740413e2a69a8b6540bb9252bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fa382bce147facf9b0c8b6b390302634

    SHA1

    fb3059164924adc852ef47f959c87064d75dcb4d

    SHA256

    d1c5168481305d701452f92e1b187dcbe2419b81baaaed4c5fdfee196fc08fc7

    SHA512

    d1af67e999d61c0781b9ad13be82d530e9427bb2df92f0ca33575c32d7e5e79958397faf05df5542483e9f1ac4b74b16ae8b42964ee32043b110cfb9e619c414

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    20980fc95040b6b942029fe6b2c19eb3

    SHA1

    32a54540e1e8e6cf2db2f0f99ab26b89e49eedc8

    SHA256

    8326ed8b816cc222d3d23179a39ffc0bbfc006c166681d503116bb1cd94f32a5

    SHA512

    83a1beaa2da9d502394db7bf1cde858e1699474da6e497159e457f702fa5c1befdd171033fe540c116990f1c3fb74c938a72b4936c50a22536f758beb2e735c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5c08035d0d1ae2c0864fc1e083ee1399

    SHA1

    b1b5a33c8a3e8318e49d1b7cf37285aaf0351f01

    SHA256

    6164bc970b9ef38ba7f04c4b71c6f9b3197c882dc55c8e22cbf70dc3f57e20dd

    SHA512

    b3b5a4b43099da32e68d590a509c65263c2e88440235669d87e2d117195aa567d6c8f88f0a0dc1ff8907c547040f495f5156da9f606f306ecaef52ebd88afc98

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c94830bc2d9c84c6351ab1032a66a242

    SHA1

    f024fd14d248d7c12dd7f7328767aad57aea8c34

    SHA256

    3092ad986045257e5510eff4d7a6ea7f88ce7cb65912e743a3d21c4eb7621f3b

    SHA512

    1770fcee0b9063c2aa1d08f5a14fd544ea6606bb94a34f6862134103df92c493e453c98ffc5434499ede02e18bab16ca011265d442393c2be906920dde4d315d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    26f46f144cb8ad8267d19274a93a9957

    SHA1

    2617ddb8887077de915b8a19c4a62baeb47d4ca5

    SHA256

    ca4b5d48fa8008b4bad97fbe9d90b6e4e8b3781ffea43ef16a30cf51e8477f1e

    SHA512

    c83accc0db6f19ae743be117783d1ca8b888bc9ae0a0bf904666657a62f96c294d1ca03b740fd76b5e38dbb15219627514625f91df129c41d31b4c9c2588c8fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab506b4455678f5344a5d5af582567aa

    SHA1

    f04ff20913090a7c0bf91e80bf3578aa9a4c87fc

    SHA256

    4f5edf1a5e7a625e61e8b290fc2d08981f09796a3a0ef7820f4b2ae2d7bbff40

    SHA512

    7222648f439c451888383e160316d32e5e9945fcfec3f75207e794c41ad7c9e31c0f3536a4983486e7c8b3a240296fddcda034bf5866051a20bbd57393281fcc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    afe53b113efc2cba5ca919039fad5c29

    SHA1

    bdacd96e1ffb27bcd6e7d0dbfd70b4ce7bac0ff2

    SHA256

    143f51c0ef10d22d47c2212ad62f0493295c7627f2f6e763d2f263035315394a

    SHA512

    703e949f15e33156ce016e2422d8420f18d4526bc453dc06942c270212ccbf75b771e01d645748fbf2b660cd1c152f27fdf7f94372f3f5e19a23cd7657819b90

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    354da76e9905b2d35b10a8a2020198f2

    SHA1

    f59e40c7645400c40547a31063298c67c71cd499

    SHA256

    b8923315362c75a8cbfc1deae8f047a1e0c36d8ca7c571bf04c331f6abfb9fa4

    SHA512

    7d2d95ae06144fd7a8e5e8449a29e40ffb6f1acdcf4b35a40513f610532fe3063fad257ef85760198f6e4720a0605e3aaba5b1d484c8160854b5e9d0759614cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    859664bdca585438f0dcaab8bad45d43

    SHA1

    a461df9ba77d85ae03085e952447ffc51be687ef

    SHA256

    a856dbed7a277ef3994c643c5db06d7eb25ce51fdd6d3c5473b9d0eeedd3c235

    SHA512

    6298e7f679a77339e6451937f022cf1025e5ac86f8cd653d8c21842b7e5adb9714d1c35c082a3b4a40cb942d4427ffcf35c4a78155466a59bb0ddee5b82a08e3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c7621c25b6a91aecbbe9f0e452aa0798

    SHA1

    c94cc843997b06f97b25902e40ba4db140612a5a

    SHA256

    6f3c99cb737ffe16772d799f7d940b0f6dec21c9c36f0834283be4f37da88cc2

    SHA512

    0f518ceac971a1efa1af88d304fed4c2c5711f2d99b2ed5ea429d2896f0fb3ac760230a87ad77238c28c5cbac93038ffb2f3443651931ced1caed3624c6be30d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3df344732ff9f89a8770c7b0d087179a

    SHA1

    be1a753574cac178cd9f2ba529d24f47c6c0380b

    SHA256

    73957b28deba4d0229210202b500b994d4949056fc59476e49d946acd26501b7

    SHA512

    8235d6ee4335392c0ad62c986ccf10cd415a71e7d7a9d7ee07e89ea2e8ebec12363d9e3349186a91f828fcdf229f028ac3d15f59899ebae2b6f31c1951c2cc2a

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWTP8BNA\rpc_shindig_random[1].js

    Filesize

    14KB

    MD5

    6a90a8e611705b6e5953757cc549ce8c

    SHA1

    3e7416db7afe4cfdf3980daba308df560b4bede6

    SHA256

    51fdd911dc05b1208911b0123aed6b542e9d9f04c94d7504c63d89ca259ef679

    SHA512

    583636571c015af525cddd5b8dc2ac9964aba5a7a9b0acd3908e4aeb4c2ee74cdfaabe49b0aa13d7b142748542426864e91e88e90d7f73bc647f0bfecb0ff7bd

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3JK00ZJ\3604799710-postmessagerelay[1].js

    Filesize

    11KB

    MD5

    40aaadf2a7451d276b940cddefb2d0ed

    SHA1

    b2fc8129a4f5e5a0c8cb631218f40a4230444d9e

    SHA256

    4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2

    SHA512

    6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3JK00ZJ\cb=gapi[1].js

    Filesize

    66KB

    MD5

    0fe383a7ddb9bbaefc3105b3297f5583

    SHA1

    f80c9d789f251909c7560bd91a9e1b9a10c26362

    SHA256

    d7ad4aad4e48174c30ef21fc32c9380659d2c99a5c39680e10ed9752139d8683

    SHA512

    31de1f59377bc76e5d602d02273867ce750bbbccb7edc8f2803c0188002ecae6752ac3ec31c2108e64b0d871b01e6a8a06711969dc68bd9823303def0e7c1ee4

  • C:\Users\Admin\AppData\Local\Temp\Cab5BE8.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar5C19.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b