Analysis

  • max time kernel
    125s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 20:19

General

  • Target

    a22cccf9744a0eae34e3d6ad9076e5b8_JaffaCakes118.html

  • Size

    37KB

  • MD5

    a22cccf9744a0eae34e3d6ad9076e5b8

  • SHA1

    69c91768588b6db768b8139fc2b7445259cf4b8d

  • SHA256

    5d7ffd92b98169929b1bddbc7ea9b18914d4074445752315e7e62ff1e64ec3a0

  • SHA512

    8db627af15e60fb44ab3b0a75f1a6c7acdeb21dd50cf23e91312d04d6f27281e656a60e1a16c0b1599a40d6dc7431b55502e5ce6f653b7558336b37a0c2415e5

  • SSDEEP

    768:YFxbX1b9CTb2vb6rWfg/99bIXwLMk7oGeq01JE4JRYAX2VUVlP:YFxxhCTS+rWfgLkXwLMk7Q0qZGOvP

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a22cccf9744a0eae34e3d6ad9076e5b8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2368
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2368 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e3e2022f68852ba361a300e8aea88efa

    SHA1

    f388f0e51f47aa3e0dd28a29b86250fc5c2e8774

    SHA256

    834fc17714ecc3dc50ef5c390812bb5acb97121a22a6c0bb41525af5573686eb

    SHA512

    1d3f32512e6e964616dc2ba26167305211c79cfae6131baba2593e1e94ac358b3b0e4a61e7269d2cc2875c96014e4370f1fc50e913bd8d18ab0aa6207ef77b48

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3dc49fc91e10176cad2099b17a24f0cf

    SHA1

    b8ada8900b152ca0193a70f55ac2ee44325523ec

    SHA256

    8d40c534ff6e88913f53d6546bd23a28753ef903cfbecf5ae1f654d08ef2894d

    SHA512

    b43f50ae30b95805ff2c037efc3a2eec5d1443a99244b764519b4ccba5f5104bdefdca26fab88ad1381d4f363b55cf861f918b61118eedbcbe4143421e878e2c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2deab640e3dce829c1e4a7df043e1bb

    SHA1

    28d75ebe32824c8dcd35df615928c19a0d28810f

    SHA256

    96bb1abf069b163240dbbb8af093c691d07044e38704396514c68ccf6262e050

    SHA512

    dcf5a93ba11f676300dea998ce248b69e48b0fc51665b35f3654053ebc3f96bab185e7b1f4afbd16c8c55e74b390babff2feef7355e38f0e6955a9b15f984b24

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fa08296374298962e96d75067e849c16

    SHA1

    31e9559a2b461378d83d6bfe0ed4b50ab02ecbf8

    SHA256

    9e6e39a003a5d76e17a75cea5f754baf17336c2572912b73824691a0bc884090

    SHA512

    42aa2276a0f66fc610d731d6bfbe31cfa68551d1056b40631dd143457478f6ca7df5a1fed80afb6b550ee6ffc0d10e277ad90861e2f7b0453416dd706b633812

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ae269b7e9444056a94290265bc315dd

    SHA1

    9185cfd9648226cb43801ad8d21a986df669d494

    SHA256

    90fc93dfaa042b84fb7050c85dbe7f432281f3a7758ac9b3c8b485664f87eb94

    SHA512

    4249675c97668fffda8ceea3b015ae7e42507d7c2b670ebf0d4f5d5e0ff5e659d621781713f5b50099036e7582b22b91c6034ee144f069969077d2eee9e96438

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ea9dd173ac1147162072261e1ad2c8eb

    SHA1

    dedb819f29e4fd5862b65afcc6ef70ac48816872

    SHA256

    9069f4a028d3051a851508c9b77cdc270aaf8b336774f1ae5ca4337327287915

    SHA512

    942ada0c9cc1ee579513d52aba7c2e84ef9eb2c0a985cdba0e774f180a4ebf72b5975fcae2c7243088a017904d9228160a0c40d2bdc4440ba10541f65838bf67

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b07315373d4e998f33496d894fa050b0

    SHA1

    6f6ae8f0c48e8ee3e8a4616a69c5c61d61859a4e

    SHA256

    1599b9479bca1eb4a0b08287d03819cde8cc40a1aeefac686f1b95a819839014

    SHA512

    735084bebf0853f3588e99cfa9279747110857d3cab2f782a962c2462ecad50634a6d36e9a060960e8f176b995859c7ca523f5e06d18003ebca4db3331f54938

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    49dfdabe94573f7b06e8c5c3b9d609b9

    SHA1

    e047e7233638a0e7a28e89b5a1747caf3d852a88

    SHA256

    8e02a79dff8dc7262aae52ed7b418a0cda0f4e7fec1e0a9325870c8d96a410bb

    SHA512

    e362bee98fee74097ed727267ace764cc33508e4ac0020bf53628c3d78d18c81f9f1897e286d03b6c6af07ce08b0b439590bd0768da772d1085e427f698aa2d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    64bb54a42c96ae92022cee1b4fd64672

    SHA1

    e122941e7f85411e16779fbf39eaebed531dee30

    SHA256

    da5f6c21a3185d962ec5ef522a7ab7e04f45347e0e90b9e5927bbf0cd46be37c

    SHA512

    c694490990abb1621814e46e69ed198c4bc4b02eb54618a6a61d2d83022f71c1c86870a7dd59dfdac301b3c289565557971dc4deec3a4d1aea1af30ffc1b50bf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1d6fef22761279cb13f8d0f66eb28a22

    SHA1

    88992b69cc98b4329f74a49e3664510aa265d053

    SHA256

    d032e000ee75272fbce7e79ee967d7a0a97857e92bfd35be777bc24a7718483d

    SHA512

    f8ffa5cde8ebfc6e7171b9672f6c0a97dae7a6a887e7095718aa7b1d3bc875ab3f82377be1bc19d8e102f5e8e03ff85e24e827d4044df9b1060a94c0c01f4cd4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2d10f6278b6430e93ae339c98d58c478

    SHA1

    8eba57c0f932c6dd0407948d2d41b93a49f9a6c4

    SHA256

    f528219fd5cb7ff8497324e9e920b5a8e91666278e937981349d4cbfe4d08cf9

    SHA512

    7e73120a0f08ca9ddae28069877594a470bee316251e99fe75c215c2f825b55797312e91c3803102d4cfa7f776e22c77c5dbc38aedeecc753ef1187a60ebc54e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fa23a0c77abc24801ecb8a2ecfb559ff

    SHA1

    7e4cd805d8f1e529626d9ae3a60c7a506bcf6f1b

    SHA256

    cd00edf86482e610bb2051ef1b36c73295422008826ee5edab90c3433eec053a

    SHA512

    d8d52f3a404a509f0493a2395328eb4961b3b70d468c39a85787f6ce2274f9e513f82d8cf2288142e3994d23a349fa9eb08c5b5757d3d8a587849de88d039c69

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4b13b24f63b02fa96db23b0af427fc41

    SHA1

    d33cc6aa9d7ae4d0ea2626f285391dee9ee47516

    SHA256

    afa2f805f56ff98b55bb6a7fce8cf000aaa4c73ded780351a2b92731871c9d8a

    SHA512

    9a5117f946c26e0a117ed36028aa4229c50987e70d6cd10f1ba762ff9612f465106d106e14864cc98a4d4e010e356a1f13028e00410ddd14fd92bee8850edf8d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    de2f2bff6f1c01c803facc040fcea631

    SHA1

    ce0023ea76a875b7cf0f6c7435622f28703e34c1

    SHA256

    a34ce630b66e11f887bad4059110e8388e4de5b33db57236d86f21deaf790bc1

    SHA512

    493d8f635585e129365fc79650d451187b3771132b788763b282b4f4e45ff944809e6dc22416ebd2085d155d269e7cfd73cc91b08218aa7358b2caa343bc70d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0307df255c1504c3a17b5dd843f6677c

    SHA1

    f390df6349f6491e228afa325b8c5c096c65de88

    SHA256

    d5c1546865913c4d8c84bc09060e2ac394c1f1a9e07bae06b58140fb3e1b56e2

    SHA512

    bbc9657dee41b951cebb031ded1e18e9451732472ecbd8e637dcaa3eef9bbee154da8e0e79e8074a1244ab2c2602c8500e41d1f1a72d968323095844ab3ec66d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63209b9098aedf8d4879015e47d642e6

    SHA1

    fb59274d930dab0808200c7ec293b4e9989a7cdb

    SHA256

    31b050fa3e4ebc1cd945b41e1fd78789e5cb5928a42d07124688a8ba36662fc4

    SHA512

    567deca29c807aef96a1ee4d416841e976710358ff93eacacd1a58f1e942dbde35358480cdf1d816a418de10f3cf4f5bea9eb2dcc64280a0625d5ddc125c4b75

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6064a9e9703ede612c9620bb5b9f71aa

    SHA1

    13c402566b9f204f28356dca14a29ce468cc035a

    SHA256

    0809c06db0bbcf90953bf4dd40e711a90b27e838458a3b8e5275a0cfa0b67fbb

    SHA512

    8103d7f7400c6f18d23ff683e410c5879d9a70dcceceb948cf217c963ff8fb7af2d18ccfc7d0781ee26d568fabc44a10f4a39d4a9ad7eb9afbf605bca3a4658d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a7c21a9df714642ab3efdd9ca1cf9625

    SHA1

    59ccee36ae4123b0efbf83160281346c804c371c

    SHA256

    9defff23554cdf569a052d313a2622f754f952eef82172cf8ff9a16eda09fdcc

    SHA512

    87b55e49b986bdbf05e6ffff83aadfb1ed8270833b731fe5f74f0cbdeb67ec7091be1e955f42d978759c9b21f80aa9afa457f3db75b0b476218a3eff5e4dbc11

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    72fb635513255663cb900cf1c16e0f7c

    SHA1

    08d962eef2cdf601958e10149f8ca48916b133ad

    SHA256

    239ebcbb83dd10d42f79abacecae2fdc0187f7b07a145db9ffb2c2e105766420

    SHA512

    c20e57b46a4f9bffe9e33829fe92edd1adc39e5b05782b3ae14b9f8c7c7979b7c41a4a3103c29c4f37880d3cfb47275605834fb37d5f0da535646359ff37173b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0b7311cf7bcf7cd01c31fb5327439f0d

    SHA1

    6c99bb6f03cf2ace5093a3d3a924538cc5b4e08d

    SHA256

    1573e22d0340067469f1006e08965a641953a97218a3dc101ecb17f98b5793a5

    SHA512

    6ebb4372a3f44d75f0de66dbe34c2529bf656fac39d8628a7f08d7f3c4824397de980a68f4da9350395e8e6bbc0fca7731dc0fe686da7af19de7c886ed88f633

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1M46YZP1\3604799710-postmessagerelay[1].js

    Filesize

    11KB

    MD5

    40aaadf2a7451d276b940cddefb2d0ed

    SHA1

    b2fc8129a4f5e5a0c8cb631218f40a4230444d9e

    SHA256

    4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2

    SHA512

    6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6F0O117Z\cb=gapi[1].js

    Filesize

    66KB

    MD5

    0fe383a7ddb9bbaefc3105b3297f5583

    SHA1

    f80c9d789f251909c7560bd91a9e1b9a10c26362

    SHA256

    d7ad4aad4e48174c30ef21fc32c9380659d2c99a5c39680e10ed9752139d8683

    SHA512

    31de1f59377bc76e5d602d02273867ce750bbbccb7edc8f2803c0188002ecae6752ac3ec31c2108e64b0d871b01e6a8a06711969dc68bd9823303def0e7c1ee4

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FY3LN490\rpc_shindig_random[1].js

    Filesize

    14KB

    MD5

    6a90a8e611705b6e5953757cc549ce8c

    SHA1

    3e7416db7afe4cfdf3980daba308df560b4bede6

    SHA256

    51fdd911dc05b1208911b0123aed6b542e9d9f04c94d7504c63d89ca259ef679

    SHA512

    583636571c015af525cddd5b8dc2ac9964aba5a7a9b0acd3908e4aeb4c2ee74cdfaabe49b0aa13d7b142748542426864e91e88e90d7f73bc647f0bfecb0ff7bd

  • C:\Users\Admin\AppData\Local\Temp\Cab31FB.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\Tar329D.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b