Analysis

  • max time kernel
    137s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 01:11

General

  • Target

    a34eef585de492f96d2553f4c0202a17_JaffaCakes118.html

  • Size

    31KB

  • MD5

    a34eef585de492f96d2553f4c0202a17

  • SHA1

    8dbdb4d4d453fd3e2cc5f971d0105b58dd64d912

  • SHA256

    4f70dfa551aac1951633dae6691c137d896b95bd6a036a3c27f780bd4923e702

  • SHA512

    ec83da68540045626c41b4cd140ccb37d18ec09dbb9d1ef8cfa3a012fe3115d4b61c903bc6cf69e4a8553b65e4c59a2f75776aa5700f5ccea4e9c777b12daa97

  • SSDEEP

    768:Sx50qg8Xe/AqcoZggrPNLcTAkHdh+Js5zp/rY8V/XeuhbLQr:S0qtXecoZggrPNLMpHdh+Js5z3Y

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a34eef585de492f96d2553f4c0202a17_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2232 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3004

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    c250ad1e1dfd4274c4a2843f03b47911

    SHA1

    0f1e7a2f58524d1aac60d42b4ce831edf6d0fdc5

    SHA256

    e2d46412cffda14c0474a6786d738a89f77fb251f79611f8afd42225b581fc0c

    SHA512

    2111494234bfc8fa2ddf8ff0e195633f3b14441ce76ff2dda37baed4a01516121d780e67bf89f68a00abef4e853b009e8869dc5ee0178daefa98a8087f0070c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    01c5e328070c1c4b7e54aa52875441d9

    SHA1

    c8de26a4f11527e54ef3cd16029cf0fcf3fd3d17

    SHA256

    e06e4d1b2e801efe9c5168ff24f70bc16d9df28870a5c76c782d3a4fc5f76369

    SHA512

    93670f77a4a6e105e959a289efafa5d5581dfd2bdef5c8b32101933d05b033a93431dc0aa395bb892d8f5f468ca5477a775ad4bf1987f398ca5d6153f5fcbcab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7c44b03bf5a84c32982f7c75b525fd28

    SHA1

    087935a79570f71793c088f8022908464ebf3258

    SHA256

    7a9fb5c679c9ccc9cea1a9616c9fc6b98b2061f3d9af5d0b1cf8485173099b50

    SHA512

    bda2f730270889ebdbb2601b18a1a618e3b16dc18590e2cdeea9cc54aeb6d75510f5117b048d79df52c070ca4e5c858b44d019b350d406e8aa7f8bf0b8fdcb11

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b53b61dcc62666f47bdf763776947fab

    SHA1

    7f12cfa2da2740aa4794ad76f58b744b956e24cc

    SHA256

    96d57da3c44d36553486d4d5cb17ee7c9895a6c620f43dd76e676df54c0716a6

    SHA512

    a9100f0e6ac73b53cf1ba791205abca4b30cd610945231d0ef4de141ede8fda2195dbd14dacb92ae087a97675ec1f20cc3a28c21344b8cfd711449b9edc59991

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    497440a8353dd869b0aeeee0989b0a46

    SHA1

    e451d2de22d1da7fd6ce5733c52cfb31cc64409e

    SHA256

    5815c3f6ee096062deaab9e9357c65ae297992fd694d3e8e853b56eb5c74c71c

    SHA512

    a4302d7153703d9920347f4faa0bf33891e4f51ef905f60df571cf2e9f236b48703f2f326487b015ac73165127fc484987a1cbe71443c648d14bba5da587f3d1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fce769fd15a029112e9dc56195c173cb

    SHA1

    73d3a3a0d0272b09754e02a7b1dc6e6c467229cc

    SHA256

    ee610433f7317004ef14386244feee696de5b03828fefc0e30205b1cbd69c079

    SHA512

    f17611f7297063c23e344e20ed8e93991d5c2e7c4994a8f6368e235bff62cb139c61ca4ba05f36ef2a82efa5f3a89e567a58dcab745dce6bfd4c3877712ca727

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a2115d53b002b3247949056d72edb79a

    SHA1

    bcfd2c3fd28f2a7a3d97a2d6c504910d53f9f696

    SHA256

    3ef9677a65e8b2dbf2834798215a56709f15a8c9a23881048028761671fd8c43

    SHA512

    56f2f74cf7fc37e47d9e4c7b0cc5d6005dd7f36534a86bbbd17b114152e2f6a3d07abf08cea58f74200bf67c234b7ac1788b0ca288cad1e11e2fa0058bf35d9d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a81185ffc0acfcf623e7c711b851bc02

    SHA1

    d772dca82b7c1fc6cb8190dc7de0bb77ca8c097d

    SHA256

    6f2560204755ee18597bd977784d2f37fba365825ab40a49e10e44cae8076ebc

    SHA512

    34354dbdd8c79ece93cadd08c8697552588bdde24437ba3d5b52e07f703d8c88add0bd431c272aa0d5f4c549968e0026875fa8245bbeefafcb14664cfe5cc9e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2914b53d0e24a21052e1c2b0fdf0bd48

    SHA1

    85695cda1448f150d9dc2b08cefc56ea43a847da

    SHA256

    eb5b1a8bde47091c8d104dea9153ba7192f8c26734363c365b5b1f6580b28681

    SHA512

    81d5d17eed95d76203f6d3ae29a2f2c2290ebbf818370bee508bcf2d6e4b30e7f1491436b51d61a1814f2dde24b0a9a9600e21f0a2b804a9a7283a7513383cb8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9e0ef08ed171c09407802a629805100f

    SHA1

    7ae641db798483f689cbd954ba2217f8dd9cad44

    SHA256

    4b6cd75ae37886f98d0038a677b57f91018e4fd1debaa1645908cff7d0c7b5e8

    SHA512

    f83cd937861928bbdcc11f833089fa99bb7e85987e4c1ae329a3c40cc73a2d443c218e03bebf988b027cbe19704d0c7a33c9342e5eb589752ff85433f954a34b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    35575f007702394219588f6744fe53cb

    SHA1

    77f12fbadd068e504ca9096dc9bd06199109a03e

    SHA256

    b559034ceedbada1d90564cc68399803e10d9edd4cdfdc2d5926b090b59497e0

    SHA512

    a8e4ce543a853a6f097eadc5f0ce02f3270d2bc62c1d57b4575f98f48baba829f9acbd15c043ce73ce3e2f370889554c863168c6e00ee729546ab275c5b5cb4f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7defb9a09349a873eed84292714d61a8

    SHA1

    296cd0107318ff4fb1cb54eab6a73a5a4dc2e8d5

    SHA256

    4356cca06d7c3b4a0a6e9d6bc366f9456b6c298ac451ee97aa409c497e2c0b3d

    SHA512

    5651dd78e4b9d3b2a5dd62ea35232d3c3dfd972da8b535cde05784e4d358843b415f971fe3dd17fa39db244905ac9fc1f1e415af355e34d447c9fa29398a36d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4917bd60e104df67fc8d0d2870b2b439

    SHA1

    317bded9bc3756e716876e925e51618811754def

    SHA256

    9ad59ea8e30769081f5f15a3ff614fb80bc48462531da56c3bc72672660ec8dc

    SHA512

    6cc9f95f69e10b9ded8ce23e9e63b8a94f240c990b0b89b6eda14904c9778cf586d92ee5206ca9736748804c1e23e201cfa62cbcf6d44a89c4d97614035d01c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd9cfa3d8f4d985c5db4ba406b2a62df

    SHA1

    b206bf41f6bf806f01c5ed6bc968e58af4f0b71d

    SHA256

    dddf58d963262a38cf41259b51d3d03ecc24fcac3b83d7124924b7ea2e1c41f9

    SHA512

    6d3517485b57cd66b27e692447e5d262aacf73c24152303b638b2c702a59d8ebe18863c561c86b5705be327c2873e24085dc112c08a497b3b85f2f181533b0eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eb6149152a5311ec2ae8261222f19608

    SHA1

    6d1c3e1f10f5a414d2323ae9a95a9713d86d7f7c

    SHA256

    14de0c42069b46a3c7c47b5dfb80b32628d7c9eabe07d9091d28a88515197cd6

    SHA512

    8642b0adf6cf5c468cf271b7de24ad9484156cccfd69ab2a329f4b0ac0ec5d014b05281982598fe352524b94d6a27231ef171b0292f6dd13233e7a7f156c35dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a91de68d6ad972547684a56c7b08b71f

    SHA1

    2927c8f8d5a4f88cdf891d35d2f9ecc3612b3419

    SHA256

    64b52782311ba6cf89e67f00b07e2774a9aa8fac4fcc4894fc81e0e5d4b4d886

    SHA512

    ad8513f5f4a23c33d02eb38b2e2362cbab667454072cc819abeb7484f57776974248e4fca60c8cebf3f01f562273dba4d995f66fd76261955b189a8e7c507259

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6426a71967fd1cc15c0172c5faff198c

    SHA1

    1584d1efb1ce7fcefa782c34d9f0369748f75664

    SHA256

    0fe10f213942fd90e459411b9c1147b8e39666aa18e78e5c4355cd6e1f60bf48

    SHA512

    a35b33ee3e9be4b6e8d20073d08607885e8160fb592e22b9fba72b86abbbe813c523395c7056e04e9b2adc8a7df664110feb248bd2a62a7b58f42be952cff6d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5ae38334aafdd6def715b7d9a35f6dbd

    SHA1

    dbbf1ff721c958e1ed4d20881e2f27ad35748de8

    SHA256

    2e4e5ba7a11bc409a0468783650bccac8ee1c8500ebd8bf514aae54a0fe6f8b1

    SHA512

    74ffc751f698d57410829999b1cb22f2f76c4bf16bf55ab40f521315a388f519cb87e98f2a710d5389c078ba0685226df21eb65151a73da9d4f79d0cfdead513

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e9d7bf515629656fa086b02d1f996a03

    SHA1

    6b4972363ecc4e236ca544721e26ba0ede6f5125

    SHA256

    0b7992f5fcc40bd0645747686ae09f99b8167e9f49ef9204b7d1e96230892873

    SHA512

    84342088b8faefad4bd9c9d90a3b2e2cbf2ecf68c2f5614a439558c679f4f86b13d0f02673b9f695430ad52620d1e49b9a28867da164ca9129656fa48ea29248

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ca1d3323fd1cb25b786e0674527fed6

    SHA1

    eabed4850d96228a999c47e35a0a139d9adb6596

    SHA256

    314762115f8e6064fed07d80b481c7bbcf9e93584d7dcf79b05022658a9a73f8

    SHA512

    42b944ad384b2f5d65bdcf7e6c428dae2869c8a66bec34c68845bd7d21dd2fdea52a4f10faa6c27d59f0cd5a87a57c9d2a0160be7aa507db5a659ce1908088a4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7175bea8e31d8149b49888630b815b9a

    SHA1

    1caaf0cf5d7db4109b48e2a09f5acf0904979935

    SHA256

    3f6b8885886a210bbb215f715ba7e46b3ec7c690da5129ffbbe59038735cb5e5

    SHA512

    731e373377d72e9a72c3fbb436125fccefcd0d366dc7ef7ca29e33caa31dffbf956f887099d6c8c20b9c22592cde1aa6c04274c659ecb3bd10f542433a15ee7d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    a9a46ae5605eb63acc9d0a514a82537a

    SHA1

    ae5976f5b6ab119ada104c98d1e39876b3e605b3

    SHA256

    76dbf49b50a57effab1882cb58e441e592f3f5e169745484a59b394a0912b199

    SHA512

    74c052ea3e12632b10290c2e693ff1ff82db8619010e4dc87a1b5d59421407938758cbd59bbe2f0bf4d1a21585dd442f8340f2e5b6e66cdda4667c3f52e480e8

  • C:\Users\Admin\AppData\Local\Temp\Cab1DCD.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar1DCF.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar1F6C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b