Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 01:18

General

  • Target

    a35441be4f7e7c08d767c5320cefee75_JaffaCakes118.html

  • Size

    32KB

  • MD5

    a35441be4f7e7c08d767c5320cefee75

  • SHA1

    aca3d6b4346500378a2b2c81c46029406750a213

  • SHA256

    b02a6c2da9411d5fbf048c22fad0ac64e668d83823e65c94e0bfbab9777f2616

  • SHA512

    c79b1b468e91c4b4483cf5fe822d9f19bcdd8ffd503d9c74ef0019ab695a0ef084fcca8cd367d27bcbbfa90da40bb93cd3e444ec7a7768fcd156032618553de6

  • SSDEEP

    384:K1EyYgdxck4kpyP1OcC0LK/veujaVd4L5N60cQQuIfuBxkrazREqNKKX:K1vYgbtveitLC0cQQffuBxo6rrX

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a35441be4f7e7c08d767c5320cefee75_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2232 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2276

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    243ff4c5b3d567e7a4633e8ccc82d8ce

    SHA1

    e0c5ab11a6cb26cfea0aef968c59c706c9d0f62c

    SHA256

    01f61804214621cdde03eae7962eb343031794c6ddbd75d887ac4c1e80c5dc63

    SHA512

    7716ef6a69a5f2e6d0329eadea84ed27677f24eb0847de879170decfd0fa85031d84474742ead82002218828fd4a5af4d71461d8db90af8a13377824fc09ef5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d535a7599ccac6ee3838c4ee0b94a71

    SHA1

    d1a0f1ee8e30371e12b7bd1812d6a404091f973c

    SHA256

    27ef49bd9d8f039b913079e79da526c5ad5ba61c77d2ffff6b9dbfd1d8e16346

    SHA512

    2d30700019f0ff6c5b0bcd641d41cb05cff508fa2855a9bb5c62dd7e67c25ed867f0cc3b7ccc1ad8e17d3f869121d1463070e39960533e75e6d5f053ea96e894

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    98c28b6ade075592bab1be9011a0d7a3

    SHA1

    554faf5f53abef2c66fd8c2c876cc0b0d55a63bb

    SHA256

    99129c90bb56b4aac0033b221fe55366dfb9c8e9e45671b9a9990dc760471bbc

    SHA512

    9c4d4c21c9224adbb0bfe8ea7001e17395a4449d024e267e51e3b85b8da23c8faeceab9c288a059a1077507ac6a50b91a6e6d58199acd4666919347ac0f8fc4f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9c6759a4275a53d74e19c7428f0eaa3c

    SHA1

    13f1d089f27971358f6ec7561df135c070352c17

    SHA256

    b762312c97b5e7dea0c4b56f5daf62f947c787aea00ff458e99f3a7cf955016c

    SHA512

    6779cd53071ca9be594adcbdfa878130d070e6c0e68d4ad87d26b530655a6ac3f458eadb0f86cfeb82a5aceb5b5b8c6ffacc98805d793cd2890770033a958c05

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ef63f396cf2c93fe0b00a0308ad91a8c

    SHA1

    b7e26a59fa0aff7dc453d8d49c483f24d56bedd8

    SHA256

    46489f3e6150ace5e1ad55a935613b2b0aa41159c2723e0279c36840965fedf0

    SHA512

    c8cdf475588b81292442a98a6118ef1e300cbb259209bfe04b243145ff81c8e77ad613b8202468c7696aa85f9654b8e05373717a074edf56218af1e7ff8da260

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c6c3600cb19e27d2371545edde9fd974

    SHA1

    aada9382cdda60712dfe542d35ebaae0cea89f97

    SHA256

    d94d7782b7f1546be104ddf251ce86f73239369b9504da1e18d128a4ec8777c3

    SHA512

    d98ba74add9bf3b8609a4acc48499d0b5eef0119504f3bf589d6a7c67b490b44bf30f74f47b2bcc828b8a66e8c222a1e95e15d63f376162ac6904236d857bf2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d25ec43ff30abfd6de8c37e30611b6d4

    SHA1

    a865ceed37e6ee560270d02bf7ff9a818c29f2b6

    SHA256

    bd3642b3f232cb1e3c94e504e4271aa8dcc8999059d5c16b33777b4d650d1bb8

    SHA512

    d03b6af90cc07bb5652c152d2a3724a7bfd032850d15561cb36054ed4aeb25e92cec889b2f2cfe5b454ae13d186df0169f21051db431efd01c7694f1d9c1649e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    00b1b48ddc162d8de6b2b1984af5097f

    SHA1

    85949a29532ab34749445398c4d9a09145ae6c46

    SHA256

    286e0d3bfcbf5fe8bbfe6915e42318b839093cee42c9f4fe5557b7c0e9391f45

    SHA512

    48fd788abd84951ae1f4bba3c9a05dac9004d15473ddc425b38880c66cd3def7d619cfa40a863c70e1696360fa5b8d28b9dd3d9007f07bb2892d70981a29e6b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c6c0bf638d029a0d8a6b6da381b3182d

    SHA1

    ada3a88b7d950c10b5e2f3b65ebe6d4cdcfbf3c9

    SHA256

    99ba899c418b129aa1a467f28b067b2276e2107aaad4e44161ad7785542a123d

    SHA512

    b2c52b7038e3d97a2bff35106dcb4be6af70769e0a0b8e39882928cb2f49cdcb535a05ee1f53acf3d54927cedb917501dc4ad751e105b680c9a4235c498e92fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2643e42f3b40df555b73721f6c250df0

    SHA1

    3348fccda99cb9424241c6d34b7c846868ee8653

    SHA256

    6924bf3034e604a632f184c91524aa34fb053ce29189808d912adf8b2c705e7e

    SHA512

    b84d0041815cd08f29afd2e4cf99d8eaac7941bcaf9c1391cdc41eb687052ce6c239050cc6e0f7c9e04d9c28b85b3a9815491006b7e9a0243057f03f52c8afdf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    50aef6f161b0093304ba3604e5a949d4

    SHA1

    fd629b2b699c1dac9f8c0bb5fcc3817c15bd1b90

    SHA256

    7da8f8cbf35240ebfae8897e60fb7f504e3cbb2748fe11cbdbe61988b50bf8c1

    SHA512

    2c0c9a2acadc7fe7ab76b86a1f9faf42cf44f309ffe60e973a8da278c90ef67cf24cf5f0398880d1de5b70715c3b6fb2a9509be1f5e4510d84df9881b7041b23

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e52950fd44864933e04a626a9ec65e9f

    SHA1

    eb26499c8bdeb999946c3015f46f409fb9ad32e0

    SHA256

    ac49282899692eef8654469bbe819b89c7dd972f82ef85bc4ff0a70b5da91af8

    SHA512

    6e97904bb6b6f1a9f5f9352ad02b6df8dc171491411638f129639d35f569dd26fefb23c0482db7f07e7325151c82150f1f25c6c3897ac08df580ad22f349a0db

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c30ab12006a1c99f58e4683f6a7c41b0

    SHA1

    e4a190b1fa19810f9f77c0fa22617263a77a7af5

    SHA256

    208ea6de8ed7824ff69bc21d07f1c1e3e17c0b882f14a3bd7069a3592b02fe00

    SHA512

    38feb1d91cfa3bcaed534cb252398011ed948bc18394446329543c4f909112eff7e9d4eb322d4a630b60c5c7be18f531d782bc459975532162236ffa09fc6a49

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d2d5a545941c2d8a3c8a0db91c1aa75

    SHA1

    a3ea91902155e8ba93743124fc554feb0039fb1f

    SHA256

    9295d3638cede2fc8d00c585bdf091b879bea2908a040095df3cab31c3a93073

    SHA512

    da8d0c5caa153d0c8debdf5db124be3ea6f7516706a529721ba92ac5248d6a2c71223cebb644ed8a9185a99ba026cb5af5c72d076e58521c13a8a3b0a602dc5c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    55569889f79d671d5176c9ad3af3b912

    SHA1

    21c55ef18d43042835322453ef99975d9565fd95

    SHA256

    05453254b1947b45814558fbbeec584b30a81abe8b9ec05c06d3316729e81dd7

    SHA512

    0251f198f1712045de4af7c4baa7e0ff7ee2770498d2b98966457053fb72a1cd2849a405468801e6da6b0c1d725056d70f65cc096c499e4362d8522c380122b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d465be1e6a47881ad355484e31a58213

    SHA1

    a6130d3dc59e604b5d3bc18cc0817c0b410c22c7

    SHA256

    89ca3316b7e26b0fe27541c91ce2eaf001605d10f9b33f306d889cccc73310d1

    SHA512

    74faf6dae4097b3de443531c4651b8230a8980c76f3e515cea31a0df4ba26c405f3a868bfbcc843dca97746b2e0da084842911a3be90a4dba8c1a30443d788f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    84da20f225b64deedc9c36d028ee89f4

    SHA1

    244971254a1271c7a05aa74762c9d3c67b69255e

    SHA256

    87e9fe9330becddea6c68b0a088f9255e415c761b8b8c24d5458048f6caa6b9a

    SHA512

    1911bd7d30a04612af38e049f3b335a895faea9022a810df20cab16cfab974d38a7788a5ab5b0edc586a96cad3bd63d7162567cda5af22387365990e6df455e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    46a6813ee9ded16322271b693f8a9176

    SHA1

    a8981a51a41182a44c4a1352729eba292c9aa606

    SHA256

    79fe0615ac33ae14993ef64f74adf1e4e8391b9cf493605d9c5a3aa388e8b552

    SHA512

    199b21a5b2e601d7f349f5ab537481efc1e87b0499ccbf63153f8c3451a55bfafd34ea16335b6ec494ba57f7b34f23893476acb1b1c89977ced0a568a899bd6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6451656f1479dedaedd23bf697013219

    SHA1

    b9ea705c9b46bc758e615d55c33f0b410ad29fe6

    SHA256

    b9bc9cf1d50804ba408ff4988b70eb1c949270dfc90eca01f3d30802a177a9f6

    SHA512

    588b18878ee8e8187dc9d6ebd07a0d24565934afce22e1c89d0b1a21187de265ea571afb24451bc18d341e84d511164341e0e276ee4bb4913fcea41875d8213c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f16cc7669b31e39526e1dd86b32aa4bc

    SHA1

    67e447e843bbfa49be900ec5cce12c61164c7969

    SHA256

    1c02fa490847e5c8afe8b56d1204e8d57ff469a97994fd2892d5bc50b283a998

    SHA512

    3dc596c0f1c4ba235047c55e09440d5231003676624197f8465168b6e703eae02928edc2de626fb08a4e26d07ec92adb565d67cdb2fcdd0c72f5c367ebc1a2ca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    397c5b621b5557c141e9b8af0c14210f

    SHA1

    d5d6184ed8e48e3d40d5b0967248b3c34a863351

    SHA256

    80a467a7866379d39ad9902d3cce5824d8e753d5221e3e960f8cd7adfb35cbfd

    SHA512

    91c5024d8ae91e07f64605aa5887767e240136684c3742117ccdcbac34892732a950635d800df49fddd163b785bce255d78399ff53b562bd979f4afb36827f84

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWTP8BNA\cb=gapi[1].js

    Filesize

    66KB

    MD5

    0fe383a7ddb9bbaefc3105b3297f5583

    SHA1

    f80c9d789f251909c7560bd91a9e1b9a10c26362

    SHA256

    d7ad4aad4e48174c30ef21fc32c9380659d2c99a5c39680e10ed9752139d8683

    SHA512

    31de1f59377bc76e5d602d02273867ce750bbbccb7edc8f2803c0188002ecae6752ac3ec31c2108e64b0d871b01e6a8a06711969dc68bd9823303def0e7c1ee4

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3JK00ZJ\3604799710-postmessagerelay[1].js

    Filesize

    11KB

    MD5

    40aaadf2a7451d276b940cddefb2d0ed

    SHA1

    b2fc8129a4f5e5a0c8cb631218f40a4230444d9e

    SHA256

    4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2

    SHA512

    6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z5LT06Y3\UCWYBT5Z.htm

    Filesize

    152KB

    MD5

    f78c09fff0a383a9caf9a19ecad4e849

    SHA1

    b8ac437f64351643b776351211a5efbbfc1fbf22

    SHA256

    0f53b45f3bd465e10b105f3a6f05c1277b31d8727ff6f8fe4c1091b1bf4705be

    SHA512

    51f23bca8c25b84a0e7b3bd1a45e08466b716b16f2d5c85c6732fcd5bc80000373456279264e3402ec3b35c952ed32828fe05d6ef5138414343c28e45e904983

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z5LT06Y3\rpc_shindig_random[1].js

    Filesize

    14KB

    MD5

    6a90a8e611705b6e5953757cc549ce8c

    SHA1

    3e7416db7afe4cfdf3980daba308df560b4bede6

    SHA256

    51fdd911dc05b1208911b0123aed6b542e9d9f04c94d7504c63d89ca259ef679

    SHA512

    583636571c015af525cddd5b8dc2ac9964aba5a7a9b0acd3908e4aeb4c2ee74cdfaabe49b0aa13d7b142748542426864e91e88e90d7f73bc647f0bfecb0ff7bd

  • C:\Users\Admin\AppData\Local\Temp\Cab94A3.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar9581.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b