Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 01:18

General

  • Target

    a354eb23d5d04b64c2f216894eb809cd_JaffaCakes118.html

  • Size

    67KB

  • MD5

    a354eb23d5d04b64c2f216894eb809cd

  • SHA1

    e95d6b7ce6aa3e098e1badad61db659edc6bbba3

  • SHA256

    291c1915def32854f615d79e4ed49fc75ed720c20e7876930caae8f5b8791d32

  • SHA512

    33d8ff4f7f4421cb2cad143afa63af430e77360959e666a5dc107845b90d9190cc071f69b72494929bf8c74d69dc105faa74b9bac28c03961020d4784ca7cee4

  • SSDEEP

    768:JiKgcMsSZ8tN99OIsVHOoTyfQCZkoTnMdtbBnfBgN8/oygcR/QFVG8c//IjkK5nM:J4WsTePec0tbrga6cuNnzIjv

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a354eb23d5d04b64c2f216894eb809cd_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2044
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2044 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2388

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    d3049f1a4b143f13261e38abab901109

    SHA1

    1810917619ef7b98f40697c12f35a75575665f8f

    SHA256

    69df6863aa24aedecf107a7e2e0353d592c52a5905cc2833d824c2298733e9d6

    SHA512

    6af844057e960d6f4165f297891b676492281fc4abdd7346a220b1972124fabe2a9e0f7b3825c9f67c1ed885262cf6fb994c4dcd607c1981005291a240b6e958

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4A9377E7E528F7E56B69A81C500ABC24

    Filesize

    889B

    MD5

    3e455215095192e1b75d379fb187298a

    SHA1

    b1bc968bd4f49d622aa89a81f2150152a41d829c

    SHA256

    ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99

    SHA512

    54ba004d5435e8b10531431c392ed99776120d363808137de7eb59030463f863cadd02bdf918f596b6d20964b31725c2363cd7601799caa9360a1c36fe819fbd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    490c57e1bd388a0009aa8bf4d2c5a30f

    SHA1

    667b26a81ea42b64f9c6bb59fbf1b82685f04c7b

    SHA256

    e43d0df30d2e16f8da255575ad91ba70c2e53e0a8448e3d00016497a28306f7e

    SHA512

    e8de367b2ae06aac16d7052e6735daf8b64b73c53e78af4a9a3c67d7fcda1b856a93ed5607f30fe4a317130457bed885bfc6f8fc01beaa531ebf2c40886714bb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4879ea4b55c0812e5975b82a1e447038

    SHA1

    54e62a6700c6dc560190c52e12da459eaeca0662

    SHA256

    dc5d1ee8bee30fe33a940142ba2e5b163e3039a48b08fe3fe9f2350ae15456fa

    SHA512

    acd6ec5b23067effe375eb0b14dc17ce043a0e37ce5a4e51e4fc2752f98990b21103c439ebb3b5b912ad12a0c8f6646b340e05a81dd47b48cba299734c1fdc5e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ad293ea9018561b2545e80783808c8f6

    SHA1

    193892be465e5761c18018d99913652dffcd368d

    SHA256

    968697b5612cde97508d2ef2fb0bb1d5beb32570875255b75f8ce91e6d94b69d

    SHA512

    87aa9b8ac4f78f3262a7adbe743ae301e81daf1a0efd7d1f1a4449bfe4bb076435dafbaca6e547453500ee48944b329a4945886d47a9b0074ccea5c4bf6d781b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ee56228d0e3262f5cce7470d772531bd

    SHA1

    0c016776ece894a2df552ebf548fba0eb5a516ba

    SHA256

    2a599b5f96dbc26427fdc7a600a609c7b542b96ab192af20c559461641d2fa82

    SHA512

    25535f83d27682fef59ba73a3d2275a76d19822dbd23c20c3dc585da0ac8cb5065bdc11ac39ed5401c88149b944018745bea3ded4efc74aa1dd0169d7c871b44

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b3c6a3c7ea28819c787f90e09eab5d6e

    SHA1

    df6131d40fca2dc0c983a446d0408ddc4fc55065

    SHA256

    c3e681dbb1967ae136a009365f132d2c677b2fc98b7ec4f08d483fa75bd8667c

    SHA512

    d555041ea6d71e5208d82b4db70fa986b7a83bbe9b779a186c11e7ddfedb76482e61120b1edbde8c9344d7de33b68c5046315ce9a3bd9d95c541384e07757bd1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36a0a401d7738768e9ace4946266ccde

    SHA1

    c954f2fdeb10066d33798ce4ac473806ab600cca

    SHA256

    921bc659b768f9276d8ab13088ce8cb2613f69560aa871d2f5ca28914ab17be6

    SHA512

    3d5021edc868d371a99a3a197956d54111eedc726342a6c036b73d4727c291a47369b9e0294013565e7d50cdbc92c7658941f1232de91a1606dbe89b25283520

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eed87df3592ec56ef6a1467be470c5a6

    SHA1

    e1a43acc1acaadc044120f02aeb1c18b09d4c3ed

    SHA256

    643f5eea8fb3af935433a85ccaa95b8a6fb56ce60cddefa69bd2ee220e6db23c

    SHA512

    7fea4ee84eff3cd88411558840d8049399ae7ef4837c7db6f0c9a6b1d0c42af49edaa7627e76c5f853ffe073483350470220da0d7d635a44c98dddb33970fda9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    59a3fa974a38cb68eaaa3b17ce3b82ee

    SHA1

    5a628c5c63961f2e768761d8667a46e62c8298e9

    SHA256

    fd07080503cfdb5ec973d755008b5956a1bcc177a1725ff61f58a02e54334a52

    SHA512

    8bfa5fcfa4794e9f5b592222988aebefb6a5f1085ae6bbe7d51893ae87b62f17a2c9fe53d9ed3ac56e32362b9773daa81498f725c08e9f8e3d829803d65ebea6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    813f06dbe27b86ef93129a13bdf52c9d

    SHA1

    b296040a8254c04d8ca68e436668d4661ac831eb

    SHA256

    b4af1d099b0452f53c97f63654737071a68cd0c0d324f83c6ae2c2da236af553

    SHA512

    afb0a4e0c735ba8b39a4a72a935079fe74f4058aeeb1fe7b4ccb3a6916058de28bac80d1dc09f69ca22d83446497fde0dfaf59abf039e57547ef6d6bde75256e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    540a42dd413b85e3d1566a099afcd25f

    SHA1

    0322f2fc4d2ffe5bf0c18f5872beb360526008ce

    SHA256

    86d424da55d9236dc0ac8a1f22a8499cfac429a19b6439ed95646be6848b82c8

    SHA512

    595c53025b84dd57ff4bc702cdf6882959063ecea9e906d5c84d567da03b6e824b0990ac6f02cdfdbb5f4e4f273891402ab309076f419973158ac055a7a386f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d5b4364a0df1c6bf8b6c32f18bf2e3c

    SHA1

    e53d994a9c9d78d76981b6af29b1696a0a6c6ff7

    SHA256

    a262bad008b18011d992f439d4d267b3e9fdf75dba79e9835ecb48670282480d

    SHA512

    13dc8df4bbb3a1b25ec64771cbe0f46e63e0e05c31997a67a92929ed052adc8d1825fa4b112ff634af60b41e2a0dcb774ba2378227dbf851252130738ac8867e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ac50861a9478b180a81f3afae4558343

    SHA1

    2455c76e61d7559ce22615b4b86a796646b35f8c

    SHA256

    d89ae11c72ef33445721e1583815e4521afa3df3a3ef819df29a5e380e4bf8eb

    SHA512

    6d4390f12cb9e3958ba6a3b6e8eaedf5d6009e2084b373fc60662c19fbaf16dd3d33c93bb8193c1f84579443e26c67add109d4a815e98af101e1be842d6d2ee6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e917c3ea481696734483fc851f060e6b

    SHA1

    f96b6f354d55c1843151b9e98d4417323bc56bcb

    SHA256

    524e9b92fbc8d721de5bad172e704d47dc785f6fa4f3c2e4fe0bda97383addef

    SHA512

    2650594dae588118a405fb940f9f3a6568b058559510fe3693758929ca2bcb2887e5a33c2d2a173653f6828045192fddc615794adb2e41a3571c19dea8ecbd7b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dfb53c12b9746f96159f62b16e22e2c8

    SHA1

    1d4bb4b929f08c242f430c5da3c9df2fde2bf22d

    SHA256

    19ac00a74c5c50dff572c42ac8aff0ccd54e1fe43109b45744b26d59a56ee0ca

    SHA512

    7a3f7f5104a67f191dd3024f1f1500d6bb1cec9fd4c50acd81f55061845c2d3943481eff7c713a4ec37d33f38f78b41f755ecb4d139a6a1e2aa8b6bcf708b559

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5525c13674e2ba338545fd9b018bc5db

    SHA1

    d06067b844e78805889c6350b7b4e2c0565b9a95

    SHA256

    abcab6d7f52e437ade3a27b818a0e25315ff07ab5c2a55bf8662740369f50dc4

    SHA512

    f0ad95481df7b90d7989b33233bfbf9cc90fae4e16d635ea1075dca3bc0e214dafa7c39657ccdd46f59752f95788e10403a09f691b1f1c8a6d738bcc277246d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dae2feeaf715ba8ccb347da56be62f23

    SHA1

    d47dc9055e5e726d54db70e774b22a074fad0540

    SHA256

    defc10ff55bf7398f7b10fe558511794d1961902e2706f9becc7ac37b0be007c

    SHA512

    eac789c3525c88ef0b1a1820c0ab4ef5b9910790edcceab3f96ee097484f084745f3830cad6428ea8684ee53e2243142d97c4591577f28127f68606a1574a193

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1a6c822c7f95e4f4d7daa7f153535acf

    SHA1

    18e367d990d4060f4eb2af6f551d729f55277642

    SHA256

    7311fc3c8ccda88d1a7524e7cf5c5224951e64cbdb435c69eb03f0302f87bcf9

    SHA512

    a66fed0786c30016f6c48fb7959b79de4aab294a887596816703974e5602f204723c6ac842d23b3d8aa59b0cde2922ce711fd0141d98f38a7258fa1829f82ac6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    651d10630a34fde60ddc49276d6735dd

    SHA1

    f389107e0b3788f7132a34a9fcb35e59c46b8ef1

    SHA256

    9d72e1961bc6cb4f77602f0b2eff1fc8938f61d5bcefd86f87d077d54a1bd106

    SHA512

    9068c14a1023d8082d5f112282f51055ecff097159488f8e9c423ec097a231fa3d16f6e044e281f9be1bc57218fc7b1ae2ce74f2c31d2a6c49bee8c49b53f76d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    792b47a15ab88a005e9082a194247158

    SHA1

    ff0fc8735124645e535644b10db4f95abf7208ae

    SHA256

    f79baa74d559eb813241e892fb6735085822d7b2d3b55523a6463fc53a07275a

    SHA512

    d7b68d539cf4af9ee2bdc54d579ef71c339ac76e30ef7f9462629e473ebbb84f6946579fd3d0c24dfc46243da2c11cefc1b566f29064f3cca1c83e8d87014db4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dccadc882c275d90481a931eaab58b59

    SHA1

    15eb2a27af486935fdcc4a03b4f8a99c14dbe5ee

    SHA256

    f84c88390b708dabaaedb75d14a9ac4df4444b016b5d0bf091395ebbffa03af7

    SHA512

    5ac22ffa83fac8409b98d40ab9a3752a8a525a1724fc15e8e1182dc26ad9d8a464b38bdb648567c44b37f1536f8c544a4df0d0c6835a4def02176cd815699b9c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d582fccd622e0fabc2e847fbd71997c9

    SHA1

    36ca97d3c8961b5faab0fb16a3cf0175e8650124

    SHA256

    a4ecbdfe023991517d86bc9ca67387281e5540d7bba00033a2dd2e8cfb7c7ccc

    SHA512

    ed984c87efad233351e04cf9efc14536788cd02cf0b93253c79cab66abe97ce92143c4cc94b978464b15425ab9e9b8142f39896f8f841ba88997b8b98d0f1c49

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    e969d94dce261f2468649116bce1a514

    SHA1

    80c008df4b5bf1a04058f50476296376e3695f09

    SHA256

    505554dd776904885b7515d238727532fe369c215997f948b5dfb460349c460f

    SHA512

    cafaa2777de451604496cc290a43f650d18f9c4c78f1bb78ffa5fb97ea5f620c5af71019cf50d6b421c7e77985b98a1079267a493b1daaae939e2646f35e8f17

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Cab1239.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar125D.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b