Analysis

  • max time kernel
    118s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 02:58

General

  • Target

    a39b76d9a7e17791b9d9b50ae49ce859_JaffaCakes118.html

  • Size

    35KB

  • MD5

    a39b76d9a7e17791b9d9b50ae49ce859

  • SHA1

    d757d73e4b8485564fe8801fb3132c429ac1c2bb

  • SHA256

    1d198a438cc586654c9e94227d4fb6d1b58a90cb82733688d17b30eb3257ccb9

  • SHA512

    6eaaff0e0ff500137aee890b81b75bc5b43f231c32e7975781bcfc2cd31f13369d569146933df08256dbffa19f5e333c5a8d9f929e29c5d8f5d39c8dbe421ba8

  • SSDEEP

    768:zwx/MDTHUO88hARvZPXKE1XnXrFLxNLlDNoPqkPTHlnkM3Gr6TIZOX6sggh6lLRd:Q/jbJxNVvu0Sx/P8+K

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a39b76d9a7e17791b9d9b50ae49ce859_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2420
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2420 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2952

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    d3049f1a4b143f13261e38abab901109

    SHA1

    1810917619ef7b98f40697c12f35a75575665f8f

    SHA256

    69df6863aa24aedecf107a7e2e0353d592c52a5905cc2833d824c2298733e9d6

    SHA512

    6af844057e960d6f4165f297891b676492281fc4abdd7346a220b1972124fabe2a9e0f7b3825c9f67c1ed885262cf6fb994c4dcd607c1981005291a240b6e958

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

    Filesize

    1KB

    MD5

    2c7ecdbbb063ea5981f2aabe7fcf9ac2

    SHA1

    5c92e25fa96ac7eb2d432563ce62be6a11dbd232

    SHA256

    a6420b0e8db153c246988af7382bb94364fe491631d88ca68f800e83750489c4

    SHA512

    8d7258ae557ce5f5fb98fa4da2f55036df3ebe308392f656a1bc21cf09f0d335ada0b44503fb523b16e8067bc7803f7e20e5e05bdfcc9b4ef970e763975b8c93

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464

    Filesize

    724B

    MD5

    8202a1cd02e7d69597995cabbe881a12

    SHA1

    8858d9d934b7aa9330ee73de6c476acf19929ff6

    SHA256

    58f381c3a0a0ace6321da22e40bd44a597bd98b9c9390ab9258426b5cf75a7a5

    SHA512

    97ba9fceab995d4bef706f8deef99e06862999734ebe6a05832c710104479c6337cbf0a76e1c1e0f91566a61334dc100d837dfd049e20da765fe49def684f9c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

    Filesize

    980B

    MD5

    5fbbd11da1447361d95430e07018c9c3

    SHA1

    23934454aa9c6076fe25696a8223c63ff258f496

    SHA256

    9018fa7df4d8c5ac5f77c69f1a33e696bbc91e2d44a64d3b81274c510242b2ff

    SHA512

    c3d1b0ed8493b07dbb496c8369c34011c9cd46c8020f9a693aa807baa5e375a09c0d633f14f05212d2e6ac7c4802e69bc13c186eb95086e0220a26a5523f4b7f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    ddcc38ef4e645a3954ee1888227aea1c

    SHA1

    9dbc376419ebc8448f0bcf27083cdd6baa23e69e

    SHA256

    dd3c0a7c1733542571a38e12bee08b01024702d4503623fd0e7b87b2b26105b3

    SHA512

    256ec0ddb42b54660208412a1089cae2e691dd5c39491d72fb54a8d49d514e199376b0867da9c9f3fa48ede8437f450062943b22645685a27e03a42438209834

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d9398a778192f43c6d988e37efa83a1c

    SHA1

    b66e4cbfcb2ee59605c7a76b5941b00e2743ed71

    SHA256

    182ec965e31f4ec47bdc491cf5260f6d5cb585476df016fb807e26d704582c49

    SHA512

    f621deee5671e1f12d39f589f9d6fbd52931f703b2cf2ada1b63c6c3b167b3b3bd623d4facdc0b4aa5162f665b46b87d3b27bbacfc12949eb9f4abdbb80f1f99

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a2e138b30ecc26bbd07fbc1cde7de602

    SHA1

    950c92a7811b32dac8c1acfcb7c9e1f28f231263

    SHA256

    d86b3fdffc2fb9eb94669870216ee63f4647a1f9e6fd267868c7bffb57eddbe8

    SHA512

    ef834cbd7af0d076f8e10a373dd7dea43616557ba1fcf1d9145a6e054cebd2df5ab107a4915868f398826fb4f7b732f5f2fcd55b1ea63c0b338989e61238e119

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3888f606ce8b0d756b17856eba81f49d

    SHA1

    8b63b9af579a5a122ea18bc506bea1e0c3d1644b

    SHA256

    4d40f3521079a98969d1e5e011d7bba06a9b1adb93978f38ec2b3ea02cb49ea8

    SHA512

    c8b8e0b3884c34ce5f2735c654a7f34e13ccffa6c86a14388f6c71cc1de12f5284392fb28943d58f2d9572922a3dc8b39255ff9b7f497e04c7a97e3b4f188bcc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c48148017921f01801d8e863f817fd96

    SHA1

    d374b56769247cfcb44a6b5e83564c5646d013bd

    SHA256

    dca7864a4d0feef538cc676c7a75942d8732027bc76ea6c5af05d568df5e0e84

    SHA512

    c4350d72180e5bcbdba06d6076623cb351a5e3bd7b563729c65db258d800b0703974c031b0842244794b6dc3b8b3560f56000c550f7f7c58b7f44a5c5970bd88

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9dcbe374a52fad8b03ff6368c148564

    SHA1

    35ac1ce1370416be055b297a31ff1f074e6351fe

    SHA256

    a838f0ef9db172231dcbf9515de3ade3d558626e4e5c65caf2842ff70c2782bb

    SHA512

    0c0fbbd54f29098a77059e3bdfa91f0f179d83b805c50aeded6b1a42797b500f00de6bb23c06ae6363ecd9f627b906b3f9286d3105890d50a1954a30930c4aa7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f85c0fc09c420780d978c663522e8b48

    SHA1

    7fa7af87f53611b7e1641db2a965480b011ed5c0

    SHA256

    e3e9abd84c4c333c1528a6505b1ca2f2352249173b197fedf2a0ab122962d406

    SHA512

    8497c80520cd2bcf9bf4cb95d609091e829b44a1e8e3540ab7af6d7f6fde971fbc7cec7db50f4f3108456c3027455acb38eb583dc8d38f979b4e4d4211f9f2f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    81d7d0c946832d94bc5abcc4fca57b9f

    SHA1

    3db48ad7f49bfc70f9654b508856a9f10f36ea58

    SHA256

    c43e2dc4cacffaced3f24a699b5f4a812f646b88b72996cf39ea9438b5b6888a

    SHA512

    e52939749bdf727ff4d49bf0fa65c9d5bf363fc47012d679eed48be1f99738da9bd04222521ef6e7a1c512248050ab1f940ebf78d65a7e5c53259cbbcb9b5c47

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b4087114625f2a5bf795af21a2fc231e

    SHA1

    4765b5f10bd28b8d1ebe27324dd1c24ec097b5c4

    SHA256

    94b7aeb9ddad1bb3220c4317e4220283ab3b6c29dfc792dff7041e3c2cf87ceb

    SHA512

    910fb24bba95f4ed6814e5fcee0203a93dbf199f3104de5e7695b6de33d118f514d89af9dc368e92e0e61d765f90e9cce193d42c8b1e5ad868c67e03c2d46275

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd032a8b821eaae8d9ef6d856aab35fb

    SHA1

    128adac315aac872a1c12b2e66412625d0f01413

    SHA256

    4b149c0c73347d32f84f388c8e6a3d6e2b503252c7f24192a428ec4568b62f03

    SHA512

    f185332de093bbad982592c0d6fe09ecba142eae5943752245a003e3db22a6dd3636d08e05465deeaa4bda736f6da9c3dd5c3274f5e8e3f626e742c361420d66

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b9385f336e0a4217f691c81a0dcd9d8e

    SHA1

    55e39b86dd0878c3bdc8c83742bca9b301fa3858

    SHA256

    cdf453e453c0603f4def8227c2cb810fc6d5d8ca0e65ad8cf6cad5a26826688c

    SHA512

    08ca38f809ab209e95047b5e54890332a8a31c84144f64418e547335e45d13d564baf03aaeeb759f8cc0d41d8f1e17ef5b222264e85eb4cccd75e508782aa995

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b0b3b3f95268095a9dad6409a7112cbb

    SHA1

    962264c626b35540379edbd7758e2c9f497df78f

    SHA256

    ae21b5e0afcb7c3ec4c211d7a352a4cd30673327ad217b2a28cb5170dc1a9ae2

    SHA512

    62ffec45d1bb07d4d9f5e29378cb6bb37a4ccbfab5c6336fede53386d770e10b8fb927dcdc5b98d1ef30e3caa679fffed528ad2dfd8181f29d45dfa01173f389

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7dc4d99009dfcd68833e7c13cc381eda

    SHA1

    64fde321958cb176afdeca8c5c0bc2f39323bd48

    SHA256

    ba18ccf0ae5e75c718ad244af2063ca149927fff890bdd1a6fa8e5d4fd7370a6

    SHA512

    48f60cd15736019b1eadf2822b8a48ec5007d9ce82a939e7179cb3afea0a7798e397110572602ed75e8e828c89940347968262889985014cfbb939647752d980

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    045154f92e468b584dc54e91ab8e7773

    SHA1

    30d6c3dbc51c413cef7584627aaf2ef31e097f02

    SHA256

    255729286a31497378c15921208497e5713981bf57b4b22e7b68979e7c76334e

    SHA512

    343bc11c0a267e2d8c8b891e43df2be837310a99e99710e987928a78f1dcfe0a5404ddb5ea163165bec544f2ef416e32b9880c872c84b7c9bdaa477bbb41fb45

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4898a451fd494978f3c75aefe6b4f42f

    SHA1

    0fa9958bbd042071834991980fd0d6bf75d27e45

    SHA256

    844f6ab1abb47e57eb2a26014560cc59ebb0623d8680b7994b90c1f19a26f11f

    SHA512

    5bd9d4e569e2dda6fa9f9dfec34584df6f6aca97e7fc70bd0ba8c84819a66639617ed92481685f7f8cc3634ab0279e06c480fba9e3dc552a0d8ac5bf0802830f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    99fa0009fb3b54c2c7c8a8f98699aae9

    SHA1

    fdca2c039c445602295b09bdfa2ee74d4cb21043

    SHA256

    800b7c76fc8ff226bfc1e50664e24c0a958c619c8710c55da2f5b0fa295fe4e8

    SHA512

    4497f0fa1c893c0b30c07e2a5cb376091631ed8a062a311ef140db4d505eaba6f55dc3572268835dbce4a812e67596a938d05d68a33488db9acc9ef20e02f9a4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c32f4c55d5f27f27df10d9bd6bd6e51a

    SHA1

    c70c2be2eba50f600589b95d651013121b1392d8

    SHA256

    48895c8eb513f02b9c51a0676b36f0947cc0202513abba23d27ad9e56d9aa4f6

    SHA512

    36a46325a8833dbaeabbcfd28a25c48332eb262791e7094e2ae2831528609a9db32522a3f803e4114fd8e9a4ab7de365f37e869a0945ba59f2b38b4651f5d3d0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    10f60f3755a70b05e93b1e94330e5339

    SHA1

    6c4d86eecbde500f5c1d88f32bdcdff251df7c8e

    SHA256

    3d60e527a5ae170ff854aff6a51328889ade94e92aa602367409d0a8498e5057

    SHA512

    af9997d5a6089e03fb8b3a6b895d527eeed901c68d765b4a1ee2deadd01b74df7b28b0d61cd0b2feb31135616ebd1eb735d639a46db11130c944a99d34fdd5f2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

    Filesize

    482B

    MD5

    f3fc96075749e1eedd3af1f5d7226fc6

    SHA1

    847bcebb5ef3aee3815e95be761218c22087fe3c

    SHA256

    6853d1ad713ec4e2bfcadf4ff14ac4567b513d310cdb395ecdbd8f411b699c79

    SHA512

    7da0e824053a098fb28e42f182349bdb9a185b168899c7ca8994021d2a6a09fb479f0059448095b44984432a0b9ef5d19dd756218f7b77b7d41e9d04b14cfd9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464

    Filesize

    392B

    MD5

    395aa23d40ab149eef06726dd63d89f0

    SHA1

    ef8e02de1ec1a4d5135d0541d25db1560dc6f602

    SHA256

    42c0188fd156eb38f15e490cfea7cc81c0612ecac44802134d6273bf572c7bb3

    SHA512

    b8228b5d82595ab87458cf18368ab3500b9efc6fbd31387f58b16386cfdea010ec416ddd59afb707d3b187ee4611b448ca007636e4573c1fed54351af114247a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

    Filesize

    480B

    MD5

    b2418cbd0eb9740604f0f19b733f7812

    SHA1

    ded26c1f89c79d238c0c91872def2670023c1d63

    SHA256

    23126730fc0fa4006f17fb7b7b1c9bb8de0582bd5b2318e2204c3450af933944

    SHA512

    182d5b48134fa18363f5ad433ed95fe87fba6703392ce02c2972f59164c582da7b6bbcfabd2541b4830114b3aa4aa49b500a1fd8e391116d0f274dcfba1274ed

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8DU897P\59df318a5dd5b358077fb9a7e56e80a2[1].htm

    Filesize

    162B

    MD5

    4f8e702cc244ec5d4de32740c0ecbd97

    SHA1

    3adb1f02d5b6054de0046e367c1d687b6cdf7aff

    SHA256

    9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

    SHA512

    21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f

  • C:\Users\Admin\AppData\Local\Temp\Cab5459.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar546F.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b