Analysis

  • max time kernel
    141s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 06:17

General

  • Target

    a429ef2898a5c951f3b7104985e86273_JaffaCakes118.html

  • Size

    28KB

  • MD5

    a429ef2898a5c951f3b7104985e86273

  • SHA1

    b45862db0098ac5a138ec5647462d574b9aae733

  • SHA256

    fb416ef4f009e40796b4122eeeb89ba121045d681287dba2ddbf28d2c6886083

  • SHA512

    3eabd182aaf8f337cbffe712a74ab860b5fd6bf8a40b0f491f2d9dbce53ac32e5ab2a584e49f4e73ccfb1ff24ab20dac785e7485185431d08476fec54aaccca1

  • SSDEEP

    768:S4zdsFqvfudlQVV1C5m1CCCcmzm3C/CnCQGUyrzB9njz2:SOdsFqvfug1C5m1CCCcmzm3C/CnCQKrK

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a429ef2898a5c951f3b7104985e86273_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2972
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2972 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2556

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    980d16f63c87d7d15176857c1b7527af

    SHA1

    ed1092703bde34ad91cc1eebfab1fbff9fcdba2b

    SHA256

    795bcdd8fe3cb3e409f3de0985ed9b31ff9c0e7bfa6b6d0ba364c686e4fbacde

    SHA512

    9fb0c70e2a2589f331f47474fb8a01399241ed2d0a77ec609467e0e29168176b9989b5bbd05844aea1945e7dbb5e7aa9a66e83597fc67e4e2665b724270ea1b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    854a7698f35932dbb00d5d935e4d522b

    SHA1

    baac994573f06c24fb3e8e8645b9539ec24774d6

    SHA256

    f0b97d04da2089304d86ffbabfc41a40bc5f0d68f5518daa02b701db419dcbc8

    SHA512

    1168f0c7c4740b41980e98e6c7c9e0abb40149d08a8571b332b358918653a255ddfca3ee82a904a5718d3cec865d862bdc685005263bf0deaacd6a3685cd79c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    350b893a706e1a6c14f170edf2ec7714

    SHA1

    8bb70767ebc64b47efa34a486bf5c715aee422a5

    SHA256

    124653b7c90978412c629a844ae4a15018ae37a574f47c4759fa646c46d7fe58

    SHA512

    63b7641000f2697cc4828a7b8b0131d43de94460be6059f9f1171b6ce5bdfe7080ef943e58109ce7f085b43428bc31b553dcda76a4a3cb92bbebd03728751baf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    00ade92dd9ab6ac5cd3bf04ad3bf7e43

    SHA1

    e03bfad910115d6877af53e8f0eb776e771b2585

    SHA256

    e2119dfd02e587e8acc8eb678aaeaf503875d60777317df9eb2dc943897b706f

    SHA512

    0ac5f79f4524d2431cd0822858592e3c9810ccb893d277ff28ada47320de6c2c71e48e1a7de013f931af14ce9c500906b4bb25b5910224ef3e887df8367ec1b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fc417db330f0551c4c5104879320a108

    SHA1

    132d89a6304daaeee7c638803ec23728c26bd751

    SHA256

    9710be98132a22c09729553ccbed16ffc67458428966c68cdee16843322ab8e9

    SHA512

    214e1ff08e6084f4bd9660b3b4877ad2a3aceb113c4d585d79a6d3ba57d6b0bf2cdc2380a43782eeb801c9cdebeeac82548e0b86e3da5e175803ccef88c96605

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    966172f96dc78f55eb1556ff0ab206f5

    SHA1

    7517154311c86ed349faa583728e59e7a16e3680

    SHA256

    3a88697e088e4c3ea3e59a05d7bb87c3c34c4a30f0ee13651a657dbfa8a3d73a

    SHA512

    bade3b37d3f4788000a328a7f7c8916555583425ec77a1d88a3ab300703bfbe0bfc4ed294aa6a22eb9e10751b481bd45c00f43dc550ea109b4032b4abc918a0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a8969244cab745cc741283472d453052

    SHA1

    03916600668f618db17dc9b38f192a774f7b29f7

    SHA256

    9bb919397ffbc1e03eb7182b845c4e441bb84049decd4253f30d2a74a2de9a81

    SHA512

    15590c10d1000f4a49f1fdd067c66dad2f92a96a7aeed28dc0d5fc85ac1794a6218c3226cb3e4c35094b184b08ecb0b9e3249e3336a896bb12391cfc63bf04ff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b6e6d31b789694b47d4a8bc96a5cd39b

    SHA1

    8265543f3ce34ab8d2ce363a16850b55a3f3e3da

    SHA256

    a57e5a16d97bf4f2e1b1514105b302758037d471a2d8d3cecc99427874dd2ace

    SHA512

    fddd499479bf3b93d8260e35953d9173322b45b70cc0b18638933bbf6118d14db8214726236b1922dc4ec6eda998d10f2be6cc102b17721891bd9a08594b91ca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    74985125f465492501f3c135b63fb32a

    SHA1

    9106d51d1fd157ab9e55521e180184c3cfe04425

    SHA256

    ab9879a188cd22e97ce445e22c523b868ce9bd7b159a88cd3d23cee53e3f43f3

    SHA512

    9c73391ec63011cc553654e08e2c39ee5296421da15334eba43df49f3214bb83e6cb398a399a326d310177a3da4a90337056cf35148f162fd47c0cc56bc59ae6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bc28fa45a954f3c6cdcb0b853cd08a97

    SHA1

    a45a582e116769efce6cfd7fa106f5bfa3b7afa5

    SHA256

    b0a21565b0008df786a1c52bed9c498f5525a4a73789c3d90d2da2e29fb99fe0

    SHA512

    1392f48ce13e368d23625ae8cb760242fe5f8bb76c1810f4bae5c8f3a3ae4f92b991574f953510b1b58124482722ae630113e47d8db74df87f8e87a105d66001

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a0e9ced3560bfe35663f9c86612f27dc

    SHA1

    100aaa863f0b05754679bb496eae5e64b42db399

    SHA256

    b23b713574190e213931b53e0f300bbb9977036108e28890054a769eee252f43

    SHA512

    c77dc3a7041df8282a977db18f9e569c0888052809004092c41b40be6c745eb863e8a454c2c7f6af5d119f7a614dede1a9408cf02ed08b06cf83020531a65496

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1166c947b2e55d5a1fd7ac1e80794479

    SHA1

    26d99d9531ae102ddd4862070796b9f8b2351b7c

    SHA256

    0f5b50b5675827f7552e080efc21d952c3cbab57cf105dd4bc50dc35f6005869

    SHA512

    a47b675a8ae5f14b6a7422147279d4c6ab87877c49579cbf518ac8792c09f9a798c208504f08e1bd011496f7a32325dee81c98f2de5e48af4658d0a50b115206

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b5c753fb0a5a954d17d39a7e0abb38f0

    SHA1

    43646a6738c4a2922a85460b282521e36528260f

    SHA256

    2b9a18ed306ba8d6e0ef366c8281f3998c2128a6cfbccbedf9c6a8a0ec44802c

    SHA512

    e51fb5dde9d961b2f893dcceffd70c3597a78282891113f658bb93081274c806a070ea1fb8ea8550121c93968928be9474d08770d21840784540b41a4aa490b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b045c06773fd7c33187714e7578bea97

    SHA1

    67bbabf31513130e8c661c8a1e0f17ff50b04dbc

    SHA256

    81f86dd5206e6c1e364ec8f26a76709d2efe501c2fb633483f5709370e07b5a0

    SHA512

    32c48028e6d4faacd3a81c43802bd598564118bfaebc9e6fbdfdf326d3a684d83c5b9c37fa5a6fa6fd1f421094c48fe685ee173d041561c03f5bcfe77fbb44c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7e968d5666f8486c200a0c6f5b01a074

    SHA1

    15994db15050d928085dc55ccce762981fe5f98f

    SHA256

    20a6e37dc104120212a0884bf4334a278e2225e5e0bc81f25d9143a7372e1869

    SHA512

    9691a864edeae6f801b588bd9e849c9ab7b196f5f0dd0ea9778310bf42326884b30bcdf58fdd0af1b0333098455d0ca4bf7ea79f0eb4c11b21442be0bff21007

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3dc7eabba211aa7addbb6f7a9f4acf91

    SHA1

    f8f6b5103d489f84fdc9186879736a1cb4c4c7ba

    SHA256

    73318c58197c060a6928a9923b0f986f02d89888b426718c8e59804393930726

    SHA512

    4a8662538293a8ec7ec60e58643aca0262676497bae52077459a2609f6277dd1108dca1befa0599fdb6fd2a06c96611af0ac4f958840101ec7e295a716b20593

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c6a044450ad2e7d2c21d481964d6d29

    SHA1

    ec78169fda685254a1f4f5b3f697ba05a2689a68

    SHA256

    b253d4534e0b846924dc1696814fd9d0496d22d7c90cc1e5d758fd61aecd1231

    SHA512

    3ecdfcb605e06957c368b0f333616c65cf4ce48abc5fb1f681712c76aeefac8b7c0d56447511e6fefa25bfc34128690843aabe3e7ee8affe27c8b501384318eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ae0a862d180466caf2491547039ab66

    SHA1

    2682eb6c99df34f969d8388c253118a071403bed

    SHA256

    9963f7e41a656dc9a5bc1546ce6de372512bf1e704c00c0e32f0e579b875425a

    SHA512

    91495097bbb4dc27d90035511066a701cde378c091d8d78bf94fed16281d691cd9d90de785dc0088435ae4f9bf559305eb20599ade70be53ce29a4ed7a70380f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    878e8c0a0094e5d9c1587a2160979598

    SHA1

    4b304462986682a49f8373d82c3cbb6fe7f3289c

    SHA256

    7c9c63490b518cbe0de24e1603e9c2593a0a502371b1b6bf06b27d9088899d61

    SHA512

    83c46352a1cef6444656015e221cebebd8ae6199004efdba04b110cb7402eeb19a3e7676a6ccb510c699a373e7447e3a48dd22f9d06601e1c6b8151ec32beefd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9db8ebe8fd35a129c06fc89d73a5f227

    SHA1

    e57c4c8530f01852f9035a0555e8e99774952a79

    SHA256

    86d359211c5d08ef7d8495e7a4b9f526e2ad8fc1e735437cde031ce16d4945ec

    SHA512

    a5ec7bde9e2bba469e996d89659467c1264a5e2ad4b687e2e847746574ef9a32927311c78ec0d66e9471f8b4f9320bfbe7889219d8ad784ac47c6a49a11819a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9f9db57b5353b0b0776265c35ab872ec

    SHA1

    aa20d964acda87198163cdfc37c4bbff69b93366

    SHA256

    c72b3e04e5bd11ac6d0ef3982f0b718613e085bcabe1dfcabdf608bd97955371

    SHA512

    ce8e81c145f14a19b5c46f947bb41eb7fdc1989744b0587476bf58723d89c80e08c982b7e46ce2dc251594e1df3e841e8d41943d08931364ea8d4861c9fbbc05

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    074dd84d3b29926cfb3a3415328eba59

    SHA1

    07e832a0d1053ad96461eaf5d6183147f9a32184

    SHA256

    754704a92284397a878649a641a7288b48c104899631f35b601142310692032c

    SHA512

    f980a5404a24d6955a6f10a1236906b3319671a924f537cb91e38aa81bb32bd8277b974ce03ad8509bd83226ac24d57d1c5c6374f53493005ce0dca0123051c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b1b2201c7dba1dd8fc091e7b97ec55cb

    SHA1

    a76cf7d1e609c03110d43ced720d32b7bf60196d

    SHA256

    e1198735755245790cd5af243b9a6a5098b696c3bcee263427d45a33143b2d27

    SHA512

    2538c8fbdddd4e979ff7eac0ba487e4bb834141f4c70794f76ee499c4e028ddb71051956c48a990f81284ff0eddb674e7c7388e08ea00eef2b91116be0c3539c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    6f555ae4f076932e7e97e458c41949c1

    SHA1

    c664e6835b52712453b732334db8172f22771a54

    SHA256

    e72e233d20057e7b8d4ea2d0b495e45e8a15719e48adb2813c846fb6df4e25d3

    SHA512

    38226559c59851e425f1c50dac67131321dbefeb11ff24571fdf5fff2dcbeab616953367084d17570b6bff92f5853ae40f3aa5add4ec57b6025ef4316cca3957

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\grid[1].htm

    Filesize

    114B

    MD5

    e89f75f918dbdcee28604d4e09dd71d7

    SHA1

    f9d9055e9878723a12063b47d4a1a5f58c3eb1e9

    SHA256

    6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023

    SHA512

    8df0ab2e3679b64a6174deff4259ae5680f88e3ae307e0ea2dfff88ec4ba14f3477c9fe3a5aa5da3a8e857601170a5108ed75f6d6975958ac7a314e4a336aed0

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\superfish[1].htm

    Filesize

    122B

    MD5

    00d64a82ba2d055e5facd3a30efac924

    SHA1

    308e275068e3bec5effca608fe9df2008c979650

    SHA256

    aaa3feed097fda6687c7c27860c24980f3ff105b6f326d10c98854145e9afa6b

    SHA512

    1151e227086964ec19c11eb388ace411a56a6e1da96409b2bfdb5313fb5df75223add437a653decf3afdfbd2be2cde421c512f9de423ad74f2ebbaf81119d8fc

  • C:\Users\Admin\AppData\Local\Temp\Cab11ED.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar12DE.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b