Analysis

  • max time kernel
    143s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 06:18

General

  • Target

    a42ab7185a7f18a436fd06a9d359e09c_JaffaCakes118.html

  • Size

    56KB

  • MD5

    a42ab7185a7f18a436fd06a9d359e09c

  • SHA1

    5417a1260110778038451d0ae0c26e948922db80

  • SHA256

    b403fe61447e911aa18b646ec5c79a204eea99abbbb4c8f2d3afaacc1fc16858

  • SHA512

    cbe03bd73a29f0a5b8f724067ccaa0f556869f180b35f6536f24cf9410d2dca2c9d2d403d96cdc3dc389952815671a56ad3b8b857b37c284b60dbfa646ccc310

  • SSDEEP

    1536:TpX+T5xWM5JeIiwtOuLTC8fPQ0pjQ2N3M6w2ky2:wzTC8fPQ0pjQ2N3M6w2ky2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a42ab7185a7f18a436fd06a9d359e09c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2180
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2180 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3036

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    2cb6225230f2d8ce42739904fd130ee8

    SHA1

    887d3ec4dc24c767cf1188f3156bb94d2ebf37eb

    SHA256

    65fd4f429bcd3c9a8f88d72619ee119743239e37d7221dbaed7e25e706e484f4

    SHA512

    221949571ba8416f5145589768030545cc1858f4488cc8d93ce1e1783c056e2550275cb2ce743344a9f1fb5073e1db1f0b5fd230d54f3033e654e8f5ea6f819f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    81e24b6923f7195065877131355672f4

    SHA1

    2704165a5e04ba9cb03339d4792a1e06f0b977e0

    SHA256

    71ad43d88cd095247d14b6c62e8ab45592172afbb4361bb3cab34652dde2ea55

    SHA512

    8a9a77381ab726f615901048729246e6d879530ee4023e4e5c246dd54b1cd1e9e7c792e7816dd97051ff3079ba70978fe50f58ccb004c38346b5e7431a5a32fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2861ed3fc4a67c53ef7cce8df5756809

    SHA1

    d843de4b34d000c5ecf803bbe105abbe5cb97296

    SHA256

    d0955a7ff063a1dd9f2039d2b970944ac5b53305d898b3871db39e6380d44577

    SHA512

    ec7766c20fadead0771e7058d0bd768f8f75cde940d151eef64d76378effa51d8026286bbee2bd24ae327b92a553ea1df1a10147d28fa94e8db3698a2fe7a250

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d28d00bdc39dcca58a4e2ce373ce437

    SHA1

    45eccb98840d6a7d0c951c7b2aac4b0233e7ca7d

    SHA256

    86b8a22ae0ec64c2a6ab67ca6d49b26285a6e7b1496f2db5c7b2def851056891

    SHA512

    5ed6ae310e791ce9af8ee5dd9b9d08c1ee0676fcbd0adeaa0e9d712a613c2e02aa61dcc648c96a0a0f1c4321846714e9a6400240f174d0b75b65f87805e5dfc2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b832805bf6c67d506bd3b918fdcd5de0

    SHA1

    9459b04693e0d54acc2c65768dc6f3c550f3d9b5

    SHA256

    6a471cd2e2557d15194703cf9bbbce41791ee46746bba0223bb50926f98ee920

    SHA512

    e3c3a412aa418bbcb3c7cc13a122059b65c453512c29df3b8d23aa9fa27b5bf612d650e810d91bdaf51bf951c779ff165d66346a7d6ec5b7b163fe95e0cbe982

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    78eb1c37d2e4b34e526607c41cf41cb4

    SHA1

    ba4b15d2d0e9d57b9ee8619e3ff88ad270a092f9

    SHA256

    cd1c63df010da5c2fdb2a8800eb7084d0035fc3c182935f2ace1382b38315c5e

    SHA512

    d91943edc567164bc650106f80177399f2ac114a0887cb848237a1e38723a9a1955a80b2310de8992e76546a9dfad8999c5c957b80c3adee93ef8d686f154d07

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    df2208267521c4dd0c303d662fea1498

    SHA1

    b1c0b5045c38d7dfbbce6aa873056ba522711f72

    SHA256

    89fa025149f1a13ee27033e3456204073b1809ee78cd58d21a03642435f84875

    SHA512

    5af10b2e8e89da8481300578cdae71e82109730369de61901b58540d141d69f15d874efbf62dad77f2879ff6e09867f41f713ddb118226f694cac35ebba31bec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    14e8763435ce213a263ae37dd5f40312

    SHA1

    356fd10b8f765d368fc63ff07c4053b2c48545dd

    SHA256

    7810c97fcf8a83c2c8ab899265a57296d6086eca92b781149124a3c5df424a49

    SHA512

    f5b958192bbeafded8d4d0d151cb7622c50cd1bde14e19481a5e01a9f97e156f5942b223ae9a19d43ed1b858779f8c00b14619d3a528be07987bd2a4d183ad65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bce5138d218a03342d9cd31f2dcd1589

    SHA1

    c404144245e8761cba386881d548c0739b03fff7

    SHA256

    91d32288deb34229460953fb3d1b15700fc2d389e02d2ca017c72f00bd662e96

    SHA512

    c5d6459c1afd9dc45d1e9a9d436eca89cde8686166f1a9f535f422a23e10c982e08b2a47049f14f162eaf74ea4367b0e3d3f0f569f888fd88e186bb0aa7cc72b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    713ac4e6c073f0d2fc1e7b3bb423c114

    SHA1

    16985c068766c5f450e0f8e0c243d6e180a5ed1c

    SHA256

    602ea3a700c227183fe0b81068af09592a7ad60d0c037004b2ff4df6f398a952

    SHA512

    4294964855938fecaabba4a9b4dd18d253cb3ddd8dcb7e6282b2f9a9c1c3ad8d9ddc656ffe639b524f0930e84fd9961c47509037b188e0a87adaad3b8b014332

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3ca1ac25394bac491dc40742de242cf8

    SHA1

    7f94d83cb7a3513b0bdc11a2fd1f985d69867581

    SHA256

    e8979f32db3f2f39dcd47ddc74d1f372d8a5d6d01a61c6aaae2e0350157de374

    SHA512

    8ccd00f5c0e6d56abab933153412220d9b90a006f77e6647d71e8273e12cf74f340427dc51b7898814d57025e84835546fadcbb1643b516bd450ebf92878c07d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    908f4dcd420ceeea41ab3303e05be056

    SHA1

    682e80b9d007cffca2afb56248e021a40de6a909

    SHA256

    824141bce2839b349f10d1e92323fde6fbd9e574992f44c5a4df4ddb41a5d4cc

    SHA512

    704f48ebb2c673059eb73eddff3d8a481051e978de91dc596d137f71d05d5f23f0e65665f3a5d33bf2678da661629b13ed49616fe460a1b6315b30ec3b93c4d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    18a7d791b47ed5427110b5b721af43c9

    SHA1

    13ea4dc705bab0292d0fb8520ce2f7b43d43d6f3

    SHA256

    67f2af043a53f9ef1a8e10cc2525cb02dfa42337b1ec7d940502a6b26821bf81

    SHA512

    9d66f07c7033f0b74be6f8e107d31173845bfaa9906af3892a7456c5f756c39dba62dc58578ee45d1be390e1fbf5fc5e820ab4f6ea777ffb786a817775ee083d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f73e6dbf53ca3f7130b0a15c6502fd3b

    SHA1

    aefd9a41cae1ced0601098e4ed31c6c54bfee95c

    SHA256

    039cfcda4020efbe4aa8ceb98cb09ebe24dec62b74ec330a186331abcbda7bae

    SHA512

    6d441fb85b176f10dc738975811e03ce7b4f5d2bfb2f8e53c3dae7febb88862408b92a16e7da60411e7cb62944a4a80b8479a6cf6f1c711371e0195851dfbe7a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    64fcaccdeb715cb3f9a8b90a8de30508

    SHA1

    c69bfcdfc76cbc3ef3add50c510a1efafd1eeb23

    SHA256

    85106e09b0c506a72b9dc933698673450f6aca09bfd21d4461dc775f2c14e638

    SHA512

    6db1880879f4adfb7f34e3c6f1f9ea7f02637973ed9251e32f899a4cd51e88df833f0e72ef63173604e989eda5db1847c176b7bedfbba7d72087cb2252d742f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4932829096ecac4b3a350a96deeac03d

    SHA1

    2b07c71370abac2129496a7c25ba2aa4fa44f954

    SHA256

    2c86befcbbcc8569c92b0a2be13082c1530a7ce860b087bf4439093445e0403f

    SHA512

    adc8f33d9e8b8e7c08d1cbdf8a6cfdf19f13cd1672832974922611c8807e8089d54fb70e1341069a079d8fc63fc8746e0dba03513bf33b22311b7c0ac1932451

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dafc743039ac7ed6ecd1375f90333fbb

    SHA1

    3dcac584cae51e5dde9424ef424239a6e1d5801b

    SHA256

    99534ec9d5484d9f7129e8d78f87fbc4d0762caff90f6c9cff008d90bed19668

    SHA512

    3d5cfb3daf2bb0dd58416fb8a208f6149d8781265a9ef47e10580e4ff13cf136f5f032d4fb6111b7476340a15821617630c085056b804899ced2b4877625a43f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ba45362308738631c074f95178ac87b

    SHA1

    51db95b0663870592588eda265255502948984b4

    SHA256

    edfbb1bd385810e40231d399a7871cc77552ecb378ee5e264d5a4eec207c1e21

    SHA512

    146f69c441d0521ce4bff6fddf08dce4ded9fc35b82e93b8362c17cad0da4d818fc6e22db6522cea0752c0edcd4fefc510eb8cc2f9398661ec0d5fc19cee230d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    17bcec68a1a5b610cb081018c6bbc946

    SHA1

    cdca4e14c8f3af3d01a6064c6d51cee4b6570f70

    SHA256

    370b7fb00586593fd569cb0e719eafdf7798f56b448d1a6577ee5c0b3e1fd597

    SHA512

    618dd9cdab8e07f48e3440cbb21f9e97086b482d328e10931a8d2865a13153c5d29520a97b6bc59b9f5453b814a0efa0d5cfcd352285309b59f22b30a2de4c6e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b48335d0ba0194b73d099466b8efa832

    SHA1

    d55f08070fbbd049df6d663ba5eee20ab029b26b

    SHA256

    789161dacfc6f1306e6e0564848d9aa77bcd21a339bb595b94801df2950a6475

    SHA512

    fe25ad5d4c5e1997327da2746da67861a1ee99b7a5098095791ad1236185afbd597fdf25344ceaa8d7604bdf927b301cd99cb80eabad112abbe2695ac15a1150

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5bcefd3a69b80d3c7f4eedc8b1d7ce39

    SHA1

    ef9a6d89dec86a313e971606af04fd15535faa93

    SHA256

    091ca3314cb4b1efed388c87ecdf11e771b8eea67eb89a2a6b72b110e5bd1ee5

    SHA512

    fa0f4926c0bc10b27b89e8118266e28d3ae5f808943b31f763a862c9f3c3c5ac0a085b6a53452507449ef05321be9a6cb968ab6da2b563cf511a07423e7a037d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    759db61974c3cfd40c87190b2cefb857

    SHA1

    ba6e4e9601d51097120c19c5c2287a2407575289

    SHA256

    768944bbb6a8ff0dbbb68e825079097167465c6b1ceab0d3694b0cfeb1de4a56

    SHA512

    44754ad22bc84a886a02e3ddb22b7ae8fe089822c77b4bce9641bf39c4009351ae3075883c2db16627f8b8f511181c6bffd5ca74cfb0975397e52f5149d21f0a

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ADCJI8Z\ie-fix[1].htm

    Filesize

    795B

    MD5

    5d8d79c3cb9af023240b1be6f5057aaa

    SHA1

    df22980677b134e83d878893f7c7984e0d78a240

    SHA256

    e8b101a7c7f64aad528cc734513cbeb02243c0af37930dc0f3239749cff184b6

    SHA512

    66f432b622cee0bcc06cbc0f833de1471ea36c295b4cd93eb848d97e69c2252acd2fc8972db51ea35475a424f4d6cb5001325525fb04f71b8704eb24de1c4008

  • C:\Users\Admin\AppData\Local\Temp\Cab7486.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar7488.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar7569.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b