Analysis

  • max time kernel
    137s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 06:25

General

  • Target

    a43155bcffbca2ff59b6b0ca9deea153_JaffaCakes118.html

  • Size

    456KB

  • MD5

    a43155bcffbca2ff59b6b0ca9deea153

  • SHA1

    e25d49f6616457862b9ec687e9adb867873eba9f

  • SHA256

    396586d1a7939e059957cc64116f0570f32c0a247afd56725de89f89d12845cf

  • SHA512

    ff6bd00a8de9faa5d51260e8bd315faf4f0aa192006ed4f3fc0afbcbe5e74cdabab90e5c961a7b9f115dd7371a38f81dbe309f753f893265ba97974988aca511

  • SSDEEP

    6144:EIsMYod+X3oI+YWsMYod+X3oI+YQsMYod+X3oI+YFsMYod+X3oI+YQ:H5d+X3y5d+X3k5d+X3j5d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a43155bcffbca2ff59b6b0ca9deea153_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1932
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1932 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2712

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    b29d404e5b2478e8511cc247c71602e2

    SHA1

    1944fa18973db0424c6686170615f9bf72c875e3

    SHA256

    c363ec2ec9b6f016b6e27dae4c23b33b37c7fe5e74a3e6c5c4675de774996e98

    SHA512

    6c8fcd16d0006930cfa71a88cbf05aee1f4671b86e3dcf0d55cc8616fcb8f7e24cfeb50a9976b3247383fc96d0ff684e7c09062205bea252305b09693094104a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    acb78cc190926e97b7507bf9fddbeadb

    SHA1

    3957af4a07fb5b06bba892b741fdda598f0e1859

    SHA256

    f775dfa56d2bb4b786f677cf7adeb1b4fa5545ddffe19b58f56c223b247366c7

    SHA512

    5e7ed41dc30781aa9469f0817ef8b6157225f8985bb3e79d0d3c4fcb5a5373608f83990a50ede21e424afd08602406c8b9a4e29e83bfd1d2f3875a8d22dfffbc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dbe9046c5c2e16c4011f8f696a1685ac

    SHA1

    5c16ae8acbaed103145e2f47f512aaf6c629e78c

    SHA256

    15eaf187a046d5136123bdc95a2dddf3db22a1f27c496e765911acd7205fd846

    SHA512

    da9d9e96285b3f300c430b3a2061e1f47fedaa0a7e6c5a12a00d68de49b6f2ef5dc433965e82cd2543c34ae57dd3149b5af92e30c5a379818113f6d211b9436d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    995b9eede7f44750e2e690bbb50a16c9

    SHA1

    cdddaa56fe70829760c76618c99a66a7741b27ea

    SHA256

    eb48a1ebee4dcdf7d67767fb90958c85b430f1d7fd99a3213b4fd1268ead8025

    SHA512

    bcb1862ae08646b30c1fd449d8a41efa334183589e2ef0cca9ad6815eec6021366b6c9aa8dec6be74020671f9c38bad498d5bb1eba8dcbfa26c91ec0382270d5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    939c1d4a110cab5730eedc5f2920f900

    SHA1

    169eb11057f42242e6053ab417fb9766b5c8d850

    SHA256

    e4233f837d8e949a4fc55db5089c38f117c957c7b95b8b2f2a0a21974a2416ad

    SHA512

    45699a4cd52502c76a1e03eabe2632d3bab9624924189dc332242b2b36f25c1b9a580fe88487a562c5e7d272b8ca365672b897639184ec50b830ce32eea8ec2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b330379ceab926c134631aca9d4a0162

    SHA1

    7645bf4fac818fb13d4b7815129ab385859e1684

    SHA256

    93005ab8c1ae6270f924a285a466445a40fe106312958421d4e1fb374c0aee0f

    SHA512

    2e1656fc6e70c9fcaa7589b374d5dcd94dd28cbed22622929e42e09f5f3d74c82e490e74c39915018345cdccc196bc82f86db9095f9d9c647042cae79850a3f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c51c204e4a1ea3054d1c3145b64aeea3

    SHA1

    76174889fc7e6e1107d7c7562d90525a8fe42da3

    SHA256

    02b6fd84482976f20b75afaf9fc8aeb5e2ebcba1be92dcd29242b57e94625c03

    SHA512

    02828e45051b6a64f6eb4222c08b7ac43962f35520613538a7ed6da4fac913d3e181ec6b1d0a42a9ab8b92be05e0a7720e352668fd51dccfc1a3311713e81aff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f677aeda7ec2030c3d326a3e9b92890f

    SHA1

    dcae373844b7fd9e8077b126ba75f307ea5f056b

    SHA256

    1670a9daed561094a7777cc26efd48ae92d51841e255b73acf1db8a4b259608c

    SHA512

    95b7fff6bd1ba72f877e11e59fcd06b2f48270d670d9ca3457dfcdef109290bd2ddcf2279095e47dead4fc7517a2e3c3f16948fe12e48b451e02be00b2222e7c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    14acbcfc2f4db34cd11e88e669f64aae

    SHA1

    c2a14a4158edd2b1573f82d753489e25acd8211c

    SHA256

    82770f2c125dad0fd527760901d4054b8b5113eacca923624e5a6a50c319e742

    SHA512

    25952c4aaf99015eb9bf71f2e1320ee363b24c14516550982fadee88981178cbbd06bf777809a52c342235dd3c4107fc0614033fa901b51bb542a73d55513cde

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5ff95e356e17fe06c14e884a1e9e0d7f

    SHA1

    f813ac5fa13cc4134718ec3d6b3afb1f0b16905e

    SHA256

    be53f861aa64f3db1c3f2606de74e0491fa691a14beaf47f1f70ae9ea48a3bdf

    SHA512

    aeb8c03d5ac8f38c62a7df3d51c32e2449079ea30c4197abd19093fd4856cf46526f61038826a1ab926a27fc4cd0b87fc7aa1022d2e25d0e3271ce906fa3d950

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    39e5cee4867faf7491e97d1dc6908d14

    SHA1

    f32ff5e84083079e33c852b16baa99cf19c330b4

    SHA256

    db540ea0acec7df7e24ff44b8db633ebc0083b066aaddd3d9497d06a902ee151

    SHA512

    8e0a40cbc6a3fead8e724c2ad82984a6c2bda1a7b3cecff4e691656617c9939208089b6a883d14cc1abd901e90aa5aac0a8e11ab440e3978753d2d2724123468

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2e872b7faee7dfe1630e5ddde3756da7

    SHA1

    f44ec548d3cd06bc605f892765235fc3995b9300

    SHA256

    5290b086ff28d9609947dc78e66191061164e88aaf57fa079a24445060687838

    SHA512

    28301e63421517fa2f566dcceec516ebfab1838fbba5456b71dcd4df470702c3a77dcb56ebe7b1d935c6087a2e24cc40c93292f90e65d6992a3ee73ffc214ee1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4ebca515c3c746c4d2966ea32d93b1f0

    SHA1

    99766900ba0cb8761f171aa5432ddf17e7a48eee

    SHA256

    bf2e5d9ba95dcca42643fb365493c0d7d59bf0ecab238c0c3467cfa1374228b4

    SHA512

    e93670bf13433f52bb56eaf0054a5289544f61f729bfe187bb1909e256437ef32cd851c27e383fd4558c81219516914e2a8c5be304bf12988f7879cbfdf62781

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    64f7a3d732b34b5d0b3c7c8a181bb67e

    SHA1

    caf29686c30f9ad3156fef198486dc148dbce274

    SHA256

    0f1fb4eab4105501def69b23777715ce8e04295cdce61e731c4a985c00a37887

    SHA512

    f82c1e5095e409cd56a4dcda9c7bcc20c9a422bc32311692bda72d6e7c389297b0a02837a3d37be7fb9cddbfdedb833ab3ad76f31d829ccb94e8c4f0f2d250ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3fdc1d306825cdf1fd6d31330f349878

    SHA1

    4303f98c24c2f910e151ec35bb8747ae2d7cd61a

    SHA256

    b48212e222ad3e6631bd4d31cccc3c4b916248459a7b19cc50f31c85e9ce6478

    SHA512

    95cf54d4ab717485a736631b197983d693c1824631d7b602dd67d44937a64fa2278be35302332398e7a0dc3119a369bf945f27ababa2595f7389dbd7fe11845f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9c8eec77c46f278dfe97c13db6e75754

    SHA1

    4bf70fc7b060282158baca8914393e80d31ea256

    SHA256

    ce26c5c7d98134f8ba66961727fefba540996430e7748ab2423a722c48fa4bd8

    SHA512

    e78c713cf4dde00d0e23ad803de43f6ac443d11d606889e867f78cca1c3d1f51427e337575f99a35def28553ae2577aa20f01df15bcd21a958dea9a7927b3740

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d8c98680fa83088930d9fba6c0b9df17

    SHA1

    e78c91c24a1ed7726d73196412b452227802f3c4

    SHA256

    774b5cefcc4dda010d1f2b23955901edb18e5187f93a3f5e8f53b74e347622d3

    SHA512

    25eb0ec19215a65b73562cb266dcaeeefe93f39dbfd2cf37f1d70db515ac1f11ae329b6d855aec7adc488f5f22528135a62830fde3d33d72741673263dcd4d3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1b7858e2a8f7f2a53960f2a9fdd22821

    SHA1

    754fd34c648cdaa7742f60f5189a2a080e4a2964

    SHA256

    33a1b2bc3c553b5f68b3aec74402f52851830e5f8be38716f7c1d9c3e7217d21

    SHA512

    d3ba667be80e14f6eb9e3c8f510960c7d0b3372dbbb468605fe7d8c0c609cab4f6774502d0810a436265c7136d86e188d50248712ec153c77ed7150fc0ef0451

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d4a09e80594c6a4deb06f45fbede006

    SHA1

    e5a4b39fbc73bfda7af9427abf2051b4e31fe676

    SHA256

    e51a0cda0e345d1457491b1ba0d8966ad92160a4fdf76ec03339f0c01101e79f

    SHA512

    8cef75ac732bf6def8bf8bbdb82c062681d501c48a8487f8ac58960a4149bce06f69bd81777a3d40f7e6af60db49acea689e90c2b5bdae1c47f3623e2eebdfcc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    740ff63e45753dfb07f017ea7ab70489

    SHA1

    1f5af63655a894a96eee337915f7dea7d0a19d4e

    SHA256

    befc4bfb0f104872a2603d417634a4e130804c30d2ec4927cd29b8306e2e5fa8

    SHA512

    79a74af24da4bdc541d89aa97321aaf9912d49715fa9e5fb65f9fc03c077d2db7dcd25642c6e2ee9d7fc2ae4ce3e53b1c0187d8913777900d6a84514a7e4ad5e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Cab1008.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1164.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b