Analysis

  • max time kernel
    142s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 06:25

General

  • Target

    a43121192c9a7498c51e1b079f808028_JaffaCakes118.html

  • Size

    112KB

  • MD5

    a43121192c9a7498c51e1b079f808028

  • SHA1

    44c543d3867fbde2eaff06c4c0d2d9274fe50316

  • SHA256

    45d485ec00b4818b28ae7261b4f863d617f78b8bd3e4bdfee9adda3ee142a2e6

  • SHA512

    6fc8af426eff8e8ab42c88065858209f29577a1a61d0bd4410bbc4d5d9dbe2724d88068f409b11fee7dd501e4c5634430b377f80e0a4194c9093f721076ff2bb

  • SSDEEP

    3072:+zOh/SSodbnckaYJNQMcZf+fMZCqA3+vSrNDot1c99k:Vh/SSokYdQ

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a43121192c9a7498c51e1b079f808028_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2188
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2188 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2104

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    cb85f3fcf86ef0de7ef258539cae87de

    SHA1

    c73288fff07885a62f8c7033b348863ed3b8cad1

    SHA256

    7430a96d94b1faa5363b7656b323ffa416fd262e0405e498bb143dc93443963f

    SHA512

    dc152f2e8c8f7e316e84f7a1f3996e02c08d582d6d0e40b8bf7171e359ea952a80b7452e56690b30fe98b4655d4744e8529a930449ef1cd853e377f86294b2d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    724B

    MD5

    ac89a852c2aaa3d389b2d2dd312ad367

    SHA1

    8f421dd6493c61dbda6b839e2debb7b50a20c930

    SHA256

    0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

    SHA512

    c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    9acd70edd90b0e4931d5a13327bda224

    SHA1

    881cabea7c402e5f19c425bf4577f4b108e459b6

    SHA256

    977ade7fe5377a5ac722608ad719546f861fc47ca9208d1ab7897b1b4f53e58b

    SHA512

    e27bb184b0f567c4fe248934118657ee01cfdc538e9db5cf7b4cf6ed66268bcdf92e8051077bcdbefaa6cd22e6a84960a566422f40e5b2d4961d425a8116b0cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    01312dc0393d4a9d98cb757d7900bc29

    SHA1

    5442e1df816bb71c864441d2923dbb499851e9d1

    SHA256

    96ca6d22bcd0a058e4fbf9ab942f09e330c046cbfb69047197d7f1ba9f94e134

    SHA512

    fc981128ed19615b12bcc57a5bc849e55be2ff82bbe293e675b4c03e895fbd53daff3d0b0594541f58386ad1bd9ebd384c540cf12dc26f75bce935780f60dace

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    371d94d8ef553d09d6f771793b55ecb9

    SHA1

    e624905584cb2659598a9812f2a3583b33d216c7

    SHA256

    7a5e5cdab87dcac00de69045c2b53db633241ca869808ad76686f65c4acb767f

    SHA512

    c1a3ac5aa8dade93be556413056705003be31bbeaa49d65102005dca62205f19266226681f00809c562e6a012702a0318457162d9c6cb4b03f3d3eba5e62632a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    98e789eed644c206a89a9cafc296d983

    SHA1

    97e36198c98d02cf210c1aefc798ea64ed7f25e5

    SHA256

    23057a2c1a6d02bee08fefbc0daee03232555deee53a39dd714f475300143650

    SHA512

    2259ca76bdcff1209b836be068e0a17ba38affd5a2e23e000135790a4402202875ce7a7f09307abde8b55cb47000b250b055951362823fe35bfcc6a8a0642a05

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9115d16243df3eaface43d2b9df1a6f7

    SHA1

    4f742fb332a8c10f828373f58c14e0db9a4b0bd1

    SHA256

    7e9ed5d5526b946d32756df37454b1e56d3d8b958480e1fe1f1798b9d729c12d

    SHA512

    f1bb74c7a983e70af9546515ee9a7275e14b0af9003495dd5ad8068e093a44f53d6f8e123d5af18fc21122bf1a39bf112f945c752cca890b768e9da932b4df43

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    20075ebe18ee9f5b4f09ed23c25e63df

    SHA1

    8509681951d0f9a9b1e2b65b7aeeb0f563c2df5c

    SHA256

    6e7a3cadcbfb1c3e10838daf93666bd1045818e5233dd77e3bad7f78fde3816a

    SHA512

    40b53ad9777f5ecad44fc10ca482c9d25210dc81fe194a2179642ea3e3ffb9c7e9d72626ba9e4ef60f2f9b4b9daf2c7b068e32b0c0133a2ffb72684c2ebbf565

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1714c794255530b8863c089207d30eaf

    SHA1

    0cacccaf7b20e8ca9113b2f98076e6faf7cb53c0

    SHA256

    f57bd58ab81037a8f8ec0becea64779b02c4bed3d7f9078904e099c5ae2596bf

    SHA512

    ce919ca05a3447ce8e1fde91c66ec6e2ae029e36886a9b6c2ce1e48820a9f662e30d36a7702a221d26c1d4a0d5e8f4c6385c0055e7012c1018d155de3358fcd4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a979cdcf727066a60695d1a031062f76

    SHA1

    0d345c389658a36d405826edad0364992bbeae27

    SHA256

    8209c8804f8b448860f6936a0f03f2c179022c60c905d9e3c43fbcf4b0afa5bb

    SHA512

    5aa730d19483997204d4825d525b04258ac2fec23041ab29124b8a6bd0eb384980faa479994ca9243c519fbd21f8c9a5dc3c83f68bedfd2f6d17dc1b722a5783

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f242958d5945e5e0ee5beef334fd8642

    SHA1

    a813e8627431f0c0ad43c31843cdbc15afeeaa9d

    SHA256

    48b3820b0f705e7caaef17b21461f8eac8ee485118e870ef1d4eacc123dc4e5e

    SHA512

    84a0cac0aaae5b9d2896030a4b6bb315d674c2fb74df758e7c3fd7ff0a4e7e5d1c5fddc58d7350cc1d3e2cd2961cc274ec6cb58eb8de33d7e1123d43d7a1f3cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9c0bb423dbe8e27cd8d9190a8d2803a3

    SHA1

    9b20fa8e63cb1defca9f33a652fe7fefd2066777

    SHA256

    de6b88ea004e043978c0ee5f98220283ccc1c479185e81501f69b1efc43dc120

    SHA512

    9327adcace4b3d70de21d89c12f3b26139ed25a244a66ef7c11b5d7688f32e878aa6cf6eee16194488c4133eb868399723f4df69f68fc0f37ebc19fab6c66aef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9fd86548ebdc41040e69e383b30e0f7

    SHA1

    4ae8af7ad1f2d5adf364cdd8173897a878151cb3

    SHA256

    f4d3aed066603baac06be9e117542b7d33e020ac6edd7da5807a54ca693db78e

    SHA512

    c57633b167a9cbdc36b72c509318609f06fdc991c8352b3ca02c741edc6e44435b871ed9e72c4d339e4d899d5ba5cf35a6103640cab11d6156084d8b280b674a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b8b08ecbe6863a001ee525ba4a35421c

    SHA1

    df635e4d8144008f9808bede37c2840dbc3e1949

    SHA256

    e92104d79f7c8add0ff17894b325528b0507f64cd8aedc919604720e9e0d35c5

    SHA512

    2f70f59c095b078089549558932d61dd7a4464f855d60180ca7aa52da6f9ba20c2ed9473d56e9edb09d1b4064767ed4d94e363a6a56c217e4f3022885b85fd6d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6269a0b3e64251ee2b2c82db542b6d87

    SHA1

    2e1eee28d229ce01a877c2b5af424bb2d9e253d5

    SHA256

    a6b5f47972a125c59b758f3c3f5451d8bb32c92398f957ff498ac120537d04ad

    SHA512

    6b1cd1d9f54a0f5a6fc2d92a8c83d132aa5723c704a88896b4b0f1f51b7e86b3237cb2201a9fbaa814682f9f47337a5e43352758b4e6be9ba56185466a9c17ef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a896d3793e8b67bf6aff303c4a41c665

    SHA1

    5ad00743cbcd948ebc9e0d5a8e73f50ea7fa1893

    SHA256

    5eed979bae4daf604232e3017a2d5068349dc9423cccee85e6507b321c4376f5

    SHA512

    18bb7f4c470e002fca9c50d90e2b4c8fb3d468ee8d70bd60dabefaf243d239de009f693fd3190ab9c884bc66b3fdd74dc8469278136ce7f498e079e36f607c15

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ac6a743c2f33cb2f8f927ccd6dd8ff73

    SHA1

    994a1eaccc2325846eb056068107b2158270f401

    SHA256

    f59c6938ceb21a5ef1444718961b0b030610b55809b2c8210f9516dd66e36879

    SHA512

    1e1430082ac7b66543e28e480d55ba4a202694a64fe8ab0bd9e05db6b3fda00da068bd53ae061abad9c1f6f87fd3da55d7715ae30ea253184c7caf1fcb4a295d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f230b8cd6df375544a01d829370d6149

    SHA1

    0d92bd15f11ce488ee7b9f7d092918d32dbb085c

    SHA256

    1c12024495fcae2ced3628ee672c35087e426d939fd7225c84ed7f3eb98573a9

    SHA512

    8e45971bb044ff5f35e426c888671832927260b0c612afaf72c681131e7a3aa159526c21dcce03694187b4570fe7adf4ed34396bed59e6b5c605fb70e6182ab8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    40a0681df821a7664cacd025ecf5845e

    SHA1

    33e5ef327f7f88e8558de8e95dba8350d0db266c

    SHA256

    a5dd1a7953fbbf0b5133727eb8508564a895bd5fcd758442f84470c039ae0d59

    SHA512

    5f9d001649068405db62b34e4a606a015f1d103641ca95c7b9dec45e5260d001afca3d7701ee0518bb21ce95024b0f10a15bb23c48ce01e1b3d1e944f3e3c32e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    246915603bac7bda3b7e3e3ffd8f51bc

    SHA1

    1b94edd68ab3625aa9acd1ed7f76f51ae390aece

    SHA256

    5f24af6953555e05ef5babcb39eb43905ac5c59b15df7f4fa8496ba2cc883b42

    SHA512

    2e8894ddf7aebda11f0c99e17333d851cb345b2d7964c8217abec8c2325371851ad2c0a7e4c4fba7aafc36f112d0dc0f62fc49ac780eede53fea95bd114fcc28

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e8e8764678c4cacbabb23589b99994e5

    SHA1

    8ddb7660240de4ea7eadb93c88b05b9ca9237c27

    SHA256

    0d46d9a9801c7c0b3d55989fef82486abe5e02d3c239da8235e4aaaf5c789b41

    SHA512

    29cc16ca16761f4a57311cb014677cf8ed85de311a370396cdd39dc0da1a930e10ac8b952bb5f256380294946a4b6a91a38696eab979bc220b6238974303b622

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    95942a924a2dc76c1b98f470a9c116e0

    SHA1

    d65419445ac5afa6d493b0276031b1ba81d22f09

    SHA256

    dcd66b6e86d786bc46135898cc1c8ea57df93ef6debe8771f602dee96462d8f1

    SHA512

    ecd3e7fc699091a6fbc136fa9fa99736cdcd4490a6827b86c7b381636ef282615179ea6fe3a87762bcbc269d6f35c72b274608f68953e189f08f7198779c36de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f98f9615be2a771903c6ee5b304b0b26

    SHA1

    3928f2b3e51190c702a74eaf556da80ad2304591

    SHA256

    0be03bf8d14580ef720ebec3c46ac33db26e5b73230d755253894a27baa780ee

    SHA512

    4c5edc08a8411d84f80114a694e94df0660553d2e81370175096a8624194d283df9b5912d6ba4eb1ccfa14b68ad86378d6d6c36b32e4593e495d3c9a3b07202b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    392B

    MD5

    0e28a971ced07086daea092c6f479b8a

    SHA1

    8bc0d0c3eec7311f3893b3cfb50e87fa037687d9

    SHA256

    111c848f84e06333f28264b27533647fbee3d8844355bc852e7ae9b47c6a12b8

    SHA512

    ef6ab0e908308a8d1a07302021ecf243bd690dbc6d1e0dcbb04a1ca4f7ab846739ae97f3426daff2f45efc29f8147c529155596ed6d0ccede118ab6330b041a5

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8DU897P\plusone[2].js

    Filesize

    54KB

    MD5

    53e032294d7b74dc7c3e47b03a045d1a

    SHA1

    f462da8a8f40b78d570a665668ba8d1a834960c2

    SHA256

    8076b082eadf0cab4a8823dbd7628a0b44f174c17b3221221c0e31e7c60307a2

    SHA512

    fe263fe86aea2ba1b86d86305650cdeee45cd1f7b4339f9d4fb81db776b78abedccd0ae77262f45d579751daa26f81385354b3d126fdb5577036e9dd1db33276

  • C:\Users\Admin\AppData\Local\Temp\Cab5312.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar5315.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b