Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 07:33

General

  • Target

    a471aaf20f02668d0f9d4b276c3fbc23_JaffaCakes118.html

  • Size

    36KB

  • MD5

    a471aaf20f02668d0f9d4b276c3fbc23

  • SHA1

    5ea9f6ed957865bfbe4a8f9b1d9b847a0a1868fd

  • SHA256

    444dc2931b915956402c6106ef7d93ee2456cf595c1587d11ead96949acb01ec

  • SHA512

    eb0d34de3d5334b9991b901e23d524c33f7204204de86e78e6185bf0054e49266b743a74a8277986cba37d8caae2a905410c87a94b0b80da3c00272ce35275e4

  • SSDEEP

    768:zwx/MDTH8G88hARfZPXqE1XnXrFLxNLlDNoPqkPTHlnkM3Gr6Tsdi6f9U56lLRcz:Q/7bJxNVpufS6/s8IK

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a471aaf20f02668d0f9d4b276c3fbc23_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1640
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1640 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2936

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    cb85f3fcf86ef0de7ef258539cae87de

    SHA1

    c73288fff07885a62f8c7033b348863ed3b8cad1

    SHA256

    7430a96d94b1faa5363b7656b323ffa416fd262e0405e498bb143dc93443963f

    SHA512

    dc152f2e8c8f7e316e84f7a1f3996e02c08d582d6d0e40b8bf7171e359ea952a80b7452e56690b30fe98b4655d4744e8529a930449ef1cd853e377f86294b2d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464

    Filesize

    724B

    MD5

    8202a1cd02e7d69597995cabbe881a12

    SHA1

    8858d9d934b7aa9330ee73de6c476acf19929ff6

    SHA256

    58f381c3a0a0ace6321da22e40bd44a597bd98b9c9390ab9258426b5cf75a7a5

    SHA512

    97ba9fceab995d4bef706f8deef99e06862999734ebe6a05832c710104479c6337cbf0a76e1c1e0f91566a61334dc100d837dfd049e20da765fe49def684f9c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    16c4c14c5986a51f8600e100c2967770

    SHA1

    8429f3464afcecdbc37b9c12d0b3eb6a817df626

    SHA256

    9afd1611737543e352fd0859deb561e27c58f0955f9b1f5b86f7621928bc1740

    SHA512

    7f2f9ae6fac6fcd8cd2e06b29e3e0cba014510661d2c81e528068e358e205464e615a83f8b458879d77fff6e48ef4056428ff70e2fca1f55151fc48a863fc263

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bc92e8000c4684d5a9213c1baf706328

    SHA1

    7738f6dcd4de863d70ad355ee29536d765eeb4bd

    SHA256

    d547d17f88743dabb964a6a53a4a7ea173c7d28a317a953f36633e9ce0e3ee36

    SHA512

    3ab23057fe0863b34d7c088d5ee9e1a0ea8d6671d7b1638c03d53724c62ac71dc03860a5fc963315f02344dcca8ec361fd81d4b5c496f24bc96ae14da04b6bc4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e50e207d88c5dfec8df556b44cb04871

    SHA1

    934c0bd4c607ded6d552ca00a87a282fe6ee191b

    SHA256

    825986c9665ba4516ae88e20daef6f36380f734def6372b3aed5154ff8d6b714

    SHA512

    33385e40297cdf24da0bbba3c6e519de818bafbb9dc0cac8411afbff0f9f1c393e79b5b0cf0f95259a15a1c02e79cc65b69584b3a6ef4976d82d1bda8ce5a3ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    303c236baa30b65cbfda6dc6e2f63150

    SHA1

    8fc0e78fe6b75456760a01965ee94a009235fa09

    SHA256

    5cb4005a0427f9149811c8e518b3cc583b507f1389556f1a3d8735f8f4fb6f6d

    SHA512

    104dcde017e8e1388d5a4d4353bf9604c7c3ddd81467049e2bbda37e4103dd04067d9f169684fd40861032024fcd2d28748c592bb143bcb0a66e7b573895fb24

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    505fa8b5edf8a821a5193a0a7d6a7a7c

    SHA1

    73248d1a0d3d29d74aa3d2a8555cd0a543c35550

    SHA256

    0cd52216c0e09ce780dfc894098ce5c73fd9abd99343a6d81de45a9283a892fd

    SHA512

    2767e7b175364a57f7b3c420920eb4396030b1cf55f9b2ceed8eafd733d0289025fdd0807151576a231773183a3cbc15b5d2dc1362dc1fdd1cf803525aaae373

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36c3fefc9ff6a7d72980ef1cd9ecbbc5

    SHA1

    ca7ceb3df9caac9f26c9e67b69cced4badd9a57f

    SHA256

    8ac288207be65e26af41571106dbcab862ca8f9ab834a3b5c156ed93a2fcb85e

    SHA512

    ca24472aadd94347ac62886e49a09c6e94d271e38ff49123305e5ad3fe442905c4430eb92cb7141624c0b6746658bd8496e958f82b1463341f4ce0b6df92ea73

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    58f483ab945dd0b0920588e171687ca8

    SHA1

    e5ab5cf9a943b5d710cb6404f59537e4b8bc7cd5

    SHA256

    d79841726208a5232e8cf7773e05867bc482f1b4452b9c09ead51ee175c02e1b

    SHA512

    24a1f4d4906c1804f96acede5f84a3ade1d0aee4c80b4878c76a4bd10ef020875c9957def28f5da3b9202441af85273dad47d526056e7484669674de037f1d91

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bc6645a3928c076f742ff578c074681f

    SHA1

    46ce7a3d9d763af87eb790948356bff4dfcc83c9

    SHA256

    373f07ad5c57cbbd5a89a4cbe7b7a41dd017e75a3b805dfedc74997725499f92

    SHA512

    f05d2aa7dcbf7e5590e21cfc87aa0c853a606f2ba80ec9556b3384a1d50304622f493d2834b63449aeb3bf862f032dd942b94dd471eaa2f30efa096f38e00786

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    647e96dbe7d767ad1010adf285b22893

    SHA1

    07a3732196c313372e40e80be7ad0c218077e569

    SHA256

    b0b590bc03f34b73a0cd1d73cb849de7851e498f9e62fbc130be3a4c3799612b

    SHA512

    ffffe2174e89140378f279101c7c8a17bcc4bfd2c41b25cb238a90d5cb51def45f3cdcc11962792539e582a33f964b23078711d67bdddc08757ada03d6b6dfce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2fc0e2e0d74cb0723b8973db828ebe9c

    SHA1

    acd1a26f1dc9b6fd6d16b334261299995824e144

    SHA256

    ad5e8d0c18bc630cda282463d973f1eda6af37d6b79ceb21640c1c19e5971a58

    SHA512

    6e51623d392e75e9db980b2b5314c03b0cf248ffa9a8f5bc0d29790e551abda1a99b4ccadc2828e50f9b0aeae9046dda3ceefb72e2285ef86eedd139618bd39b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    89c5e6f21eb8daef0f03c256d5101a95

    SHA1

    57cb9e443402a24f0ef715923745af590a7f660a

    SHA256

    c3a558f6d29f8ed30e6709b7cf2873cc1213ef021085af0bb50def495ff64845

    SHA512

    e720f489534a779d67e5b016986472c2db3abf3c61dd3f63b3868310d57106dcd0b428a811fa757085232f21f87fc33d9b07b511afd5bca870c59fd1a1a6b4c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eebc0258af52d3dc274d93e66479fb18

    SHA1

    5bb26b8165526f9a65456271adff79e6aaf38896

    SHA256

    2b8b3d28baa86f547c92216ae6efc21f04acf8a2819c676d44b564f3173e0a7f

    SHA512

    b6f7118989a0886e29dc33f6406e2594050dd353e34324ff8dd53c41b35006512ac79a676210492e225e309d319c17b38d2306f871cc75717750f8112c6b1160

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a7f62702cb72f52c73de820105732f2

    SHA1

    f2c4e344e739f9cc764a4cc2beee099d8c855fa5

    SHA256

    b0bf40d7a74ba0894c00dd64e6d8c5cbb68d95a6fd7d4287a08ecb06e4360dd1

    SHA512

    546890c5be60e2fae0a43afdba153b5a544654ee20851f4789eb9e1ca2aaa3bf954055257b42dca9de920418593dc892bf9d764ce8217ee7d845a3dcbede6bd4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2e996815168dcb5ad07620aa64cd69e9

    SHA1

    9bd462631e4fe483fd0654e689ee42dad0da76b9

    SHA256

    bbc1290f64a8d092610836ba18e8cf769cf21c22851b99acd0402ac63a68d9e7

    SHA512

    b9fdad6c0a9476d3130bfbff4f187323c049de999bf5cb738c28cbe56071e66b6958d0d896131b6aa41ef15c1fc3ccf9e18948bed285b9bc2145b0c2294349dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    32b41ac5077500e40a9f768543335fac

    SHA1

    4f393ca7406d680702c32bf73dd05c12e04ec02c

    SHA256

    5b11bc1c301ae08d44ef0f5df32b44ca0719075a14768c872449a3b9d9e195a3

    SHA512

    ae528522edf5964598eba050acedf5ea64dc825256cf82fe28ee15c24bdf0805e59da9b55d0f90853fed6f9cead6239ed2deaa5e24c0a1f4617a9a49ef983224

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eae5df1db5dfb9713fd74228b34514c1

    SHA1

    1fc296e8bc0630c310e610a34fcb5b17d05fbad7

    SHA256

    0ee10bc9e0bf05ba87d51f26c684d8c411c6157b0ac5d5d8674b5b343ffe7059

    SHA512

    0d994de3c7f8f37f4f02d21a2581b912c71be402355ba2fc64e90885418e3c441b4a722725eb1dd404909c32ff75248977cbc2c6c6330d20ed49a7eceefd5294

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    79c0dec3ae03811587017ff0f4bcb4a3

    SHA1

    417ba19d2ecbdbb062cbd42624a5fc607d03f03c

    SHA256

    5e77ae915f7a165f3e24d8d70f8741b6ef6f225d2eb9773a0c0b3ce9306ac5b6

    SHA512

    634cfc3042712740ef8302ed80a285391ab97d1d8d2ca2cd9b9afef917370fbb3e1388b53e1fa1b00e60c74c89a961d0e573c74092fbe123efd263bbe0107c42

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    efce0c2e9d53b0ee81e54c2eb80c9308

    SHA1

    8ddea6b98a42aa126f63f9610a62eefb22efd4d3

    SHA256

    e5ad5d069857d590dbb814124e6192d40330dd584415cbf29a940fa74576e767

    SHA512

    e4086adb9072d94a93011591c0f2c67492e58c7f190eaf846841e120db50e7a19cac5c851ce7a025690d324a864a37e8b6d38279dd967d5333ef29180ae38520

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a8b0f0da3411bfd3a1d9f8ae7f78ba5d

    SHA1

    b7fc6e0fd5dd0cc1e7ddd9bc36017e5cb196fb83

    SHA256

    4f3d8b52dadee8a5e9cd493259124d65bbbcc04c3d1144b1c294e14460caac1b

    SHA512

    b7011817aeacf719500bb2b2fe880e0ca91b1d6d9772cec86b255c113e8ed0a496a94332c31e546fa914c533cc2a029601e9b7250c3ead52b1729767593cceb2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7b2036924e30f04f0bf3c93345799236

    SHA1

    2159a41f1a0c98b7964a28dea70e173243b36812

    SHA256

    bd1898e7e645aed384a10804ce0abd3caa8c7095514ce4c69167a19d46326630

    SHA512

    6e05ea9f50870315b44ee7ca74d50c64241cc20144aa0447139e5365cbe2f6ae21fb2c60b1f7cc4d41f7ebc3fff61a9746a8be0af18c5c8823e64d4e9db87595

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e5db40a07b19a20d242ecabf50bd28a5

    SHA1

    76cd483950e8e8fcf79f64f692b0b9d4a4cc8546

    SHA256

    11e3574ecc289c6f0dd894f2c5e8001b78a4817d0d824d5c917adf74cc734a38

    SHA512

    151fca6078bafde20fd4438a79bb16fc2775c067aabb419042f813e1d825e04c016b1aff04fb639af86e81d431adf18f4bb83289bdb2002c981c3f2783054e5e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    53d911c50dbfd4057ac0f58c0d9b00da

    SHA1

    0889c344232d0007f4b5eea8a8e015b5f3d62989

    SHA256

    15f7890f879f3836424e2958e3be7902eb4d522eed2c0c067dcb4ed082534244

    SHA512

    ae9d8e1428af8b1f8949b52020d9fc269c8240b9447ecc8799acb5a36c8da777eac043b67ee256c04886daca889b78b194992fc1e27ffe260a902e0c29e5a497

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464

    Filesize

    392B

    MD5

    5ecb99e6cf5c8bbdf0b38708c647d66a

    SHA1

    c17d0b897a91ccca96105755ce1bb6e08e6e61f5

    SHA256

    000f8812f7d41585ff3eafd10788691284668884e4499454a21fa8287043188c

    SHA512

    a7637262e92e9c2f51f3e410c146cb07820ab962862fa25099f7e5731e788dda6005bd08c9bdd1cd221f1ed9c88f72b913ccf5dd2a98aaa3e02ab2556d656b23

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    a1e41b3a3b6f0e21ae568cabaa44eb50

    SHA1

    7e2ae4d016e4f0c90f0100d7762a5a4b37edcfde

    SHA256

    feeb89d308d2798acbed27868841e03424c11580bbc256dc56324e338ea2a99a

    SHA512

    aacb142371c9e8a39c5d2a050e74186cef2755ef08b3008df5d8de64d806cde589961d327b7afd8744ca84d369b298956933c7c3d8e655d142d30513c925b101

  • C:\Users\Admin\AppData\Local\Temp\Cab23A9.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab246A.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar23AC.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar247F.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b