Analysis

  • max time kernel
    132s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 07:37

General

  • Target

    a475c5a34a2dbc03798609ce58087e8d_JaffaCakes118.html

  • Size

    30KB

  • MD5

    a475c5a34a2dbc03798609ce58087e8d

  • SHA1

    cee955b77f625606016e90f1f1716732c08d9db2

  • SHA256

    a0d8e3f32e466678e72f75dd71a89cd494379bd3946f388b3ed134b96158dca1

  • SHA512

    db8d7fd4e3df25e9d630b047d413ef4f02076c083796af02e68d7270c1bb7d052aeb3689015d44bb03f3be0f59f018857459762231c8a6d33ba71e7f47224da5

  • SSDEEP

    384:SIjnPrirorGTtaf6jIB1U92IDqjG1Gid7zrrlywgoUDXkaP9oT6bSr+3wemQFYM:SQ+srGxtjIc92DUDwkpebSr+AZQFr

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a475c5a34a2dbc03798609ce58087e8d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2076
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2076 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2732

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    cd1dfc68cb48ff5303ab26f78a43a7be

    SHA1

    a2eba7dc998944aca3a7e0ab770ae834a8da68eb

    SHA256

    9b371b25c73ca473f08a15feb8f9b63e1aadde4b5381fcc280bc6b169f4bc6c2

    SHA512

    0fcfafadefe3092695d6fa2d0ffcbf364740d81e8c5ebf27eecae4e5828413619fe3a3dd0c3c26857cc06919c245f7002d2debb7b941d352129b2b3d12906430

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bee22131399266f455e08a0eccdcfef0

    SHA1

    257adedbc44e5f5971f5af6bb88d97cf3d2d9e83

    SHA256

    c863c0c94f30b7841aa286079ea8eb8d1f48a8ca4e399ca63e5c54268f950c6d

    SHA512

    a49b8e0357df1699cdecba822c6c40e1bb04952ab0bf0226d6af8a94e376281926923b79660f8ef5fe7ff3eb93823bcb91e0036fec27af746b8374416a12b4ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d707769091cf3f77ef4875e6f048995

    SHA1

    3b96c34e9e03451e73d2f662a1cccf243b52f3ab

    SHA256

    a9360bfd4977104728ce52fbeaa6f1d4f1efaf66978d24e9f521ad7087641731

    SHA512

    374069856c3fa5e8d9c54232f2f0f79f9254cf5a1667134a718e4d37decbba8f991dbcb1e1c802a2c241f1255a43cf73563c3a439b3d9aceeb905cf0862b0283

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a7aaca6e30f3f35e8d6e36e1b592909e

    SHA1

    67faf7403b3cd2354f6728ad4c72ac2e57e22899

    SHA256

    001183f1c14b2c4870c751d2d0bbbfbcfd3622603ce74e95c28b166fd99180c7

    SHA512

    cbbe3490c0eb8f2cfe3c4a6e21b49820ed7a3181ab953c470f4ffa41c888731ccad6c2f794b43360d32407763bab8b54aa1fad2f695c61964ba4eaa81606d20f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    08321f9222fde77d382f85c4a8893285

    SHA1

    8027bf32f939cbcac081c2937cbe827be35bcf94

    SHA256

    0cb275156040ffda3b74019d9bd7d07868b12464a520938cfcb32f868fb3fb8c

    SHA512

    86ded1827938e069a12805453e5cb1d3bb4dbad77d2eab545249410c095daf73bf81ffc9f12252747e5fb2ea478534f877386ce3babea9273816523987d47c92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9faca3e698566c4383dc687a92051039

    SHA1

    cae4e61054c8878b57c3c16bb921eceba06e2aeb

    SHA256

    edabd48a6f4a6e24db6220bec0b28bd852effd9af00ed8f5d3d9d00e5222c635

    SHA512

    82fc909af203e56fc9c03e137c10eb5ee88e4a9477ab0539ee6a9c3e3f9c9f8a0e77762881a5309c2c369877164b828f6fff5dbe12db7b916079fa66d2de3d13

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    02c1b7aab61590c8d80613d5b6dab82d

    SHA1

    3922db449af1b7e56c1432f661c7e171a7b47183

    SHA256

    89e9bfbd4f2c9762759caecd2c8e8e6ece657ab797d310f33337a26f48153d53

    SHA512

    d0eec9bc67662a64adcea2bf37abf75f0043c28c7e396db96c367eb2f047d53387aa74cfb4481412877edf1bcbde6514a884331a2f581bfddda22507d8941a74

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f08a94f54bea5fe5de8d133db50aad7

    SHA1

    de11c57b6064d7fed253ac7807feb1be934053a1

    SHA256

    5457af7c3a5e2279142cde6b671fd22ac833e3be0bd5a8a5c0d87493506b8ff6

    SHA512

    660de81d5df0e8ea911b04b6164a459a38046d92caab22f6e03b5dfe8eaca11afaa2e006dbe2b30bbfac3d0dd3e7508670f90ecdc9f361fa82acf610fcb76599

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f48f6bc1896170da232cb8d7201749c

    SHA1

    ac526c58faae06b9755d482cd882320d78dbb90c

    SHA256

    800b6047c303bcb1d850c2f77f1e34ad35c2e8d8baba0c6e4425fdde8a98cf44

    SHA512

    31734b856df61eb4636313a464af3f606d79d58d556362a5bc20027d517dd178ea480bb402499b3f43bc134a9fce053405de21e5c71c209ae423fa0c85845607

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    54515c03dae416e5930b76b55fc9bbb1

    SHA1

    775cdf41ce96647c3cb5a4fadcbc25ac16b2c4e2

    SHA256

    dee6b0c0f61d90bf4d4ead3b433d6ce9d7208c68fc36adc4f571b910dabf42a8

    SHA512

    004c109039cf63034bfbfe4384c38cafffd817eee4ade4a27966ff49ea8759512a7c22822716efed6434556d9e3a0b823031bd1f3ddfd813540f16293435942e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    28d83e5ec4ca7c059cb438572ecf6cd6

    SHA1

    fd03d11e117b3ca86762efce46f397e60059caaf

    SHA256

    1bc83a9324fe8cdfc43e16b886550b17cbba5cf40f2f36aef7687c36b1a54b88

    SHA512

    6750bf59e1ba9297ea87079eac4aa24e27b08fbf8bdae186f769ad2c28f2a92a6e30959156be9f400e64a24ac774580fb335c3cb9a72296691674625987455a0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8003caa25fe3afec76770f2d4bc5eaf8

    SHA1

    d05f7891ad7275e0f04ff6c78080903183f7f05d

    SHA256

    43dba72cf0c1d8fdfe16165f08904bc484c1391e550b7f6dcadb4a2fdd7059e5

    SHA512

    54900ee3bc1bb40e342a613be9df3b97dd8e9d073788235a12bb3711752389e861aad899bfee4948a9e368c6b032db87e2ef9d016a43c18f80d06f6302ad8957

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7e5889155067246b0d7dd80c7b22d93e

    SHA1

    eade57fe519239ccc6f3fd4dc3872a85c3116ce8

    SHA256

    aa6aa488ca1309cdd954dae056ff799772b62ad1287c662e011affb176f19535

    SHA512

    d39f34e8aa3d0faf40541957f4ceafb01fe4c86712f2b4b7f6686b55653f631afa676c8ac899bfe179a85ac602f30c2c1b21adf036283abeb1de9e8b3efb3fec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    94bfe59fa1e76e49f1a45ffe0d327d55

    SHA1

    5b01ce0d93d380a702e6d2bb6f0dbbd245bd7738

    SHA256

    b14db2ddeb35e012a73867abefdde5518385bcd7b8cda167212eb36f8778c2b8

    SHA512

    a4ea8e98c81feeb7c63c8a00f358a293a9256dabcb722fe96c283c86730782d47f7f87e0ad9357083e9641024a257ab1c65f514f798ae41e27bf996633a64c4f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    375bd322f84787cfa96ad9e0f17952e0

    SHA1

    d5e576261fd608e9677328c6a10ca7533e3bf5d0

    SHA256

    ab46dc9e6938f154478ec21b7df17a3f5ad1e8b60b24c5b15e1e2b76e5c05b34

    SHA512

    f083615723fdef0c5f014bc3498221519beb786f731453c6a348c0b2e01d1446c6cb27fd72108becc88bd54aed43c16c97b3f43a74f188615df2bc6b9ef729f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8399f7c7ba3002cdb319b50d2eb48478

    SHA1

    7b96067cd0b90b457cd7267ba0c0a35dad03eec3

    SHA256

    26be1c4f5e2a2a74d74ac3270143c8d675740bb2ed8edfccdc9fb646ce13856f

    SHA512

    f0b968390f755de0870dee96f12f5f13e64aca083b6d182ad664ddb2f4ff0da73ad09c0c736672f8cc6879888517b42ec27ca8b807e34a940da1c33abde961d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    74d299e0f44871d1d0ee1b8babe2035e

    SHA1

    40a1d808bc6ec1e2754a26904bc59a5e2aeab397

    SHA256

    27f6170b76e979a83eedeb48011b21ff421fce56f050a188bb153831acfb4b0e

    SHA512

    3d8631aa45ef6880c882973145399b460ba4c0b5430f572a9d65b0b12505eb78d8b2136f4d9241c12c2d9d22269822219a3147d4d7f0e7d92b2dd1ae5b36c185

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    169351492705a15f22709e62ff61d1d6

    SHA1

    401a6cc3619fd26d830aa857acd111f2de04c3f8

    SHA256

    530be1285d47588e5d26302a9bd26a49bb4a0b7e880734cc381f07caa6cb4497

    SHA512

    894e21c2465e4a97ff1e57bfb65d746358fe30d2d3806f24d1db8cdb9911c17213a93a1909a0c5fef39abe99d33cacdddcbaff9bb6985864c8b95e4ed581f303

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f179b69460226c54b2d88b4f7711e38b

    SHA1

    96b5715f5854ee9350a4bf21afc8c5968c04caa7

    SHA256

    1abe958d5c1637df721f8672f431976f356cd817b456061ebf15c260793e38fb

    SHA512

    94f55df81bdb555e6c73aa85c93119e429d9258df3ce65a25e80fd937f089767cb0a80d0a8f1960eb0a83e99e4703818191a98a573b5997101494fd65cad7b10

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ed0b9bd7286ecd0e81db3bfe476981d

    SHA1

    2e143185c1d5bb547d230c09d4276ec6507ab7ad

    SHA256

    2899404b5d043bf87a9cb21186fbb6bc02147899f57b1beea888c83478d4f008

    SHA512

    ecbc4cb6b023cd5ca721aa0c7ad9ab76f539c75e588e49d1915577c81015c2f3a7320789a8654789699f54a534073fe043289c00e2824f4a09e7e31224740f30

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    40acd6c1f82f6f9abdcfaa515ef83a73

    SHA1

    d610f2c5aa10fd8c7f0b37e8d4b5309606f99895

    SHA256

    25107899f7ce2241c97a727ad6af6bcaa31813e01ccc0df8207076e3463d5804

    SHA512

    c11218e7588e99ea648a36c84ae5a0804874393a03427eef5741fd28d8bcb538e7eecc653cc184d9e15612cb2df07de5b1a851743c5870317875f39e3fc7e397

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    976154424f1f936c9ec0d4f077345865

    SHA1

    65b4738f616f7bda6524a950b96fd372dba30575

    SHA256

    ca56a1c9f7647d1603a8850ff09556eb509245aef7792eedcc103d5a32b235b4

    SHA512

    8a6c4fe59a6b54dbb1f0747fe01b180cf9248b4cc58dcc513e9d1a916d5dad0748224246febb9bff7c3ff2bf28657a123f1e0671bd35ef0f654c84e93957280d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c877c9035e6559077662f49d7486e40f

    SHA1

    b0aa95d16517a5a083a089dd58fb24e83b390359

    SHA256

    477994fd696e2c1ea1f3a2fff00194a41ac9ee220d52e228e7fcafdd3bc8f42e

    SHA512

    c71868548b20c3e4dc314df88016f2fa564dad65c2f6460f311638719c7da120564bffa232db4de985ca077272b44227c5ab138211a6b9c897b6f8d5eacedba1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a244e6ebad988def7868581da7c2be47

    SHA1

    be80551de562d4204b28953ca3451f5beec9ac93

    SHA256

    ad49080fcb1ec2734900f4baec32f782ea0b1f2a3db508065b979f857726e387

    SHA512

    47c0edbca0eef243435fcf5299ca5ff0de6fc7372795454f9f48f70b9e759343b73856aefd3fbdac324744c8d871d7f1d4ab60a4cd886011bba62e67be35def6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    48b993c815461e1c06dc36a76e86c6b1

    SHA1

    bb3316ea4fbf3b358b7f4c5583a61f53a8a826a3

    SHA256

    820acc1ac1214324dec78d57f19865e1f2fae70bf4acd817fd8f40682a821ee8

    SHA512

    3cbda91b07871e3f5f97b59edbd494904132abdd553b9b5f619bbf2a0f5137bb61274d61d5725573798bd944e22386759170c1b2e850e0fb77722e9f3baf7ffe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    6168a18c60e42415e85aa6aa1bca3c3d

    SHA1

    9f89efabc69423d8416aa3a2c1b816b820aac052

    SHA256

    42f1f0b79299eda94d6c5741a407dc4639a2e7035b728f8a87fc0ee79802b74b

    SHA512

    f7d6242d5eb6a595d5ded5176ed5c01fe58f13c29aad93663fdb6b58fbe2ec39d3daf9aa4f30bf48d666d8a62926695107d805a4abe873adb6bb2c40209d96c8

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4JZQ5QLK\rpc_shindig_random[1].js

    Filesize

    14KB

    MD5

    6a90a8e611705b6e5953757cc549ce8c

    SHA1

    3e7416db7afe4cfdf3980daba308df560b4bede6

    SHA256

    51fdd911dc05b1208911b0123aed6b542e9d9f04c94d7504c63d89ca259ef679

    SHA512

    583636571c015af525cddd5b8dc2ac9964aba5a7a9b0acd3908e4aeb4c2ee74cdfaabe49b0aa13d7b142748542426864e91e88e90d7f73bc647f0bfecb0ff7bd

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ZQLLOZN\3604799710-postmessagerelay[1].js

    Filesize

    11KB

    MD5

    40aaadf2a7451d276b940cddefb2d0ed

    SHA1

    b2fc8129a4f5e5a0c8cb631218f40a4230444d9e

    SHA256

    4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2

    SHA512

    6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OORQXHVT\cb=gapi[2].js

    Filesize

    66KB

    MD5

    0fe383a7ddb9bbaefc3105b3297f5583

    SHA1

    f80c9d789f251909c7560bd91a9e1b9a10c26362

    SHA256

    d7ad4aad4e48174c30ef21fc32c9380659d2c99a5c39680e10ed9752139d8683

    SHA512

    31de1f59377bc76e5d602d02273867ce750bbbccb7edc8f2803c0188002ecae6752ac3ec31c2108e64b0d871b01e6a8a06711969dc68bd9823303def0e7c1ee4

  • C:\Users\Admin\AppData\Local\Temp\Tar2794.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b