Analysis

  • max time kernel
    144s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 10:06

General

  • Target

    a50052459e4db1e71a1f84e334e3cc44_JaffaCakes118.html

  • Size

    30KB

  • MD5

    a50052459e4db1e71a1f84e334e3cc44

  • SHA1

    2a407df0254263e0a07d7f7ea489d95392b79386

  • SHA256

    9a01901616096d929c545beedc73807719352d0e2f67080c04deef4ec1599364

  • SHA512

    4c30288aea3ac94701ebe1c08320411829c7f6644c06e2307e1c2a7fd2d11cf67ff64d54f921d3b665c9b79cce0172852dc28685d9600e1ee58e081e209a6c2e

  • SSDEEP

    384:3ZYzVll8fQeu907ILa6woqQuIfyp00DVMUeKnX:JYzVAQeG3LNwoqQffyp0dUX

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a50052459e4db1e71a1f84e334e3cc44_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2172
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2172 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2180

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2192e9b3a739b726b04d4c4b2b41a7fb

    SHA1

    96d7cfb71d5dd418113986fe9895fdc442eb4397

    SHA256

    1c71151070a0143d1706c7907825a57ac241f911c7b16b0fc60b1ad6da67a59d

    SHA512

    6a5efae7ad8696c8d42331a94241191d24fc973976b4c879213e0a2b91fc78976800c01c31adb30fc62569cf95d1fc9f737ed592a4ab82d450effbdc5abb3cb5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    11fe1eb30225c4e6047130f1c62d177b

    SHA1

    bd27e1c47cf54254dc44bf0afc5577f790eb9996

    SHA256

    c7d7925cf17f7ba3145bba9664b7fe234fd5cdb594832fffb2ec247d8a34bb6d

    SHA512

    3605a717d7ef957a36ba58730486ff16a3b0a1481585e99ad4022d254dca110245fca78ed5e21b4fc8124651273cea720404e96e48e40b6febc3e6949c7f7880

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e101987c0f5f103fddeaf198ea0cf988

    SHA1

    53749aad33a1a88377ba725d8eb4927eb8d3cd32

    SHA256

    e3ddf328dd0e1e9964a5f6a12a77993b5ab1e447e534fdaf8ecc7497e2d4daa5

    SHA512

    8dca0d40d8d0b7b48c3c3890c35e1c9739f6636223829c3e1e70f2c091b5f9b31627578228c53140810cd4f6c668395dafdd93ebf6b90c5133a754b306346dc0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    05f42cf543c1c0745ca3bc3a9e745f31

    SHA1

    2b877cc27a209cb990300e694fdc9957ef1c31f6

    SHA256

    12300ebf86bbb5bd7b9e20f46f921dd44dd08d909310a46d26084a7cd25672a8

    SHA512

    a8ee0f38f336fde7fbc520f5b8a56ce6dbf55b5388afbe346dc76746ad6e67ddec1c7fcbf599312913e293553e82cdac2987af1c45f1687802548c467e677849

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    43cb4b610d85f224667afb5049cb4630

    SHA1

    879d7ad73a0bd5e88050a1b73343eb1ae721d42e

    SHA256

    b2b1bcc1f44932a7905865c3b9a1f3813533924218f428b1dd6b1e4b83aea2d4

    SHA512

    a39f7e22371786f6251f2308654d4341fc6df236bcc9585644488fcd563e5e03ae1c92f12dcf8cf20ee71778ab6b1290b5d903829a4e00cd7ae027d56ab18583

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    db553157f33df667310d8a4643306ea8

    SHA1

    f53b18cebb8d647cacd96e1a011ed409f10f916b

    SHA256

    3696f95d888980b839faeda8b55c538b134797c98032951724560c43ff773ee8

    SHA512

    0d6de24ee0a12b904b73272265f2e25f64d2a520f2ad3f5758e69aa92d47d97a31f6dc2d0625644b0a847f31cfc98a5550b7861f27e8050f5587323f84e9d47d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0eb509cb75cbce45b03db51513a71c6a

    SHA1

    3c8329b738e92535a19d579a153ff71da5f375a8

    SHA256

    1716cd5e64a34cefa1bee3a0eb0fa0e498c88bc1521be5ebe4ef5c97cc224b92

    SHA512

    e7f9c39ecb4700bfc5e7456df9542124d239395741875ab280e6dc2cfee8d4b6c5c6438beaadf0153bd82240a24ca57d50ec0d8fa04e483972ec810397b44911

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6425ccd06abc90b8a67209b3be14a42c

    SHA1

    60a0be652092a665009730b1f51fbef71572a37c

    SHA256

    02735f5ea152fc12b8cff935c118c5c339c5c2e5a62466b1e89017b8bb32cd4f

    SHA512

    dd6860a5734ecf447b86fada671a2c8763835073eeaa3337d39a753a9eb794433444fa079b430613a649c317097b2375208c479d429b248b4e4b9fefc0aa64cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67668ea925c635d9a1dc15cfe69d981f

    SHA1

    9075d68b26e978da64b7c9f33d7ac4351935f751

    SHA256

    6bed8ada19533200722ada8f8310518ddbdd507b3a257f12dd3b59d2dccf61fe

    SHA512

    10e2118d1b75aa08252f03ba92a18259140de745a82f2982ba1d4fe7f5c2d32fa693699eb4ea4fe7b3298a65f68ed4e361dc28a78ded3e4fcec031e42c6b6e2e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f0982d978a8e2a0fe2b4f54ba265d6b

    SHA1

    bff265a90cc8424f12884eb233fbb69370dd6ca0

    SHA256

    03fad8d27cdbb4ee5110cb2a44fcb9e38078a1553f6fc03933f94a508d24903e

    SHA512

    3783a23c3b30332fa18222b0b144df03c8ceb25806fa82ace09d4908141cee3b83359558a7466d4cebc286b77f27ec0d4195364a2d7c73da833cd4474da4af74

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    696a293b801641497d8a01245002a558

    SHA1

    e87b92c2906d36ba63fb7efa8e385a0165c3dc91

    SHA256

    fe94df5b15f3ce47fdbc882c9706dcc386c1517713d523a98697132c05426f45

    SHA512

    1c29a1dbbe84d46c8f3785ee06075d29522785403bf31c8b2425e4fdd69dad77743b59902d66c8c61ea579aba28711d81f5176a0ccf0f843ae83028f75c833ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f933d963474b940113056cd69f0b8095

    SHA1

    87e805c5860665962514cd7aba7829d97e10002e

    SHA256

    efbc5d3c49ba8de379b44b29bb0cb439c9deaa40897bc2dfc7449f38c67c6edf

    SHA512

    8b73f540751dd37bda685d2551f70bc1be265725add4a6228b71b0ecd88e809d59ae35fafb21a04fc8eda63133a43ae6b951c38381aeec56c9ae316761144635

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9cbd71c9b39a2664541ccb93baaa8ad0

    SHA1

    aca568a7008a9188a35dae27c29a351239c5d795

    SHA256

    c24b1be76d93ade3a2b70d10e057ccd7223f10c0f8df04fb8d077648bcc85a1a

    SHA512

    d766794cccbb7e9820a2b38a3d8abe8f6960f93bfb7d2018e34c1f406a12d7b6897c0d68a5fc3bce26a2f7f8904f9354dc87cb814164f471a35b61d9f445ff19

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6c9d418bce9a3c5a6d51257b3cf48c2b

    SHA1

    525ee82f09ca08d68d76e01ad9682ff6bcbc1887

    SHA256

    56b5d6006ce91d14968bbbc46b5b2cbafd829e8da447427be594315f5eac3155

    SHA512

    f47b18f987dd7f7a1d07e8e3eea93662689065f6ccebc3dd2b9cad755b019c25922967751623e9d6dd0e8d2a16d6dd46d7ff11c660279df11316e64d0ead2665

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    254c4d378f355743193c07cbd22aadcd

    SHA1

    ceb26bc3350faf51a1157fc51982984be7ce8af9

    SHA256

    b4f2f9a4ef003dc7745cfad95defefc34a9ab47ffe641007b9802deaca36c2a4

    SHA512

    adb0b16906e130875f9ff450d913847bde51c7755993fc75d184b21a7de3b684b81b7a661fbdd6aead670127e329602217caf05e9df90d6433dc6fdf33685427

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a7e20f2bbefcc7cc6888716c2600f3ad

    SHA1

    3801f2700b7d92cbfd25fe4da39b44d3c967b06f

    SHA256

    74799c077012da7651d335cba595c5e2567b3bdf2cf6beb90c2fc089e8e6f326

    SHA512

    131c44c9744428fe43fc767331ebf999fe3a7cd3a6b7d398d3dc000bf95b3e0ee4ae223ea42ccb393b2363f31288adc5f70665ed46b91b83f24fd9a938b24802

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e79364c9b1b5fa3274e50996ed0136e1

    SHA1

    a37f7d8868a599ede03cedbd598dd3f8dc6f4aa7

    SHA256

    7ec1423462674eea2b052e66df6f029c03030734829365d585bad13c7351995b

    SHA512

    ca4f05576cb8c6fe843d324b9d3940168a3c43ee05ab3c7861d796daa7c019a403359ce62cce5068c4fdff4ab8d0a4ed6f196b814a07b3c4c7373104542ebb0d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1222fd6e7d6ce982403a99ab4418b0fd

    SHA1

    ade010db877a7a34598c1f8dd93defcea4258fb5

    SHA256

    e1cb684fc55322b04ce6a9a018948ff977dccb698ee46e875e4461f341592c90

    SHA512

    6a97e7b8a0b5b762667bececc4a2a2f8e3dc3fc03e296eea43ea37203c4ee5192fa424fd86cf6af4edfd3ccee09ff82b4233a7d5db680629da8b8641d7b892af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ba6bb8e949e323ab0b55372daa45351

    SHA1

    6f60de76056cfc9f59d6b71b8f9912a817d445ee

    SHA256

    bc35fc0a71be9e11fca593fec30b57d40cd21590312e1f56ce404094ac5c87c2

    SHA512

    ca7064c21ff8c3c17e0b76f97bd4385e10ede41454412dc457e72e4f281f00bf27c0b1d396b93e061056be622b338e81cf476f765f2f97d069706f7364011de5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c13b27623bc96adbbc5234cc5ba005d1

    SHA1

    1e4b0b99c6d4a71d9bde530f65d29b80852d5ff3

    SHA256

    ded8807642a23e3034044fcfb860701b540a19b210b32217f8a0a1db957290bb

    SHA512

    2b79d2458f7baecdcb6d6acbcb4ee17c5450595a032029a835c2d106cef5506381bfd48fdca153c4490c793d0e94d6ade87654f40e74381a03a8a322e32db92b

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1M46YZP1\LGKPJLAM.htm

    Filesize

    56KB

    MD5

    1a25baaa6023fd2c8842fc5eb637a52e

    SHA1

    8e77e515aad8be89e6866038ca9ad9f3a0f8331d

    SHA256

    dddf48b466f5c715c27ab0170fc9ed19de872c10c244b21af53962abd7484483

    SHA512

    97ff688942d2a9ccdeafb183abe051dad6c639c16c88fc242da3cae3707146edd005cef398f1fbd8d1ccf7e5334111fd1849770c265f4a708c471d0d0697cadf

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FY3LN490\3604799710-postmessagerelay[1].js

    Filesize

    11KB

    MD5

    40aaadf2a7451d276b940cddefb2d0ed

    SHA1

    b2fc8129a4f5e5a0c8cb631218f40a4230444d9e

    SHA256

    4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2

    SHA512

    6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R54TGSS0\cb=gapi[1].js

    Filesize

    66KB

    MD5

    0fe383a7ddb9bbaefc3105b3297f5583

    SHA1

    f80c9d789f251909c7560bd91a9e1b9a10c26362

    SHA256

    d7ad4aad4e48174c30ef21fc32c9380659d2c99a5c39680e10ed9752139d8683

    SHA512

    31de1f59377bc76e5d602d02273867ce750bbbccb7edc8f2803c0188002ecae6752ac3ec31c2108e64b0d871b01e6a8a06711969dc68bd9823303def0e7c1ee4

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R54TGSS0\rpc_shindig_random[1].js

    Filesize

    14KB

    MD5

    6a90a8e611705b6e5953757cc549ce8c

    SHA1

    3e7416db7afe4cfdf3980daba308df560b4bede6

    SHA256

    51fdd911dc05b1208911b0123aed6b542e9d9f04c94d7504c63d89ca259ef679

    SHA512

    583636571c015af525cddd5b8dc2ac9964aba5a7a9b0acd3908e4aeb4c2ee74cdfaabe49b0aa13d7b142748542426864e91e88e90d7f73bc647f0bfecb0ff7bd

  • C:\Users\Admin\AppData\Local\Temp\Cab1557.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\Tar1677.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b