Analysis

  • max time kernel
    134s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 10:09

General

  • Target

    a502d4ba506074ba64bc2eb4643e2f6a_JaffaCakes118.html

  • Size

    30KB

  • MD5

    a502d4ba506074ba64bc2eb4643e2f6a

  • SHA1

    3fee72d388f81162ea938fe16b5682045efb68a1

  • SHA256

    832bac83649fbd9f754e6b4d2ff67254d9c3059e94c380a8a706e2f3a68bfe87

  • SHA512

    b5016c9db5ede05ebd134a600e2b67e3a39c17b2ad5ba1bc2092985f0855a72d2cb742472208f4874b5272368536930e6e0e632c7f95a81bbf5dee80e3f425e2

  • SSDEEP

    768:ku6biR+QU7rRJ4/5MsQD6G/xYQEn4wqzIUApoaCmQ67ZaxmL2T3:GbmU7rRJ4RFQD6G/xYQEn4wqzIUApoa4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a502d4ba506074ba64bc2eb4643e2f6a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2232 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:940

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    27fa046e6655349907e4c85187ecf663

    SHA1

    c04e01ddd01767dc78cb4167421d4e2c5bba92a0

    SHA256

    032aacd1b644652e4f4e84a0b4b85f2c8cdd8d7fd946359c7cf5d9e2d1909862

    SHA512

    c3c3ce31b82a87015e161a2edff1edb5b133e990098def92992392c4865a4a00229e388ed3eb48691ae1038c0d5ec889542488b87edcb8d84bf7858967f06381

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f3e95813ceab316054aaa7cbe41fa073

    SHA1

    333b7acd6ecb82741aa4c3facc897b05b1a86d17

    SHA256

    b819f190f889a76055a1a31a847037872bcc2a7892cfe402ebf22c2a77b78d7b

    SHA512

    692aae1d7103a674901918b5206bc58c73441b1b8497a5640674eeb70bb57902f0506288691eb7336d3aced8b4fb02151a3a9da0d3c208cb4c96e8d07e10bd67

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f8d76533d3e5bd30b82b1467bfbb5ab7

    SHA1

    7f0fc17fbba871ea518d0a87a5df9f01fff9762b

    SHA256

    07e689f21f43fd433709efd496356542bb64ec489e69d9c3bfa0e1fc1e684597

    SHA512

    f8b730fbf81664afeff84ecd801409c1ff7e8ce1f6c873967c6476f82378867d7acf6dc1ef605098690973ed1eaf4826ab329a763e990d1753560cdd7c6c2af2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2e97222127ca5113c2e138f3fe543769

    SHA1

    0398b56595de76632d217e0f8f83707445e6e8b9

    SHA256

    dfaa3422cda01523439a7ed63a0ed3aa86b68f7cd707435e54f92c6e3f25ce3e

    SHA512

    046ddd781ff8525f765f4e221a2c62080e20efdd476130d4b8cf5ed1fafc5ad735c4799eb2f75f4300a56789dbb7eaf7cab6b7d1c4e3be1995e5a4d06a780703

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2ccb431cce4095fe44224f758252ee8d

    SHA1

    7933d8758ff901029f9b26e8e4f069c86aeea177

    SHA256

    421a5a51c0aa733c10e1e3b441f8ed33515cf690b90b459acde49acb189d5d03

    SHA512

    069b2c09e8e95b6502de4267601e17b30f34da6e282770a710a659b2dee30706dda963a7d1b00e8c4213a85a6cb572922d48e1584de6298c91dcfa1c07a75ea8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4d300313bcc2b2cb4c9ea3c94dc80f6d

    SHA1

    d263182116a0e12bc76a0b07bb2e5794b1fafdc2

    SHA256

    c4eb15608417033e90180b63703c484b16503194f461aa6dd43af6dc133d358f

    SHA512

    27b9014d40fca8929e6551391873c716411dc2d5d8ecdaae3e82239dfb9efbd33b89e0d6b55c71c4bbc636be3fafcdba4f4fc4549b230a56700b5b23e4429db5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f4b94b10fb4b8084b57928c4684f8e9e

    SHA1

    670ffd99cd96d833ca55d4dc0b5973c099c18d85

    SHA256

    4fc00e51b21dd43841dadd1a0bbb1f0aec48bf2045c8e51036e71d52c6328b05

    SHA512

    2ce77716a77eaff829797eb7253c799af6daf6fcbcdcfc6a429cce239d6753637460b0d7f5f6793332962ee05b1df70d056bf34734417b4fbf6a4d84e2df64fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    43d852283f8593fc1804647c843bf4c6

    SHA1

    e2a3270597d0203690d180986fbbeec63cf3517e

    SHA256

    7d49950871c6bafdadbd722f6bf6dc687d7aed474897e5802cc717d418e2fafd

    SHA512

    7619f5d8e9cb12f3ff982e961ff38c0f88c2812535ca61786db2168720033c61084a287d84e402b280d1418ee65efb8400d1dc1842407a54503d851c88e9a2b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    00c1e597d2a52fcabcbd29287e6d0cff

    SHA1

    92ff66e597aa797f686f4ec1a7457c92b08b5660

    SHA256

    3aba4f2fcdcb253039b236903863fcfc4cdd71db04e332cfc492054331a0e5c8

    SHA512

    baf9c1c732455d85dbff9d45b8ed97369d1f44c5c979cdf8e87ac701eda279d1e7cbe165ad568dccd6d3b3c620414de9d20d657ee1177a1184ab8abb7b5de68e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    125020e2c6b8085fd1b4ef7153e61464

    SHA1

    cd247d191c3b28f6f7bb3d6e0b083518ac9acbd5

    SHA256

    b2dee932cadcb406e43f0fd7417271953771eebb004c39f1075f8997cbde776b

    SHA512

    c70f7732967d530a548a9cb8d3f8d8bc90bb3c178b75f5e434999bd1d65225ee447cee07aae480ece893d6b517af87e56c8a2c5eecb605707959b2ae9e4a8476

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0fcad279a8e8fb8865d938691724fc80

    SHA1

    c2ba4fb0a3572db250b690cdf7ab15b14012275a

    SHA256

    3694689e879cfca2bc15239558e6db95b569148f5d8a8aae1d98cbb3dd558da3

    SHA512

    85935ca0e5412b8404959dcd680880930f0e0a3e24fe587888775cf50cbe5fe86f32bf4cbb301351478dc139989d7b5597a1da0026c91842c62e958e39f73623

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cbc976aebf8575f4fbba16d07cc651ca

    SHA1

    8378e65d95a81982ff6f07a059e563bc0280523f

    SHA256

    6e1ac9e3cbe68e60844e3e9473195ec794469f0d03ef69bdd9f17054d89c0917

    SHA512

    9d246900535697f1b74746f8d0b5d82583a993282acbf01960e195674bdf931ea94b72aee686846d209d15e9da8ca79b99cde72295bf9c0c2379d3578bd30887

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6bf4e2fc903af5d153d9a225fa8f5003

    SHA1

    2e6eec40de8bb8b92e67abfa061bb503a111ce97

    SHA256

    6e2efca2f0698038ff410b13a1a0439f1f3b7c564b1cd69323e1fb1a68554d9a

    SHA512

    d231d6898ee1fece992f6facb507a9c07fdb733c7c75259fe33dae5f2fd9001deb4eaf552aad33fc40f6c4034ad73faac4a1d6485e4fb7fc65db4395f868c4cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    52f22f256e8239f21c0691504c3b19d2

    SHA1

    2271a22a536b7b7c2bcf6dd3f13f8612e5de76b5

    SHA256

    6aae053a3083f78d9ce53535d93488102b9e866ca3daf71a86ec6991619a704d

    SHA512

    76abc041e43d858aa329899f3d5020b81b270340592bcfe490e7843e132b7680e879dd5e40a3ce71363a7870384ec151ca7bd20b1b4daa80fd3abba15deb7eea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    835a4f785d9968e15d183f74a65a07f2

    SHA1

    6d0c0c61fd83f10d97f691f3ec1f3c144fb96067

    SHA256

    0ced519f2788fd9dbb66fcb5a93459c348bf1931d36373d6ca47036d44a6c940

    SHA512

    8d3bab2cf7b5caf0fc700d06d22b9169a2477d2d7af9b38178ee17a1b868ac97aa9089efd070465cd229772b3ca937039d93188831564aca22417101c163e523

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cb4307a3e9584e402bb8c58029bac77b

    SHA1

    df09c3ef0e732da214e17f941c739e238fe0a0d1

    SHA256

    ebc8bc3978b0e0a8e3e50a1573cf7ddcc1dd0d2bce4d083db47311063990401e

    SHA512

    04e6127765b2b41a067855797777e921365e0a7d3d6e52418e22526a319abe38791ce6624b563a4b404dd2b5d092f782159d1878ca578b88823cca014f00b5d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    513926446fd9873bb4afd114f1dadff8

    SHA1

    78ac575babb49b8ee50505d9caa2c72b5b7f2079

    SHA256

    3e9ca94afe8741ef3214317723849c22667cf5a4dff9184784fcf76b5c1cf835

    SHA512

    eb9c9a496cdb2739ff987f8f3ac409b61584b34506bfd17245823b5333f2dc6e0a66d8060d3f411e1e2fde0fd71e68ff87c40be5dfe808b225d131265d99648a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    29fe7f5ee362a17c4d5b3b4166b4b122

    SHA1

    4a6f42f1747b674283e088c6aa28a3a26f340df5

    SHA256

    a17c9e2bfe7138c575846c1cb62df358fe21bd87ff7cb21c087e144526daa217

    SHA512

    672d238e43810bbff5b76e762d63cdc38717079d5fc09a5d964741cdaf2c706edaf800a260bc54975d22dbe74c9fbf177ae35a78413d5822d54108116075a3e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7c74ea0f7571b46b5752ecc93258563b

    SHA1

    652f3a992032887a83f789fa469d2fb1770f0df4

    SHA256

    027bfd0b8d61e3b05b6592ed41915b03a9367a28e9a9809d78d7d49e46a41357

    SHA512

    76676949dba6315c365b71bc7298e109ef345d5f5ab18da1c18ea06dbec39b53ea4df3cec1c3b5da7808779aa7c9b86bbda820eaf334af35c289afe0044c494c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    070bd5aec2ef83857605c5424fd4502e

    SHA1

    86cf3662a92306ed4331142259ceea594ec0e57a

    SHA256

    c01ce71930ec8f07453fd115c28d413b1038cd84aba47c5aa6d7e3d45b46b977

    SHA512

    bc8c05a41fa2ae5524c0070c70fc9746248fdbd5ffd6071daff0685cc7e79ffef65506c025e47061ffcbbcebc6698d2038d379a076f8ea6b9e0a9833a942a0e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4d3c91a078135f11dd20015998b26ede

    SHA1

    b17751b841e0d73f7c2b43e45cb2ba587df64a18

    SHA256

    f49799285f36a6d7cc185f218ef051bb3681091aaaa1a340343597702e9a03f3

    SHA512

    3b38bece70eaaae95612f0ee8ecc320f2805d9274ad18647609837f0fe9298831e8abe8b344767ec28ed28160475cab3cd9ab11c6fd429f8f73dca3342c0ea1f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f81c7bf4b2b8e7daece3c715ba73199c

    SHA1

    d0932ea9d6cab5d623dfc0246526c90037816351

    SHA256

    dc03cf5dc4911cf57f01ad2af07cb61b4a6448909a2a367e469b6c8b964cc2a7

    SHA512

    fb2f2751846630aa381276c54abb0fd23a35be953d71a337efccd91b0deb8e460144b8a5d1e83021fd7385de6527c0913d70390e5ab4c022430340958cbce53b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fe708beb135c090ab8ff5ec5a8dfa75e

    SHA1

    c4570e65e923831321ab09e81a2d09e4d8c9dde1

    SHA256

    510b7bb26c08c97f7c78b41af3733d5a813402f0f4261c1bdc8bbe9341635d00

    SHA512

    48d0322dbdb04fd22e043bd0ac91574b2d43661e0ad63cd9edab18d606a8e520070270702b717b18079f411e220a4365199393a4b1bd7fa3af620dab52897912

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    953251f5cdb0747a1eadc0d7b9e06ab3

    SHA1

    7711c87169adc55378851b77109c16c5d3f9f2d3

    SHA256

    1b3840ea875f0796ca387c21a34648306dc1b9a830bfbe53ad2fe3eae761ddd4

    SHA512

    7d8555abf113e5170c6659367010b48fe52a0549208157ff006ad1f952092fbb1ea097a9df9766bb0e5c0e71a5a26af124eb5e8d5a9079bde59cb1bcca02c790

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Cab1373.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1386.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b