Analysis

  • max time kernel
    119s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 09:23

General

  • Target

    a4d472a1c231e2e04caf5fd3e8d7177b_JaffaCakes118.html

  • Size

    8KB

  • MD5

    a4d472a1c231e2e04caf5fd3e8d7177b

  • SHA1

    9698543418e911251bd3bddcab2dd2d1616d280c

  • SHA256

    723a6c862b12ebd96538a7a307f210dd2baad1489fd79d826f2416db458c5d27

  • SHA512

    a8d804b3b39211fdbe7c71b6e1de507600b47f25280e4bf8d3b2ef316b37e8859f599545fad92588a4ab2b0961f6dbb7e1145c8a57421b7bd28f1d9dae6ccbb1

  • SSDEEP

    192:izMByu0GQIeRn0GQIP++uAXg5s+bxOYQeS7mnE:iuNdQIeRdQIPdQ5s+bxOInE

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4d472a1c231e2e04caf5fd3e8d7177b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2364
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2364 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2044

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    cb85f3fcf86ef0de7ef258539cae87de

    SHA1

    c73288fff07885a62f8c7033b348863ed3b8cad1

    SHA256

    7430a96d94b1faa5363b7656b323ffa416fd262e0405e498bb143dc93443963f

    SHA512

    dc152f2e8c8f7e316e84f7a1f3996e02c08d582d6d0e40b8bf7171e359ea952a80b7452e56690b30fe98b4655d4744e8529a930449ef1cd853e377f86294b2d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4A9377E7E528F7E56B69A81C500ABC24

    Filesize

    889B

    MD5

    3e455215095192e1b75d379fb187298a

    SHA1

    b1bc968bd4f49d622aa89a81f2150152a41d829c

    SHA256

    ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99

    SHA512

    54ba004d5435e8b10531431c392ed99776120d363808137de7eb59030463f863cadd02bdf918f596b6d20964b31725c2363cd7601799caa9360a1c36fe819fbd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    ca9c8cc7a495f178866d17dd027c1e18

    SHA1

    1e8de6832e791088b754074c1a452ce4184fdc90

    SHA256

    f73345baf6fce704594c4be8d43d84bf6e27ede8b8d80fa089f02eeea9f37a37

    SHA512

    e8f2e911b492db0c4302c0d42f7925a932eaebfefea99369a9e9293b321b6cdb1398c1ed001714998a680aae41a9ca52f1e14250abdab45e3c4df3c5f1dd5439

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    be18b4d0cc3f98b2e7e12da9acd579d9

    SHA1

    96baf3598ee2bab61d9491b376e6fa697252b3da

    SHA256

    99bd984293e33fd0f51f24c2c6c5672639691721b52f93f445e6dba3b58bdbd0

    SHA512

    b4770e1ae8fc75d10cceb04bdbeada0c477b97c7b2bb0fcbbc8e525143e303117b2a01b387141deab7b5985e77303579960c5dd72dcfc871817a5f3db676b7f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    53eff6c3b57795169b7865de2ab90fc7

    SHA1

    007e2cc4bd18cd6e31443d0ddb0068dcec3e3c70

    SHA256

    fb7003b2fdf87fbe1b8928310c963670bd950c1222ba861d24446a6c7f4a1d93

    SHA512

    de2af62f5eea0fc10cf3088b749d04655366b012ba5e92ea3c7e0e7f9ca8d7da128e0ad86bf99a05752430a93046b78ccaf2dd41e4ecb312e024fd6df7e02e2c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d56823c7cf568d7e7495c7c5621e424b

    SHA1

    f10803b95d5c31006c4bb3383705f0696fa7cb5d

    SHA256

    b1b66dade7fb5b2a8cc6dfb0327b3170687d20a665f1003d9fda80da1c59641c

    SHA512

    cb19ff8fabf6688500e11a3da32f04506eaa4cadc3e38e825f61c5a457ac8c48d4d888ef126c5e3237df5c069c70e9801eabd8302ff3bb0dad9c65b17d373318

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab9a1ef76b401a21bd80db12519d6c91

    SHA1

    abb2b9dd258f6ffd260c6317517fe5b2c5b5abab

    SHA256

    1113a5dfcf4c62ad47881dc816acee088578d5660e7b743268918ce42ed885b6

    SHA512

    4fd828fb5d490e574d971244b78f38682d0c3895dfd27edff5af3f55ec5cb982a834fc1ea4de8eae4826701c955413466f031fee2a81556ec0e4ef6acb1f2b28

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c29784202f54910a9a52f6b3c059df1

    SHA1

    75e6e3ffdbb4a250b83866832a2bfd8af36d2a56

    SHA256

    c0423168000a3647233f1cde9e57c79ac13a00d3625d4f40f1db367764b16236

    SHA512

    67e527d77de46383816e200f6bbb65c82c1fce4981af34c5a975b38f9fcdadfb212261d690922363b0dfc61590116870bd35b24debd617cfa478b8f47467efa1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    605d20504c9aa2917b603b0cc4d25c03

    SHA1

    3fa1b4914c61ae7f9269d8808fd87953c03f507e

    SHA256

    e90bdcb7b29184a175352f56940189166868c222b30023828f57d1d7a3a194f7

    SHA512

    159d129a29aa238c0f8f7b72189ccea1d257515f5e2f857c8691572ac2648d1add1c7dd608b016e049b0e6bba18c7e658630b9ee71f518b0f0e030524d3e283f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ee13e04689d4b81391aadbcce10f6ee6

    SHA1

    3ba0467661191e02540d350907d5a88782b67bca

    SHA256

    89f730baf7ac95d867eca2a87f92b5946a916064f5f1c9d476b196dc8558c0e9

    SHA512

    22d8aa1bd3b9039d2f5b09c53e5dae411fe346c55636efaaa1fe8611cdb9a05e823c4b19bd52d6bc6a02999531a87ca230f3313a2c3d1b157a779c910b4e92bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ead8fe79eefd6176b4353b37171f395f

    SHA1

    0bbc1f06dc2f44b91792f63195daa3cadd829658

    SHA256

    4d16f4ed85690453b55ada593a90c7f5491dc23bbc1283918234eeb49055bc73

    SHA512

    d939f61b59a5271cdb4d96ddd8f0d40aca6468f80e0d1bb9ff2ba8aee5fdcc80f557b8e514d999d818a5fe4993d1fa0191a017780a1f169430b6e7e761e72643

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7a02903b36f27f781b65d46c321d211d

    SHA1

    cc726701a31d547598457428d7b0c3b6ea41f5e9

    SHA256

    e01f12844afc6b0da16b9bc36073ffdd32b6ffafd0fd84f3cc864c2486714127

    SHA512

    8607cfb490efa30d8c7f0e7b929af877c1c8f5e2bfae418ff7519c98e52d95fa4f5743a88839d16d45491c2e5a6e88ff73614368402949fdc42fba508b810ee0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2d96cb99c1979900d9a99babe9242c1

    SHA1

    de73c49888ce1cbcfabe9eba74795c518b2c6107

    SHA256

    d75c0d8b9d5aa03349bdc82049323a936654778af4fac0afa12234d7fda11153

    SHA512

    eda14af43dd8c752cf1eb2fdf47c5cabc9227d6dfd5247722160a70aeeebb3f978569fd64ed52b8a6fa46870db5068321c968bcab7483c230cbd9fcd8144a0ea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8989d28f985f4e53d79ed1282569263b

    SHA1

    95efcddcf6b5663d23d7ccb98e0e3e134d7d274d

    SHA256

    0a391aa2bae6d06529b80389ec5dc96d5f244320e2b53b70cc95da6bbc2585a5

    SHA512

    8ea5d40f05098a3f1867c55b504f826763633eb1581d2a6089a76903e5d7f5688e1a537d9d9e7b6313d5322d66480dc28ace183f1286c0e293025e2e64657b85

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2ca6950bb14362a29508888eb084d615

    SHA1

    0841f55108ded446127781a61be5742dcd8d075f

    SHA256

    f821cb527d999ca7150362e7b942f57fcd9d1b8eca8156f0d39cbfdc3ebb0b4d

    SHA512

    46e5ca45cfd2fc9689ecc1c389058233799e09ebce4a40eb4ff5431a5214e5e40081a3d6d308a1fac94be1f7e1ef3ccc262f2fa547a3f9e9af75e551ad7c2329

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7528668b6cd02e483059194774fe094a

    SHA1

    4be34b9a811e91516ae6a6c90550b0e9eeda2d4f

    SHA256

    e61f64e5a232b7c8699ef45086cdb71977470aa16d4ce6e7706c7db0363d0998

    SHA512

    b593d8979e985cbbf43d59113c4cfd6ad4302a250588f0fd4a5d673bb14391217bb4e3dbf8f9d2e5000f9c01fe4de4f90697bae15664787cb9ea9493d23f7b50

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ead5fc7d46c6ec11460c4e3fa2d03faf

    SHA1

    ff410957195cf1d1516f5558bcf4b0db98bd5cc2

    SHA256

    671f062595ab4ffaa9eaab0015538eae846cabe349bc0b360431c232c1e0db5b

    SHA512

    18fd14055de52f9717412bcdd14fdaac73d888438bb9f7b89fd22ff785bc8268515a406d644af0a7be6c6eaefbe188d697d2283de745a3c6182dfec9752cada0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4c359ab7cafa55fa74b805e6148e6610

    SHA1

    dad04662662bdc41f84920e5e781ffefb785a06f

    SHA256

    4a186b9e0b1c11f7a273f3e4bb818d2af7ae6e18ea818a0fd7139d4afb164f54

    SHA512

    7cef92b547a90500edf4ee95ab7ef449c4cd1cb2de8fc9e61bd8990eb8913f09eacac7c4e4de341929488c2d9de1d9be23687531430aa07f6d6c4f7ce202bde2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f94d777e9b861bdc77051a024e466cdb

    SHA1

    abb364d95cb923f5862230536349ed5b51173c22

    SHA256

    dca0fb61f3e112c8fa2b6632155687c048684f1ea6362a89cfb72da64cb40d76

    SHA512

    606dfbe062c5896ab732530cd23802b2b3dce4d147dd7c7333955ec7fe74dd4ed0f136759d118e21d2dad0d1f7529cbfbb92e3c79cc62305d09fd946040355a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    01f0f4bd07db15ca8a2002162f74ebc0

    SHA1

    b0fedcd319c133bb27c17fa253897070f4f93f92

    SHA256

    fa9a3c87e8f18d5cf4a130c187721afd089e2b5ac54061768e5ad70a3792abca

    SHA512

    5dbc5050091f374a3d3c3c94b25bc6f31beb9cde5a834d4d755a1cb132ae0a4160eb778c0ae04a0e4c5c992f717ce0419ef92d1c2a92820ba85c3a956053b135

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f0eeafd17a1790be21c26cc995ec4daf

    SHA1

    31b662a14a8f11bc59e52809c4898e6ceba5f730

    SHA256

    3c84b27ee65609bef35e5e01e37e3af0c86ba0f365a6c18bf31d67fb84e0efca

    SHA512

    846d4bc3dab3830ad512065c9af108b82da16d5a6f031201a57ae0c7fc31342293b43e29f77ead9bb90fbcbbd41289e84501d3dc34d47596894f4b45d0a88dd4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4efa32beefb96e05ab04d301c357bd6d

    SHA1

    626ab0452300fc91004574d5621b53928108c37b

    SHA256

    248dcc44920da0bca0c71243774291bab0ab97a4f768c6394f179bdf8448e4a6

    SHA512

    c39bb0aae2e049c312992379baffc6ff7bdee26c7e2526fcfb3dc4b7489d6f7f0218b9281643cf886d35634cb5fe178bf3dcad722f3cc7a1047822657f85963c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d0a5d7bde4a6e9ee793f0720b604e4e2

    SHA1

    2368f44ce58a24682d3460ff9664beafaefc13c0

    SHA256

    4553659c8f639b1b9402656293174b5262565a79d43151eeb758a4fc39ae9c6f

    SHA512

    137dbdb63e4a97669251b380a309c379076bc0394d54eea5bcbfd0c9751651efd34fc0ab2f0c0a6fb17efc1e4492cc1cd84275c18e75a2f7f654e29176a0ed35

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    392B

    MD5

    9456bca7650edd7b5a69b43d4e000002

    SHA1

    ec03018305ff47e89d32621e1ac4173b43ff1efd

    SHA256

    ce792becf8b1ae439cfe7ead05d02e5dcfddc82b8f372185692d4e099003dc11

    SHA512

    74f5630b423052c17f37886ea9732d1fcfb3546ad33f980f16612267fc1cc33afee347523bdc90eb026fd599389e7688ba3bf6aa0d3e68c7ba7ca692c4b09def

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    19cad105c29252fa33f8dca5a67ad98e

    SHA1

    61e1c479c962bb1a1e7f5074961b3715de2876de

    SHA256

    40f18aded0cefc0c358f40e73e287fbc642aad00db141cca3d16cb7b3970c31e

    SHA512

    e470c1128fdd52d94b14e76ee1340f7bc4ef8db7b2e5408d0c531f490d30a9be0b72c9daed335fe7441da40d63b551a3a7ca5bb5fb913ea5cb5095e64f79a637

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\CabAE9.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarAFE.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b