Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 13:15

General

  • Target

    a5ba640881d421036e8d0406639ddf42_JaffaCakes118.html

  • Size

    83KB

  • MD5

    a5ba640881d421036e8d0406639ddf42

  • SHA1

    ddfaea695636cd05e052003c9659ad09f9d3070d

  • SHA256

    432a15898b87fe22a113610948cbe48cdbe33f1ca5b2077392b395a6aad6ea36

  • SHA512

    3f5f3a7a72e5e6ff3fcde630dfbd77ee31f94758ec59763ea1ad0e74b70de30b0a632ee3437c26ee5b4c6b6bd7707a70f6da2b0767ed349d884b3913ff34e07a

  • SSDEEP

    1536:FR12AcZ7GLqb4xi+VNqEND6otwMeMCTf4nnu5/kU5p3lhps6opf7D2qDQSUYfLeO:UAcZ7Vb4xi+VNqEND6otwMbKAnnK/kUa

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a5ba640881d421036e8d0406639ddf42_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1908
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1908 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1388

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    59ac3b52f3cae9c41232622dd31d117b

    SHA1

    9b1d0a5a72ce94636cbb20b95e0d73f6d09f4d48

    SHA256

    f7a57af34a322cca59a86d304f8e5d783cf194722780599d12cac9934e636756

    SHA512

    d3a3084f7e462e61821d62d30a483ab8485c6990d17e7f9300a6cdaee7ba8403638e981fd0c6c8baa9f0d7ab9918458dccf21ebfd2aa1664e47d982115f8cae9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eb73f29d73665409ccf925765a993e5f

    SHA1

    627b232e7f7d53fdea52fbf67855bd694a470edf

    SHA256

    62b7dec976ab3a4a22f3cafe26dd37841fdacb95e92b45dd1b455d46288baf4a

    SHA512

    a504c8bd8ebd8f5ee7a2b5364a84f0bcc8c71ef15e6ae131b45de2323c8c042f3fdc993dfd3386b19283ac1d96986a2b9878e70669f4c7d73df68740bd6fd508

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f8023aacef4aae018f52948f643bb244

    SHA1

    d54e2d86b51ecf103cf8112481b8737f291134c4

    SHA256

    53fde7d65f383a62288daf236060fa2205089272b87a927edd4c55e24f13b715

    SHA512

    e8338f5b516ede13dd3fb282b2c85bbd6438da7511530ec419b2bc82d7b242d9b7fd631c6438bad1a601dc2fa0c2d42597b54353e11ba94f446cab93e96a595e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0a37140907cea3d7a729c6d3976e2e0a

    SHA1

    bcb5054f8e9abb58556d79fc8dc7d5eb2515147a

    SHA256

    10fe7ef1a17ab5a9bf1bf81147da5693de2b9e10ede58e96e609368f08500ec0

    SHA512

    e1aa885b20758e4a7f6b5c80f7ff430bc0827bf18cca3be533d098532dd140cb518cb9618c528c42863dfd77e283ab609491fe5c31175fac45d14d8d328f7668

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9a7fec38420f3f3588d0a123deab9c6

    SHA1

    15bae13a5cda06d9870370cec133c30a0c3b0ae9

    SHA256

    e6d17c2b48ed6e898b3730031153cec5c27a86d2a1be85b39f926e2ebefcc739

    SHA512

    5ea9fceb6e289ccdfeaa9a18a5bbf5bb51fceee9aaeedc3926f4e2b6d531988b89be295a821e00ca89dbfb1acb9a3d3ed75ef05beec57bff77a550d9b019005c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9af7a0b55ece95cc6bf6e1d4eedb9801

    SHA1

    6a0c2a54cec363690121262a1ae3ec9ed0ea8ff4

    SHA256

    8a1aad6cb37be78bcdcabc29e7792daceb1d3e895e31db96d4315f9251ee549c

    SHA512

    e7c9f2aabca1bd38826a69a15a83b722f261c066b5f79a6d443b157a3ef6160e576710784acfc03999ab3bd5851cec28c5abfd994c51a92ae38bbbb9d79a0f70

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fccf62bfc23d7b0651d21036b84e2e7f

    SHA1

    4fe2077867a81bed7d5ef49290b3a10350c4c3bc

    SHA256

    cf61af8db59ccb284e80a09a9f07e9989109e6e455bca8e469cee7b47087c2eb

    SHA512

    6b9674143a7dcbd74f1682c8dfa3bee5501bd3f8962971ab8f587bf986b22c06c925d63fd3709f77b47a03021b706a56ad7abf1d59901c56229d1c6b340607da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8f54528a20cec791c8f1e19d6b6ba01f

    SHA1

    3e81e1feff55d291028522cb62bf969be510d8f5

    SHA256

    f67e19482e27de5f93f7a1d61a64037b012934f1e4596252d476119df8badc61

    SHA512

    d7f49b9a6e1fda64251bf641ea5b5fdf1abb2fa6814777a460d3d47f5ba4790cf035d689602154056e6f2d081282cb08a0856ee4fe94b27ff32709d465cab365

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    50e6db563650f9b44acf576a8854785a

    SHA1

    20965929070698cf71d3e1f70763b5050be49696

    SHA256

    1bcb61e4c134e42ceb5ecac9e4459231c0f67482368b1499e9d8d2be99d3dd4c

    SHA512

    aa1aa3397d17b0106b799c14430cf5122f664000fae1c29df92b9c89b1cbf4e20284637b93b2a2d213e34efb1b532ce7b33e91d840bf1dc3bafd30568e472036

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b708a37e1ce6ab4644bbde43e07ae5b9

    SHA1

    9695826128f71fbca29560a9e8013bed59241f73

    SHA256

    816ef6aba958309cc06c3d10f1eb66af5d3c382a139337b28cafddf695d4e165

    SHA512

    fb630c61e4c7b0703ae479698b331a145c3991736a603ee9be00e086b463d3151663943d5a9a521c755b46df92db824f8491238d55a25f981861917b8e733df6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aff473f87f7600a9ccbd5e2f049c9798

    SHA1

    11fd278b23b459fa31571afa8e6d47329d0875cb

    SHA256

    8d6a4459f84d4648d4ecbf8ee49c56068a52cfa0caa865394ab27f78da9c3c48

    SHA512

    91462a2ec065a5426dc8e5a2841b893d9d7112f1a3d05af4b652b0b0507e963c1441da996369d7483257220800a27007cb18f39216720e6f19dc30dfc0fb99ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b5772ad4a5a0c9fb1f603cd1106d5f74

    SHA1

    f94f693b2ba668892411309f8518e4768deea323

    SHA256

    f5a741933cf2f8ef3890f192b744a5e27e174642be87c091b575ea334f7f55ce

    SHA512

    428f713403dd712e1a0f55aa349d2cdec06434463f1daddaccde6fe96a593b0b3044d32820d9d18088c5c4ebb22e5e86aa6fe4c87ce524ce0696a2969dca6f1c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f48df1cf8d6291e6d8a4001752fee575

    SHA1

    324fc330d01a5f4f6385cb1a55e344c3785cb59b

    SHA256

    f603171ec5122488ff332e2cd51c5b658d18a00c6523213be15665f3bf231563

    SHA512

    9b2c4cecdfe15dbde8d895e045d693243f9d1b3f56b0eb794d242b1df56c6d6f51db006a0ef07df85f2a777cf2cf82ebf084a1f03e4634a3205350645cd39249

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    893dd70725937ef77b167bd764fd856e

    SHA1

    fca9eee5db9530419403ee83e0284bce4592da05

    SHA256

    8a5afe3edf6c8a004d117d89c5b98974be4779d2b2179702344813d1cac81465

    SHA512

    feacd143fe281222c4c14e08db71540408b6a9be210fa4d320c5240f3e23ceeefbe11411bb981eb44e61502caaa2946510cfc327613238504334b055b22387a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dd97f1be1af740117cbe9cdec0628300

    SHA1

    d92cf821a4280c1744b8b1a50f242a632f38f432

    SHA256

    6b73efd62ff7a0c2fcdd10a86899671b4702282052911f5d55ba57265baa52ac

    SHA512

    56a940d255910049a527b3f5eb55430b82a96032d3897207b3579a86c98bcb27b2815d877cd37c6cfc588fbeddb189250be6b6ef448407a3f3ee5c852162e966

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3e6b6988d63e1120cf426d8eb78ddc28

    SHA1

    d934ab01b4418ff1a05bbf17ba3d2cbaacddb13e

    SHA256

    696262df8740edd4ac1e6225a58c3e5b9eff8458e5872ab49119a023423db449

    SHA512

    ab6977a980ee52145f41ab68d9f4f938ef95826afa7b92d98210f334e41f26367d0a1c96cf62e24bd26c4951ca650fc255b4353aff60c166156df7bc3a314751

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f4f837c5f3ea3d645f0e8c90dc127be

    SHA1

    b6f56bce57d6c7d4749a9d44000039972f4e3a85

    SHA256

    3336e30d8a390d03c046cdbe36ad694d838a6fb1a7fe471b36590d4a371ae952

    SHA512

    0ad77a5958f96683154355930fcb29db7ef03eab794c271b323ca1bb40e2b434af4be48f1181b1c5056baf7dce050f7d1ed4425bb4fafa3152110b0610d275cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f3b0f4f40a831e2f0330f8eedace9642

    SHA1

    468913fd6e3abf46455be77badd35faf1eb701c5

    SHA256

    42b0064e700341f345efb8c358336accac4192d129d0c54fdf3963eb1bbc218f

    SHA512

    494623015f4a425f464ab40d345b12bb72032178b81a37a67c147c9ed52ec288d8c5c14eba264be2664e1bc2566a5c86ef696cf9d896ac810d374a87b4c8a63e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    92f7745d506a6eaffe3a0b6023697b7b

    SHA1

    707e860db2e7b7daabd1da48e265f413742a4819

    SHA256

    39187d92fbefb7dda5d924199e0e37f661b721820ce697fe94946e57d4ddbb51

    SHA512

    e9ed8506e38a64cb520003c08db66cb994579cdf27fdbcb7db37ce4fa3e8984a6182a01a5205d955f5d9306486858740048f047ab9c01fc6e53d595af7f69aba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    357e0a461a4948119bdc23ef4b308681

    SHA1

    d4fbcc152cf3d7323d25b64c66f8ac094d119381

    SHA256

    89f6ab08713a1a64ba8410df5b9a603dcdfcdae3659fc8767eed4c179b350315

    SHA512

    c837d9bb320dd7e659fd86be1e28766f59d2ae8d9081c6ac52744b6187822b37f85df9da47267612412ee3d59704a055abdc94396ef3f8d0bbbc3dcb63235f6f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f9cdf235f05183db293682524b8683c9

    SHA1

    262699e8b33bf460b49eb8e5609cfb55cc2a495b

    SHA256

    213aa648436eaf3e7f74b5945b220058bde5b0e0c94865e93df2ba94e342bb22

    SHA512

    264058fbc9b1b92f093f680a3f31cd3de3335e033405d41bf765a9d6179df5db1519e3334db1a67cdd1875d2240ce4e0f33eeb955c40a33b8df85d8249fc76d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    658b4c9ff52350b5875f19885fab46a6

    SHA1

    d27794ec96e18456b264ebcf02eb15dd14e7a7d2

    SHA256

    54e1bac05420823bf3fb0a774077220785b31e958900022d5559d4e2adf38b3c

    SHA512

    32cdfed46033f43f26cdab7c198a2fe9f69cafa37adc9e2df376c2a8f3753dfc0572c1219b74a69ef2470c70fe0c4f13edb6c717f5a5df3ab49b976affdf5676

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    78e675d81e0895e31e797518a97fe297

    SHA1

    9b9abfca7a1f606a4412acb41452781935fa2857

    SHA256

    a9529157c42dba99afa9c4df4d4c6cbe958be1dddd461ffd52e1428bfdb3d1d8

    SHA512

    65bf415ee076e0fb80329ec7781370ad8085352483e2b0aab62ca89f87c088a708d8710e0c0fe73dbd18124e61012f12715803042aa63636d43f8540ac599673

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    577fdf46f30c198ed9c9f41f48ed53a6

    SHA1

    c594eff87f78ebc1f0e766e12e10e683bf9eeb6f

    SHA256

    7e6d2426a8330813cdd6faa6c57b0ca298bcdd4825118f75a058a6ed01d5dc28

    SHA512

    d6c7059f9116041b953cfe2f5142fdc1819ca6c7e5201b421141b9523561574bc29e15c74135ec5ab775a20d69d08ed78a2c9038647d9adab6514a6037c470e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Cab11ED.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1431.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b