Analysis

  • max time kernel
    143s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 13:31

General

  • Target

    a5cd0b7a094da7ed3504a61a44a26022_JaffaCakes118.html

  • Size

    107KB

  • MD5

    a5cd0b7a094da7ed3504a61a44a26022

  • SHA1

    11d67dea0c7db208bed8dc2e33ca7cdbcae01e41

  • SHA256

    adbea99e7ce7e16b1b8e2c9c0928b2f488b0fa2807fbcd36a61cc0ec0b65896c

  • SHA512

    6a16e3b0718a13f1cbfc854db18be3ad1ed15dc7b5bbd33e194b818f14538a8f20c32c0e3937419815d8e337d3d59b5b8ba86607e966cd2f2eaba56df15f456e

  • SSDEEP

    3072:eZE/S5H9adH7NpQiGijZGellDCv5C+ZMtX+EdzYM:eZK70iBBP

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a5cd0b7a094da7ed3504a61a44a26022_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1440
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1440 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2840

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    cb85f3fcf86ef0de7ef258539cae87de

    SHA1

    c73288fff07885a62f8c7033b348863ed3b8cad1

    SHA256

    7430a96d94b1faa5363b7656b323ffa416fd262e0405e498bb143dc93443963f

    SHA512

    dc152f2e8c8f7e316e84f7a1f3996e02c08d582d6d0e40b8bf7171e359ea952a80b7452e56690b30fe98b4655d4744e8529a930449ef1cd853e377f86294b2d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DACC52A1882A05AED14688828CFAE295

    Filesize

    472B

    MD5

    a4c3e4b3f212ccf9719236eaa8f728be

    SHA1

    e017a18974a9969ca60ca2499ac54b464d91a2ef

    SHA256

    0641546fbe6a6bf201d918796cf5efa992632208053037f369a6173cc2afd39a

    SHA512

    c4c229eec604f4022ab0d439eb8b95bbdbb554d809d4571745957f0da5dc740e4ecb13757273b9dcf9f431a5b1ca40d53a539e2ccfaadbf7c161dba6b8b2734f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    f445bdfeacdfbe0001976d22ab0a4b37

    SHA1

    a1af11ac5abfbd15d024480779b430eb6be272e8

    SHA256

    248235b5af92d64019750d0bea84b7278f7130eb2e22657bcb548e36cf91e2d0

    SHA512

    c6c015f014bc64f6425d6b7f1b46f664b9bfa8377f21698aa15f4c0f7c0b87f548ba41fb905abecb4572ff0e45d357798591058455c7d7eb5890277f3a47701d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    0e028ed5f33073b939c1187b7c82984d

    SHA1

    8daa32a794eb7176be7e816f3bd5c3cc495b22e4

    SHA256

    14a51eabb319f6d8cd12c2b407db6d6d741ff47c9aa0746cd20628344d941bf5

    SHA512

    9063637993d01179f0efdc6edffe2da3a2a0eb320cf76939867f4721b5087ddfd0bdf1277e0219c631fadcfb9765ab854cdc7dac659cef79133a6cfbcf311791

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DACC52A1882A05AED14688828CFAE295

    Filesize

    402B

    MD5

    e0c65ce11d1c0e71c9abd43fffc429f2

    SHA1

    f882922323506ccb6555c10123a4ee1c2cdc1e3a

    SHA256

    45ce4c65f1e5057db5ffeedf6c058d01998f3e00552a55600e57a438efc496cf

    SHA512

    f2fa5c312885561f9fdc8ee9855913f7a0b893c84c1e487bf338ed033a8b0e29306936c71509d707f4c1adaa6daaafb5c21d0dea150fcb9e98ddc3db2d13f4ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DACC52A1882A05AED14688828CFAE295

    Filesize

    402B

    MD5

    889948f69507ed4fd8cd5e6e734b023b

    SHA1

    676ce0021f3e79dc9547541ce1f3f4f389eec7ca

    SHA256

    a7618269f5ea73cbf534b4b3c08d1f9bd498ddc20d7460f22585ecebf347b1e3

    SHA512

    c1355db574a7ca00e805c24d6d813d531ee41c19b6d70aa64fd128c6114b7751978cd67985be1becb93da3c3a5fb09a9d0a78e9b796a7963eb179f34d6d21034

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    820e56c693a2b9d72cee049655119f41

    SHA1

    b4cc248a5dc2efa72a253877567d04844bbfdaf8

    SHA256

    deb00a7f5f41bc50f390fcfdc7fe08d5fe40c6807213ff67689a54b494819a31

    SHA512

    7bd5ac6cb467e11cf64d5758df5e7b0605991c508b85765cb3a1a0c0f7d2c88a5394c9eb2a2192082366cd6aa429e8234ba0cdb38a3bbabd2da5230b73165807

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f1f6509db20103d2574c172eea7794ce

    SHA1

    014179ed4274e75efc198f862c2decfc65b7efcb

    SHA256

    4338fe18e17f40faa571161b77c3fd91ff35a60c2d52f4337cce878ffd95ccc1

    SHA512

    54d3f3ae400f2ad2bf334712c777dfa4e25c10d57cfaee99c0ea8be54d0ddb4702f610b77afe79e82e80161cd982d367d579624a3dcd680e7102526d05f580b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3693723b4d67f1dd64f8abd5e287a121

    SHA1

    796b3b9830edd88053b79c85ac06350f8cdc35c3

    SHA256

    6ca681706c0eedd6db010905542dbbd6c0b22eff6592c0c7a4600f04e739343d

    SHA512

    b162c92f3cedd3e08dfc5d42585c706c104624ca7e2bbffbea285026f159016de2d63eff0bb6e7237219cdd10c7ac235324bfb923fbcd47a62e0654c8b2922fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2ef607aa32eb9d8a080564f0e7b87439

    SHA1

    e817179152586083610f9a570ee4a8e637a08af6

    SHA256

    cbc17a7cf74eef25ccb921244bec92872a1381257304360d6227777167644f12

    SHA512

    c2bc650402994a7f8068748ddc55ec6adba1cd7efbf819ed49c11a34d2a5852ce15c621bbbdd21e8f791cabd3f26bfc299b3ccb96a8bfd0c36d2dafc4f9b3dc6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    106c525b02daa2097de149d7047a7fe5

    SHA1

    db19fb768cb7b716f99658c673b1d14e475c37e7

    SHA256

    f98980b748ed93512f092b3a75f83a9ff9717254d45242ab80629832f477e60e

    SHA512

    389d0befa42e1e35222b7ee78ec79413efad79687f18a19485fd82516d9cd04c4628e313bcf35ee85d39cd79349833615260d0813307d56d3ec88161ec71404d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3dffb80c780de63fed6714e48fc7bcca

    SHA1

    e240c7812e4ceff27497a18049a9947981e08256

    SHA256

    8ec135c47f4da79dc484c9b94491b8983738d1525983fe454b04e175a21f8282

    SHA512

    1f2a72c04f8198ed823e8b9675fabbe1dbce66972c8bbdfc4ce669986b122a831cdf2cc44b97c05f8c1f98f3f4e0d1eb9f0ff27190752f00d893b917e2a99a88

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    51ec1d3a0ad81b51e3b95ec494bcaac2

    SHA1

    eea1df9d0f06158c42c0282f08e817d442813634

    SHA256

    12323f70b4a538123a45c59a9ac6a5311a6c0f8aa053bcb97dbdfba6c799112d

    SHA512

    acfbf1360eb9d394a6fbcb3b87b86b34b9037fa5f044b0010faae1cb1ac2cf06b469e2ed56a617b10c03022d45ad8d35c6d70f731250f8c3048e97dfa1e8139d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2469806cca8aab107d962bd4e724fb0b

    SHA1

    eefe1537ecd08be97290da86ae2f1e264496fe39

    SHA256

    1aa5af72e5e6794984e61070fd382958328d7840cf7bd13930bc3715a5872f33

    SHA512

    108dd2f64621e7ecfb21271f7e0cd11c46ff2fce9c5d8471a468d5344f73e1ae4855402573c68a9dd000754ff9c477f9f1dd5e66fe9bff4ccc7bffb4e0ad158a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1d02e8dcdb9ddabe05b95154795dd180

    SHA1

    dfe09e88fdb3cc7d0cc8c8f82acfd8c7968e4327

    SHA256

    33bd4380c5832217886027c51a3ccc2ea6c2f3f994d19d724746f5605ee47ec2

    SHA512

    b8ff6f6c8dfe2639c47fc99107ae15d537cd8415d43ab4f5b6033d4f77791e95fd6f83ab65d4f267b1c299643788ffe8cc9b0534843b431921df9232d1e293e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bbaaab197ce3b574c07410ec2597df41

    SHA1

    631a887d37bc476640e7c30ce0f3aa3dc16d93ae

    SHA256

    932493b494b44b47036b723e4cb08f63c6b4fe5239248acc558899f45e9c6805

    SHA512

    8fd1fbed47d63a767e4ecf64109a145d17fb254bcefb82a47f6c8fa7674c84a786929045b77946f5631063d0705ed52f06a67e7e47307e864918f6ed63c9ccac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1e8e6b349ddeefb4609422b4f414d5dc

    SHA1

    96415d14a7e2046e4672a94e08a331b8ab7138c9

    SHA256

    7be83c6692d9893583e801a7fb2fb70049242378a99b90e28b8121d183cb2b8b

    SHA512

    8e36e75aeb067692feb040d23d52a1c30c7b168b42cbd1d09818915df0b4e33755e8a22e49a0c6d4bbdc7652e3448603e3cb785aa77c28ec9781f1b133310ed3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8558074678be01047d63027d43ac8fd3

    SHA1

    18773eb3fa41c076d569932e2aeba3ade6301efa

    SHA256

    27909ea084fa1da0526ea4d2053e5d7b36acc2ba3606e2d921b7fa5875c6f4b6

    SHA512

    ffcfd7208de9fd337bcf50af8a452fd38317d9d569e9a3a998cc77107e19511a6bcd7635c8b47580879df179f06147e3636dc4dee4a761575776213964f7a930

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    21eacfbe410a2ce46672bfc19faf29ee

    SHA1

    b0cea4542680c15868cc8a4151839b7018bc236b

    SHA256

    e92f49f55b763c524462b0f0b6d355fe272f5d675a2290a91857e61bc695b3f7

    SHA512

    5c18ec09794f51968575b5d572c54968923c5eb3dbbb18f6037bb8c8a2eadcd3ed417010ad7152cd855548194d62780f2a37ee6f7bac682623746b8e80e66b02

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    765ac0aa06b12c6296f030cffd1a25a7

    SHA1

    ba81dfaff7fc0d05cc9bb1f43128c7e5b84d2179

    SHA256

    ac6d7e7016a88ff2970af37517483ff4a7a81785d60b7ef0a2d20e0f422f60e9

    SHA512

    2fe35350a2202460570e1300f53baaf4d5addcacdfbf95b2b6fd33717f090ee4b41fc82dd6c980c4f826adf0a0ddc1794b5798823e1e9a1d95600ebef07bc7c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e996a345ccdcbb9c5000f4925baf4e6d

    SHA1

    4c81ebd7aa1645aa63d08d95397473b85940f651

    SHA256

    c2fb57f5b01e0960ef3bdcbf9b5afd3646ed8c93afc5c2fac83ef65acacfbeb8

    SHA512

    99621df18e95cf11ad3173449ffa9c4b25196e26399879f2170646b6a849c70c2c6df4c13e47329d3f531284d1f780fe2c52b26e6f8f436fd996340747aaa6dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d617afee18391d5097c5b5d258071391

    SHA1

    37f594d0239a0dc046cea427933dab211b80f682

    SHA256

    b1306b9c7ab0fb44e0da7a917a386035a8edaf21004ecf9d696b28b736e9eb0a

    SHA512

    453b8d56765f8b24a13b858d0fe3ba230e224110aeb4495994fe729075db167f35e5154426de2ce80534f3c9966a367ebd1397787542c44b1f6576dbbe295bdc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e449fe69c11ba553db6d356b80233361

    SHA1

    9c72a937ceac4c02323dd4ef3b74186a3aa16215

    SHA256

    3dc2a23b9ec1afa5ef2cec09f497eaa814b128305d78dd77b3a1fdd2e2318e39

    SHA512

    6370db3e947a9a9e270f73cfbcbb17a46fdbfa3ad5df20747eb1afbf85e4428fd34e14f3e9b40d2aa5fe060c8831c2e55206a199e685d19a91c84dc23ef787d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    af029fce1d174a23153b84e12f3a58c4

    SHA1

    bdc7c5efba6a371a6ecccddd25a297ce71202c8e

    SHA256

    7aa54af2c0931ceeb623deb63cb9bd02defec440b0774994fe3edf9dc4746986

    SHA512

    0d41e423fa9e5bc5c7fc4184cb35a4cb78e48b8f1576205223d0089f0858027a712ea7e83aedcd7d0bfa42ec8c0025e893f6a8dbed6625316a80dfd47e7f3bcd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9b138d434ec89f800fad05d284919e2e

    SHA1

    7a8c4ba7311db36fd99061a144af0eb7904a179f

    SHA256

    c5c5cb49ff4fdf09324f499bbf7a844e0cd604a6220f282cc79979c4d88f2746

    SHA512

    ef4d00dba0029b6127a52cf0b2bfb56dee8fbb8df059c2751319d49ebfd0f3303c0d122375a8db88bfd64d8b0910a30c8111e926116c3538aec1c7dea518614a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8932cae48bd71e8201dcb684040b4e83

    SHA1

    55f73b888ebd73abb5f3335f1a039ae0a97155f5

    SHA256

    1def2151b95f5de541f0e5f711596ecdea155258d850b7251d54ea1102b5a2e8

    SHA512

    695a99ecc56624ca763930ed540e8f178ce41ee9ca3d83104e895cce187ae89ed5142e2f30a9dc756c4cf218ccbb58f856a5c0db121c4be144c52dde8bbbcf27

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f2598ddd3b13842dd09da340aa6e2e7a

    SHA1

    8b77453516bb11444bb35067b9498508fd5c847f

    SHA256

    1bc6d7c15029b5f8275de5caa77a67eb5f2457844e34160d8a13c0ca8101de63

    SHA512

    ac13673c410cfa38f06758b60bff64bbb0689634f2af88013b376f1e0dc285a01d3bf50aed57bd4aa849c50a75e93bb2961b7cb3920cbab6bb1fc2b70ea30e8a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a603d99a6114b0d82b4ad8d38a3b65b5

    SHA1

    479c3ad07f92d4b5c8f49ae87b94ccb88d82a161

    SHA256

    7fd03437220c4af0c6b3940bf8e473d4b84ce9b3232988fb2913c30deab4bdfd

    SHA512

    173de164552f7c383f2e40dce37c20534968c9becdd645e067cdc0e19675c0821b95781f9248e6910ced93da1f2dbf4c77642c46b8d8464a90df47e1a5aefdcc

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3JK00ZJ\cb=gapi[3].js

    Filesize

    134KB

    MD5

    f9255a0dec7524a9a3e867a9f878a68b

    SHA1

    813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b

    SHA256

    d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d

    SHA512

    d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z5LT06Y3\platform_gapi.iframes.style.common[1].js

    Filesize

    54KB

    MD5

    682c26af19b240f98d2cb951721fa54d

    SHA1

    18e58b652c7f82a55ab4b1910693686049e25d62

    SHA256

    96428f0f585a874c185d560538ad83ebfad0365d760fcf9fcefe80add9e3c980

    SHA512

    078aeef086271b7f9cf0f6e3a1e7908d7e38465a1a7a4de6f2a785147e9130551a2995e80600824da9341d58e5425d4505518e90eea9ffe1c64f4f41825a9660

  • C:\Users\Admin\AppData\Local\Temp\Cab6FE3.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar6FF7.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b