Analysis

  • max time kernel
    146s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    15/06/2024, 18:31

General

  • Target

    afc8985d6f1ec3b67ed876e47becf770_JaffaCakes118.html

  • Size

    32KB

  • MD5

    afc8985d6f1ec3b67ed876e47becf770

  • SHA1

    5d7295175cb99985fdee01aa89eac4e2e5552de4

  • SHA256

    068e8b1696fbb031380e657222573d130eaff8d968ebc6c5d95da88fc3eec1ed

  • SHA512

    aa425409aabf3abe322a1aef8f13799dea894f0ba9586eaf17a976260611d364531be1d38ae9e97e0f4ca4d8f107438826def07ff1b7e2620e7b4ff142164104

  • SSDEEP

    768:gOiHlMnqn6MNlp2uPKOf+TbGbcu/FhDGp8ysKYp7l39ddTtrqrX41:gOiHlMnqlp26KOfybGb7FhDGp8yMl39D

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 53 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\afc8985d6f1ec3b67ed876e47becf770_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2428
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2428 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2776

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

          Filesize

          1KB

          MD5

          8cae16cf51c742cadf51daae1e36324e

          SHA1

          71079e010faa5f49dfb56d07b6e80410a3c92d64

          SHA256

          aac62454dc9da9f0d820e9c9bd570279300957525cafc95942c1541da846f679

          SHA512

          eeb15c6bd7f6d093a187293b2055e8b7d187ec0e50b4f78a277ef9b2452aba7f668a570dcac28cc9c9fe01c26f41e2ef86a2d32b0cd503f9bbd3848afbbc9388

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

          Filesize

          724B

          MD5

          ac89a852c2aaa3d389b2d2dd312ad367

          SHA1

          8f421dd6493c61dbda6b839e2debb7b50a20c930

          SHA256

          0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

          SHA512

          c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

          Filesize

          410B

          MD5

          c2ee15939a8ea0c8389ee8dd4ef97041

          SHA1

          7df692cee16fc5749e7e4d5866714d1a1610b023

          SHA256

          a536298eb90b9ab966a14db7762e83aeb1b05a491d8cdf29df7a29d17966f620

          SHA512

          c979f1e1c0bb368e5cf01717699c9b58553d0f2b5f11aa033750b7d912a19bd9f52efa558cada6895cee9574a69854c71168c52371cc3055f85b96f663320a63

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

          Filesize

          410B

          MD5

          1b6172911732b0537a35b0db0a003e3d

          SHA1

          fe875f6dd389ae008ce397af13715fcf13278472

          SHA256

          068b9f720bacb4b91b4ce268535be2a2faf8d6e2ad64f9edd4e296714523a1f9

          SHA512

          8e902095df14ff565955930943723869104d02e887306e790845cab27b1da3616e618a22d5d023c994ef9683fea8482f28a66b7953e9ed2b84167537c2bdfedc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0725ddec1793f093f3f24159a04e6534

          SHA1

          752042ad79b1bc7e3958340216a205504aef4698

          SHA256

          95a0865036f6310b6de65e190f1461e6590e0098762fcce00c2b0a4e1a4027a5

          SHA512

          6ab7d37dae575506a0cf8d86aac44f3efd605965382405820c924d0e077466f82609dbce6cb796be32d1eb9d2017ab9088607b7ce9e80e2f87af848c32bcbf2e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          30fccbc3c421a4e36eab65a236fd7d95

          SHA1

          8bf7bd66c7d8dfaec1f88ad205943844def39ddb

          SHA256

          de40dc1ef8912beb80857d1d515599c486adcd7bd9f6f11af4be47aeafd37a9d

          SHA512

          7119c573a4a9ba117a4805a51e7f2e8a21124d1f63b45dd0f059f54257a853ca6f18cbe1384e5b3809ebff050259b3d39f95881496412cc4a8d848a17dcbc485

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d0a01a05328a5a93f3fc2db13826ba01

          SHA1

          4082c089f5ab84a3197f26fbcc3092029200fbb9

          SHA256

          791a386208f3405f5929ebfd1aa2fb218693ea29e16132898a44b8db4641039e

          SHA512

          0c3848ff685aeb03571d823a027f83cf0e9417255d28ac4c206016a225b987e8536600bb80108fbc3c444c7c28d30a2c30de411d1b243a6dcde208bec62f3686

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          77a6569d3bc04e7917f5d277fe5e8187

          SHA1

          a19104760add1a6a75f4734f66c40946ad300dee

          SHA256

          613169b44352686def46aeacfe11912d56123e3dba236866c7852b0e61343a12

          SHA512

          9303fc4780fb0cb0c21674beaf4f5e64ed8f7ab4c2aedb5c8899ce2c179a25ce55fcb0dd1492b8856cb800f1a16f75565543f60a96e7542ca54b44da9f750d6c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bd0a4e8805b202f716ecba3b334322b2

          SHA1

          f304e615cf16b6d46b65e7472582175151900fc1

          SHA256

          4598bc7a3aa740969810e431c177a5b1f2fc35b849467e139bed969a1829bace

          SHA512

          755d02514d539b9fdfae7f721f52885d0f2de0b76862baf7eb691ccfe3029ffb466b2cfd6cb83b334eb527ef26a50cd7b18323b6d35ccb37d0839468d220bf58

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          86b7bdf20c1e5a54966f7f30d781d3f8

          SHA1

          ec7aacd0f8ed2fd72d1a91584d63fb77b176d642

          SHA256

          8d88291285507e9937c2c003744df77eb5d43ca35549b693b85b074e85f4f60c

          SHA512

          74538ae4ec7db007d9be51c591cb0f154d33d923ba297cec1741fe4a7e9b228eb756016e6f0b4a3e415c97ef1234f3abdef720f7645d21a18735bb8e47f4a238

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          51c2c666e83cad0c6c8c3c89b884e3f0

          SHA1

          ecc959f894340f4881c4422ecfc15661b8a5a820

          SHA256

          1fbec8b05fb6b3e7228bd41d1c49df57acb338add8cf23b1813c7051bb6867a3

          SHA512

          2793468b3dc133c1ff8701f1f2047ab8ee6b9a873209d2f62f0e88fe3020ae9d252b726f083cfda6e216eadf44f9f12e43e6359761074e5ad19c2bbd5a97af06

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b4a3e17c53116d859547873b2b5a91ad

          SHA1

          3520fe487bca64dfe8ff6fdfe605e84eb64bc5ed

          SHA256

          d4f497b1fc14791345c9ad0e1fae2efc564aaa1a779124139e9b8ed1392f0a7c

          SHA512

          4dfa81bf56ec261271235a99ac076c0d946d6e4c09894404c04e129dd5ffa1fbe0c86f6ff7c2836f9ad3029fa1aca2c0a4119aceffc884e67a74fd9f5dc91d3c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          57c100d582c3ad8cc805397cd9f4f368

          SHA1

          d97f4ccd199530107ede0af27496a3a6f0b1c734

          SHA256

          04cc4d9f781d04a9e76261392f73997f8620e468df97685a24991b1ba9724143

          SHA512

          c6eb80738c1fedb245e7a4b4c7972a7aced4135046017fdd473867bbe6b2438e00ab42aed78c1f78f3586075a257e642405675e5fc431b6b19916606c26a4c69

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8afbc6a91487befc7f1cee97e9212d09

          SHA1

          d8b308b67478348e62ad105908cb54758a3c5b7d

          SHA256

          06235d72a390145082858a73b9724713bc3e545d2aaa576ee582b7ca428ed676

          SHA512

          c70050ca2e0b15a124f53d5834004feaa5d1772c40a40088b70f6ca79f5ba46af6c40558242ef11af2bbbd01af67d6b60bb244134e67b9134425784421c47b7d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9dcecfae2e9613ad39584ee90c77d9df

          SHA1

          ad241c906975c911fc2f27c0182c4ac6cb721971

          SHA256

          9c61d983b24732ddc5d454b8924f9c3b967124946d9dbb247c7ca47c9ccd27ff

          SHA512

          495690d2667a63fbd0795e854ca9caf5717b7b9e73d39330d9c29aac30b3b1f7da02bd0ef155f638b31460b3cdede4ed4839f200aa18b67a9c97109a0f8e5e11

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3564b93b89d6c2f592842f2a1fd10d6b

          SHA1

          db6de7a8baecacc9436560dbd3d4e31ca3fea95a

          SHA256

          bc2e36b8f6ccf64c58580172157140c30ce0212b715e11be3ce50b59cb684a9f

          SHA512

          caa7ece8fff79f5aadbb0c9b899d3ca576a9b2ffe0882b3a84ab468fdb7729ac30e0e2b8ef74b84842c310b48184fc07d2971fd71187dbfe482659784e0908c8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5f5cc1ba123b1df04fd727462aff3038

          SHA1

          858418b6bad953f5e59538d6b1be71c4d30551c7

          SHA256

          d1a0756269808e390f68e8e357829ad926db31cef25761323f84f079bd7398fe

          SHA512

          451d4f944e0a1d307a202b1380c086cb08c3512290151101dcc58134b27f7685274dd327435d98b11b39ffbedb6d44a6f78572d0a32cd32b21fde8676c5bc755

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1dbbe7ff2265efbee7a38271090d5735

          SHA1

          6b5705d8a36e55f4479e24feb48d0557bfc02ca8

          SHA256

          33718e428edbd6a3bf2e7f333bb3743e79b7ba6e0613e8297e44689e7e3a8851

          SHA512

          2c3ffa25457847fd2f52f85413d5d55c9c1f4586f00310a30175de7e0903764c25ae8be5d2485f3568f595da802ba54eb0d75e0ada1f5b0760514f015496432f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7c1f185ec8d0d0f8682a6373cb72f919

          SHA1

          c234777345f94f9e1b7a270ecbf22b5bc4e05277

          SHA256

          04d57cd43e5aee0dee8a32248a82cfa766a1d4521dfa77556a5e76f96c8b0379

          SHA512

          89e8a57bb96f6016784e536f82cd8cdf5b0e22a9593578a61a7d9b362935917bd34c2df84f03e8b7a6cfdde0bc2072d8ad728c838be01eaa2153fddfe025cc59

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bfa1e3de5071b58f26cc9e68da356ddb

          SHA1

          d0df5fa245f03f550231b021768fc78466067980

          SHA256

          58b7dc05aebc4c11d4ffbc054bab1558137636d5fc7955b762c1476a40424f79

          SHA512

          55e806cfe408403af581c5b2cccb2d4f48d64fa0f8bdecca229487f69a340e2ec8733110d1f5982423630e17750f9df91b7294c0600d4ed57706ecc30735a0e8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          687acc47d51cbc8b6ede4a7e59c93226

          SHA1

          9782289764953729042fd0ffe6d0ed555c264264

          SHA256

          d1e202c0a39f84933ab523a0dea704af65b1bfa54515406afbe50a8dcec1769a

          SHA512

          528ab705f308f99667163b84c9326807e76bbc445ef1faf9e864ee814aafea2f045a7dbbe70b49673194ea82bb8a39dd2113013bf291af39c71091bed5acecce

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f88a2e355994670f9d30bc632d22afe1

          SHA1

          a031a58b1808f43465d259c206625dfbd23b781c

          SHA256

          4b18467a0610d59e64c9639409c8d1cee9aedfce7bacf21454c2090373914b3c

          SHA512

          8f51025ff4ad99b76055fa1189d1aa5dc57e32743f69a997c1f42259691cd0bf6175b3ddd1449b8a667844e72a854453c4d7096b302572ec5498c85087e75ab8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ff3dc28c3c6221116d9f4a28e18cb3f5

          SHA1

          dd38bbaeed4ad6747050a735439a6b391cb46d55

          SHA256

          5b25dc4dc79ae3a0380009891721a8735995fd06169d746e9ff4b6bec3944b88

          SHA512

          bafc27bab16fc538b2b887da61b13e60016a9f413a4d5755101b5ead2108b9ba2ed504c9f6cd9f94bb687ff11552f2ae61376d1c3a02f7d2a215fb10f9c938df

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c25fb462de34101675e5f6d13e7c55b5

          SHA1

          dffa1824da243b7937842fa7c5c848e620df152f

          SHA256

          25d7fed066c56bd307a56fb83ea5110fa78f9459403f64394c3e821482ce4850

          SHA512

          4360525a5d8b5c80411625cc84e71bffd20ea9986fd69e2c9ab8f8fb8da74b50d6f3aa338e04b2e79e3944a9bb1548d9f5f357359bbed7d89bdcbeee32449078

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

          Filesize

          392B

          MD5

          dc7824241d537dfab95c366c84c94144

          SHA1

          b86d2891ec7dda37a05a30ff2639ba73879bafa1

          SHA256

          66ba6bb6145655386b68cf002569585e0c2fefd95690d0d1fd46187d8dcff771

          SHA512

          d0b0c95e783f1eda9efc2db1ae7a46b2abf50161280b0f1c280d0a689b8f020d26fe0745735b5e721fd0b86d018bab1da520dee8113db5396111b188874a40f0

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\XLZ8I7NI\byimagenes.blogspot[1].xml

          Filesize

          302B

          MD5

          ef607ad5073bb8db253c2f2d9355bbbd

          SHA1

          b46294a44f544a76fe39f7960a961cb67ca466de

          SHA256

          bf99a00503a211720b25f3776d937e01ea9c809211b1be1c8cd57e45a9a0483c

          SHA512

          bd6cd24610f32d75077ffbb33938c2e0aec69afeea95444b7199ceaf6d3a4606d781c37d8f4f5af0241ac2e5b21eaa3211ef487ddb4dd55eb6f9e5d6b2140b36

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8DU897P\cb=gapi[1].js

          Filesize

          134KB

          MD5

          f9255a0dec7524a9a3e867a9f878a68b

          SHA1

          813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b

          SHA256

          d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d

          SHA512

          d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A8DU897P\jquery.min[1].js

          Filesize

          83KB

          MD5

          e85aed5c30d734f1e30646e030d7a817

          SHA1

          b8dcaa1c866905c0bdb0b70c8e564ff1c3fe27ad

          SHA256

          8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a

          SHA512

          a5b7c4911b530b4b550838f50ceda9d9382d86aad7cb4ff13c897c269bc7ff350ccf01487534882f294749bc19f3398f0b338e1d8b03af3dba1ef382168ecc9e

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWTP8BNA\55013136-widget_css_bundle[1].css

          Filesize

          29KB

          MD5

          e3f09df1bc175f411d1ec3dfb5afb17b

          SHA1

          3994ec3efe3c2447e7bbfdd97bb7e190dd1658f9

          SHA256

          1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617

          SHA512

          16164d66d452d7d343b1902fe5b864ffdee42811ee90952cbfe9efa9847c58c0403f944c8e29db2bc2384ccd516b629cb8765e5e51de37da6efd75962cf82530

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWTP8BNA\platform_gapi.iframes.style.common[1].js

          Filesize

          54KB

          MD5

          682c26af19b240f98d2cb951721fa54d

          SHA1

          18e58b652c7f82a55ab4b1910693686049e25d62

          SHA256

          96428f0f585a874c185d560538ad83ebfad0365d760fcf9fcefe80add9e3c980

          SHA512

          078aeef086271b7f9cf0f6e3a1e7908d7e38465a1a7a4de6f2a785147e9130551a2995e80600824da9341d58e5425d4505518e90eea9ffe1c64f4f41825a9660

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWTP8BNA\small[1].js

          Filesize

          8KB

          MD5

          a41caf5294227669425cd5135a26b2a0

          SHA1

          a26a13f88c51c37b58fbd8a6b444e9b9150fae16

          SHA256

          2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

          SHA512

          d51f73568d401f35fb68f9a454dba95781bbedbfcf85a5c366e9f3f44d42950b846f896b14d6d297bdba6688968b937beb5e74eff160c73eb91f49b71103ca8c

        • C:\Users\Admin\AppData\Local\Temp\Cab58DC.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar596B.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b