Analysis

  • max time kernel
    133s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 07:46

General

  • Target

    91000d945db51b65778e6ae2c01ee43d_JaffaCakes118.html

  • Size

    460KB

  • MD5

    91000d945db51b65778e6ae2c01ee43d

  • SHA1

    8cec33bffabe726d2487803b5e5a8056b9a5c8f7

  • SHA256

    96e8479ba81cb8ca713f416063df36d1f9f729c63d0c99921b73cd647beab6f3

  • SHA512

    c37bc2c37bd2fc7e8ad0698d5169a7e319314dd43faa89d19122ecf250873ab47d1b426bd25191956257e1e7e50db0ff2c4629ffba492a3b72ce97a98640dd82

  • SSDEEP

    6144:SSsMYod+X3oI+YQsMYod+X3oI+Y7sMYod+X3oI+YLsMYod+X3oI+YQ:75d+X3Y5d+X3J5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91000d945db51b65778e6ae2c01ee43d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2236
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2236 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1236

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b874ff61d2b9939276e5707623e3ea61

    SHA1

    ba701f74c99942976f69773b5dc7e4e5163ab4d8

    SHA256

    f95575e28284fe6fd180ae720b87de7c26abeed976f9a46c59bf1a33ecc69c62

    SHA512

    41387834424678878f10c81bdf06973c81ce4c0ea337fa36e35120338f7d3538ced1648a60d88802b7cad76fea78a2713a92b29b724a35ad63a7ecf288a237f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e7e228cf3d8493e60a92e81450326221

    SHA1

    b92ce7aac68fc0e78b1b990ce66ed38ccdba6621

    SHA256

    8fa7978455b782846e1aaa906cb7f8282c64e2024a7cfa9a6cd4289fcbd1d839

    SHA512

    f5016a70b3ab349ae71cd3df19da6d3161c2ee2a795540be4304217b7177816b6019ab067af36de0284fa5a2aa37cdb478e80ddf8b2d9b289900ac6fe3d5ad09

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    832b4bff2f555c51e51c809610c52e86

    SHA1

    55641416a7cd0c36a2a030601e4546360237e338

    SHA256

    6bf1af16a98161afd579352eaa51a3281030e9d59b4a4f6c5cd2d64d468e3cf5

    SHA512

    9c49f5a8efdb1c39d39af795fce6b602c9921dc1fe9673ff258e68dca32ccc25f95103b3936dda39fa058338e64caa64c8d509187c349f929277cf4fcce8a0d8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e77edbcbc129869a08b6664f722f504

    SHA1

    7271b48aa73bc34cd0285ddbe08c22a2be0180b9

    SHA256

    e35eb31059059ac5e35131b449fd19993e3b97fdff19dac749ccb858b3a0f3a5

    SHA512

    e0f99d9fe350bec1abde945b67d6c49fc97f1f10d97affdd72a4d54c8897af08b2d7e559450b78974223a91ab70bac460e94c117d24ff0446c55494ee2fc4601

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f39af6018d6e4076eba931cc44be59f

    SHA1

    dab14e0b2971becb8b955c167fae9fe2b822f5c8

    SHA256

    3793924f246fbe991e01503d30063e53f823b88c6b06378018c8c1a37e17e6a1

    SHA512

    125cb83e2033b359f94de15731d7719c58752e4dd066d49263950d691449a634176b31e38becc5ab5485a00161e8ae0a772cf114477ce851787589375863eb60

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2df12a0af85b658cf9cc4d1b24271ef8

    SHA1

    ae0c8bd1e8b816550e708b3e52f2a2bf315f24e3

    SHA256

    ccb10cbf7d47746a6ed4ca5c2bf49a5dbd3c864f27c35dfeeec0b10de3f7d576

    SHA512

    46377a26d20007cc98bc360cace7eac4e5379aad1c570c9ff01c91cf83583ec8ddbf66506527de58482098c810e915ec911f07e6dec619c3b99f45c665fe0955

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6b46c0f224add395b3e154a42bedc0dd

    SHA1

    99f1356a449406d8386aed8b2847abe51c8d4c35

    SHA256

    ba145d7139ec603ac1512799b1eb8b271addecedabd442881da9d29b6e261bd9

    SHA512

    aed0fd4578c43001139f249e021a1e550339c50640c2ba3fdd197d6d7ce19bf00a87fa7e7e489c5980e2dbfb6fae3677561ce2629dfa98d29f0fd06fc5ec7837

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ee2aa2bdee4e44a5608602860b950ec0

    SHA1

    953e69968d60f7e260cac258f91f267ed9a6739b

    SHA256

    ec13f389bea6fd13fd7568fe9291790f0c693d0546c81be65b83907b97bd3b26

    SHA512

    52fe167bd330e4e1b88563fc2d114ea26e7d164559e4b94110979f052d4bc78e5a9e935b5609870dceec2d3236caf880e3851b9d31adec05a397ef343b271bcd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b9399edb67e9f1bb719f82da48209178

    SHA1

    25193ecbdbe6e3079ffab9e92c17c89858941a1c

    SHA256

    07f301a80ae5b85c0145fe404d3775450700956aa634c8444e6485173766fcc8

    SHA512

    62aae153637f69a3c9a232001ebbafb4de22601bc8e4028bbc66a6f86902d7b8fb103c75a857d76c52496f56c613fc7c7c08f4bafa13848337b2c02c1bac2925

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    88516f48a0cec5619853556d76af6090

    SHA1

    91a3568d598fb0873f3db183635c47ba7ed2b056

    SHA256

    a004e0f6f035adc072e622eac2aa6028e065d373b092c8944ccd5468b7938998

    SHA512

    25b76263baea7d1a0809a1ff39c34fb4dfc881a229934769940c532aa41af3fe8ddf21646ad6622e38417baf5ebfa937bca4c1867956236761a240a6d2d820e2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    04c937f7935374e4ee06d34f0bf6bd6b

    SHA1

    ef634152fb11ecf0fc632e158b05789783129bf5

    SHA256

    3e6a47f7a2961f5f3c4bc8e34ead3272f46f23d608cd69e8902d0ee795ce773e

    SHA512

    817f973071a66a30f54693283907ffd551c403a96f6668af1189215109e309ed3cacf29ae2a47c307b747c82db47a5cf7d458da2f7c0aa92c990f76b1e64247f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    77681a5d807910f6009eaf17973b2bfe

    SHA1

    69690445ab0c8c8f516485cace60c9d570a77c3c

    SHA256

    7a33782ee707ccfbb93e94861ebd8ed5306155bdd85698e2dc751575c8c3ec3a

    SHA512

    d53a818ac00c4bd5c008023c55605198febb13bb36ea74979e976f0bb56b85a7769ea23b9e4e7bc263b2f3581067aea6a2b5eeb45012e67edca6e4b28809a25d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    09b84c87dea58ce1e27f68ba6933d072

    SHA1

    514f1d69ad3b9a1779811c1427a6a96891dc9a32

    SHA256

    9537aa00db32810bfca12ecc28268c52c0a8be21d378d516f51b823cd1a1be8f

    SHA512

    c9fe97f24730f09c27e3db4db1f76363399f2840bc033f8438db542f37ab8f15f51389a7dd1b741a211a588306b030dc1b271e552e7578836d3a67249584329a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    df56ff4a2dec81fa457d886973705dfa

    SHA1

    bf48d13ec8b101e5ca6992b752742a6c77db4886

    SHA256

    e9b94efd24ef137e19cde87f3774ce84908c2ff7d66f1074302eaa474427d187

    SHA512

    b21132bed030e408c026a33bab21ad09e02e678d5581e521a759582e4503cdd4cc2e6c4870dbdbb2b795cc32b81f6383e84ba75e484d87a4f1022fe93e5e80da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    62c6d7a37f76ae24e2d7605542d9ef85

    SHA1

    1b8de405daaf79e7a84931763e5f83d502683c3a

    SHA256

    0d8009d5c707d96603bf9fa0545d90042f149d073b5e33ba3d91a6bb2fe84918

    SHA512

    d4f265fba67e6b666386adac03ab7ba1a9f2a2bb8b3c96833287ea2bc950d1461e2f7919943afea425ae1eed3cdc290ad05386418fee53b915e2c7e4861f1a24

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a7f0612b79e41466dfde1fcab84721c7

    SHA1

    4de6ff116463fbf94dd95cfa7fc34bcdcd95c6b3

    SHA256

    de3270926958f625970c57dbdf954fbb2d19a614800526b7dc69aa53ce3870c4

    SHA512

    1b78ffc61c5dbde911c68b0e487c93760806a66bd0ed3e724a9498aefbef62e6918ae32d55e14fff840652a0daa215c86826603734828c8e38b7aa817df0349e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3bed987a14752ed8cac07f7ac6c2f01c

    SHA1

    8a42f7083220880a6c2dc257d33ed52295b5d837

    SHA256

    477d9d5a94d6e8e08dd3e50fd799ff6c1a5befa8d658288589651a028e4242c8

    SHA512

    b1f374659af419d44e71b324d51b1aaf6735b651cda403e625428862b2bb80cb795afeea1aa92079db5d1d162b3515726efa832969d30ab1930260d8f9e737a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    89553ad5e0f2fb56a47f9ef06d3423e1

    SHA1

    1291fbc93c0f845a2b08d6b75dfcbbef235b10a4

    SHA256

    31dadf3cf0c092a6a827208cba2730f7198b40e8304bd0b6b21cd03a9e85bac3

    SHA512

    dffd96d08b460fa99623d829833bb3f52dc27fa4a6b22c7eb0a5b970b819eda146bbf152fec779756bec09752a4af46f645e1cecde54ccf3d54636f341feee02

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ef6ce82350dafeae4d761c7d41cd06c7

    SHA1

    2f5ae22b2ec20f2ef738621c5858cde6e455b2ad

    SHA256

    65b80d8755154269184c54fe792c955f7664b740197ccb2bfc5e543639d54ff1

    SHA512

    1afd320b0a1512c976216ad7f680bf01db90c39b5a0fac87eddb777d3e56862215052337d346482711823a75827bf8369a9fc98f1eebafd5604dba08e0257401

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a4876a08f44dd74382c18c9488424ca

    SHA1

    e48696d08df735c6f61879421f57c152625489ed

    SHA256

    ec6984119e985a38700c897b197323217184aa7a6218e7fefd43b28d349fdbea

    SHA512

    070dfafcb65ea9c38f55622d2654ebd5fb35e06a3409a554a66b075882f1d561ec346ceee95d2583bea378b9cb1fc74683591beadf3a5608d30a6e9207b370ff

  • C:\Users\Admin\AppData\Local\Temp\Cab4A99.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar4B2E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b