Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:54

General

  • Target

    91316b87c854967211add47e5e4b80d2_JaffaCakes118.html

  • Size

    460KB

  • MD5

    91316b87c854967211add47e5e4b80d2

  • SHA1

    81f575a2f6faf3c202c9282cf55c13e1332b5c35

  • SHA256

    9b06e5491c2b40b8c4887d9d3b3aa6a88addd2db1a3a53edc1b12aeb9ec4f9c0

  • SHA512

    405329331af871ef11690ca555b7cebeac1776adf03caeea78914d8a9a50fb14a7142a3b2cc586b65ec69717dbad767df7bed48d03331361cbe91468bb797d2b

  • SSDEEP

    6144:SGsMYod+X3oI+YSQzsMYod+X3oI+Y1sMYod+X3oI+YLsMYod+X3oI+YQ:Z5d+X3f5d+X3f5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91316b87c854967211add47e5e4b80d2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1740
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1740 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2868

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2e0c68d3397eeeada74eb06d8c203d86

    SHA1

    051254cbe7c6e1920f139af89680d1257edb65f7

    SHA256

    5bdeef85a18ac19a17b45adb623a8ed6be6882f8c35661d326f3bca2cc64defe

    SHA512

    5d7efc60350855bcbe43388cc5558a4e265188ef6ba4224b7e196ad24ec42410e7318d589e35e6ca1d4e2f1d7bc7f0a039611853abc2b46f491295b6045862a0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    935fc2bafa71c1c0f4b557eb227d45f7

    SHA1

    102b25124ec14a3ef285723cf53ad0500f40fe47

    SHA256

    3625af4a90773a3049e0a9bf5f6a13fe0677f8732de1bd2acb9926df2ef6fbdb

    SHA512

    9aacf7044dfa3c81ab20f0df34f6aea3a30c86bf16deab7f499418ca871a3c896ac9314382e7e48ad7793277a0f11d72196ba25f49ed7ffd1bd48504a9f31549

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    942caa64ec02b34d2066c639d4c09200

    SHA1

    3d9ce03f1cdc512f94b9d67724a1dde00c7c0938

    SHA256

    29a36d5f92630e10c0b6df9d0e06099a804dc9ed8658979f84537a4f38185356

    SHA512

    e382d10ac02a8ce936fc7879550199ded4fc5cbdb4a326175606dde3b0c2e73dbb6d91dd93f725f8ab965c0fbcdde45d93f2391558e0d2fbe72650a83c7a2e62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3932b7aa7b36ee29ab0a97c30d1b0e38

    SHA1

    7865dcf3ac674dca37682d74f3b54699ee8f1e05

    SHA256

    1ea82c9d7db859e9162d6d3427030a2f6cd6de35344d7ec07af1513b7ad76350

    SHA512

    c1006d64beb6f138fc6f57fbe856d62433d0c50d4fe0138b1d2e893c3de5dfdd0e763e71b7d651848be4842e4cd12aec81678169fe936df3e7b205377922bc11

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    535cb5a5fea573f69e6f085c90e2e116

    SHA1

    d4f3335793b00200aa3b7c67d1c8a0303ddbfa19

    SHA256

    b1e5843c1b105a5bc186ae30b1001b52fd4d4ba2e32020c8cef97a0add3fb3dc

    SHA512

    462305305bcb995c3d9b41aa180239c15701cd2497acec8da90be63a9dd3aaae1169fa359f61e8ad9152e036df5d4a0679ee690c0f71e6ab360dbf685a537662

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    554124f41f70ed27d149bbcd7dee2178

    SHA1

    a741ac502c8f0718355992f5dc3fd8290ff16306

    SHA256

    d9b6098972539fb2a060ed8ad2809e1242ffb02589eb837b16ee046c5046c4aa

    SHA512

    08170777e928de5c069babf9ab9925cd7113f32311abbc3c57dd4efda8156ae9c4510448d9d834c0a49b09bf4f29ee8ee4e51fac3c19eaa16191d8f47829dab2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fba87b4fe9353b9e0e5044429db14ad8

    SHA1

    c7cfe7607aec544c95f52245fef86d7b38fd528a

    SHA256

    370b73c308fb21ad567400586e07ba2bd024f58657aee7a38a62e50b37c9ffa6

    SHA512

    426afad61716cd9b468e04f462ee423e6ac10f7183bcec16ed7636af631a5831908595903738f89dacc03c6f971a178dac50bfa20f12bd0845f4c9f928e74c35

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d6b858ec9598cc34950bd4b7b821e4d

    SHA1

    be58975fba86e6f0b2d1bf1a8af8a55a6022f21b

    SHA256

    f39a8af139a0c661621399a94a71c46374da1f12be6875c27c841c3033f8c62c

    SHA512

    4dc77117d375acbdcb59e410e7973817c29b99ebee49fb61be11a9ba9f35824b429a269482c23d30f6a78c478c79b7774c7e250fbd50cc965bfd6c4b8c8739e2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    11e2816c475afcb125021a6b23944677

    SHA1

    3f0fea90b98df1f1ea87ec125700f7d16f9c9d7f

    SHA256

    3e08951d5499a4efa7ed4c352b6c1a39848877ab4ccb267aaeaeec1efc69e9ce

    SHA512

    14065155bcc2e0a98568412100c72bc2c72da4dbb87a528bf48cf05355c3763b9facef22c486b00310dccc590dd1f0bbec1c202ff27e0d1f7b252bab2bf19759

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8f51480ca0b0ca656eae1df572afbb0e

    SHA1

    4f3a51967f7bc305ad86147b8ab5cf22ddb18269

    SHA256

    071f407ddd371e87209cad4f7ad79ab593b9c0febf7c34815245c1c8213e099c

    SHA512

    39373df31000ca85dc21d240dac1587f4c658223c814997265cd1b3bdc829a2d08be832cd692074943a3449ff3f9e7ee79bd06cc7a4f4b4434685aba66a7337b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3af285a7d5af6640c5229cadc908f97b

    SHA1

    892caf8b8ad2be6443d118746e32d801b8b0af98

    SHA256

    0e36045743c1eea0940899984138d9faa49bbdece05fdc9d1c87cf074ed02e68

    SHA512

    40b0787c53491a98999cd48a042da9af94b88c0003e355ad35c190b78b283620907e49981408719cf4ecd2380bdc49b4805b702be3562aec34378ba3c9c5591c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5ff49908a79723c4367fc4668a73eb15

    SHA1

    825af28b89df68a84a863f0bde56948e6b988d4b

    SHA256

    a9edf8c3be5cf087ddf2993dc8df719d4fada0d207e6c43c2094757e3b519913

    SHA512

    cbdd4c14ff9b0688774bbe77d37bc803c9871332c23d8ecc1a419d45f1577588cd7f1d94fb8cb7a6fc0716dc0838976f089e9459b10eb913e4f32bcee0db4410

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fd63cf32774c72ee88a5efebb4b780a6

    SHA1

    f58f74cbdbddd86ebe52ce1dd215d3321f93407c

    SHA256

    b98e745bc861ae68fff5748d12d6bf8a872a6b8e680dacf398cfa828da46a1e7

    SHA512

    5a30e10efaee634781e9f7cfa4098042bc94f595c01960a3c4567135ac11c9fe88b31e889e7d176262f7c02dbe0e3a3762f21bdb2e5a35a6241b6339ddd7b4a0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4305ec2d50b0c1a773c6c293ffc7c2c6

    SHA1

    37c378b196a000b21f992e377dbd2f281d9e56b0

    SHA256

    2b425181ead2038954dde45d36b91ff16d90ea1f6d1e7fee1ae778f12de4ecda

    SHA512

    76b6ceb419f1d8a95b6d848183d1e752d27a0ebe48652db0e60fa654d32042851fe31c520849ad217d64fd0292914507feabf7509034166321461c218f8844e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    157650e36ff843fffe5741c7113b411a

    SHA1

    ee63da2cd29fd28610771e7c89ef0e01ebd69144

    SHA256

    4a133cb17049accc547aaba196f9ffcbe8a878880c381aa963e9e4e36f789e31

    SHA512

    91e63f4c9002f15f11354a54698f74b9be3b6bb140df4b6e32e7c589b5ed5346146784b0c27f91ae1b4d4b96c13409caafb02ac7884171ceec5532ddcc9319cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    de43e08748f24d503e346290991906be

    SHA1

    2eef09613828b2ec7090ce270cf2600473543217

    SHA256

    ddafa212c24e2e7cf09cb130deab2e9b6fa1a3f6c80c15e6c43e4ffae44f39af

    SHA512

    56d023223bffd24d963171295784275a80b7d72f9f5d700f6842461f572bf5323523791962bfdc4f21482ae2a0aa884bc53fdd15776611fe68c9368c3af0c02b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d484a9e9a1cefd1f88f26bd1d687c03f

    SHA1

    92eaaf7c5b7c54ce86b9652d98a6deeb44927e9d

    SHA256

    d50394e9f6f30c10365afa72e63b62e1fc55b3425cd24e13574637513b32082a

    SHA512

    ee3180a038bfe79222309afa52084136f3b911bd8564b3778d343aa4ef48398a2feeea97414b916215daab4d8d9d029674a60e9194e08c029d30003e270eaeef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2672eb17a1a30d9c0aeb207a9a28c9de

    SHA1

    2706c2c7d57d779db0c4a9b68bfb09cc4a26b90b

    SHA256

    9bec60b96cc79e127cd99c4ae9f8a816508b2e104fe8490961a7c41687423a83

    SHA512

    1fea29b6774f7575a942f222790cfd19e295ec0e858b794b32fd22e48d8cb6cc18970820577d7b510002f3c067c6fd26f5b77086fed3eaa1236ee65b16c43ea3

  • C:\Users\Admin\AppData\Local\Temp\Cab3C38.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar3EBF.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b