Analysis

  • max time kernel
    148s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 10:34

General

  • Target

    91767d347b10695d39408d9e43cef4d2_JaffaCakes118.html

  • Size

    64KB

  • MD5

    91767d347b10695d39408d9e43cef4d2

  • SHA1

    3a243627e8642950e6404e815c5101422b3cdb87

  • SHA256

    04514dd7f9bc57caba4006f5b35a9a8b2578247280408090245e08f42fddb331

  • SHA512

    82b34d2295f786527cc49f240db1d4443b5088805375d9f2a0da6ca865d30dcb3b1ad71e8081bae26891f3056c48e4fc2de5f36ad45b17e9fbef53f1ae5147f1

  • SSDEEP

    1536:S+KL1jSUr+vL5d+0isKojT67SrH8YVHAedOCX+Xt/JcSshv7Nx9tqRVAtR69DB6z:SKTEjLfEbNI/7BWALi

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91767d347b10695d39408d9e43cef4d2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2928
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2928 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2932

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab603ae3e76f5a85f0486a592542349f

    SHA1

    79b1e0449c22e0787fe26c0c65f483073fd909e7

    SHA256

    362c1e34aaace888adb4c0cdde62d74a896382681d1a42dc7a765e9f0b08bcc2

    SHA512

    d44555f4f818cc4261f042c034d4a60eb243abeb6b42a8b27a9bdc4bdf7a3ad8621b4b18f7782606cba774e991fe73df78f152e2ab634366c2ccb4acb3ae43c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bda1697b268eaf8f082346be4a38b204

    SHA1

    582fde88e7d1b06c09400320fe53fa19a6815e5a

    SHA256

    ed21b558b1400eb3ac628abcfe60dc5e8a5be51f390508c285b7dbbeb991a1b8

    SHA512

    e8b6cad671acf9056fb7c928b763faf2cd40bb327e3e869af7f9c9f1bad1b41bffa4504134e18482f7cc8fffb4fccb45ea31d3f83badc6b34c0565169455ea13

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    540a0dab3353340a34fdae295d50a192

    SHA1

    4eb69136746c711c47154742050b4deaa16a7fdd

    SHA256

    ac47308ccf2f4668c50dc09d8336f2ff78d8b2527171c38600c0f7c00837c582

    SHA512

    ab952cbbbd0abf62848e7801afc3f1d470e49364038a871ab2afc53b7ac98e26c3a515de37e2f6c644c99fb66ed8c7ac6e1cf3ecac5d37e0ef5031175b988e84

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f00c3ccf30079995e533080008f6d802

    SHA1

    4697d93a840bd5cc66d45b0b9892f96ed9606d68

    SHA256

    8183b5442e62527a163313d388c9f2d2aa7efce5c523a7269262c1b7d3f7e14f

    SHA512

    072de29a646574c9ae19a63f19155d7c175ff914ffc5fd753b0f1fda8ac48fb0a8c4953c218fd01e3b06531213d98c02598f5c3e0bc59917201fae0b5d42c4f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2ced3df462a0db505b55f476562f34cf

    SHA1

    98f913a5bdd9ffbb3f57671a192eae28470d5a70

    SHA256

    66a35330855cc3c3f18c52c6e597825750b2611f2a31560eb45be1c861f224cf

    SHA512

    748d03862c88ba549fc4e3e68da11eab05a8f8f982e6fdf71d2020db90c9b0ce1e53ed65b8fd104ee02e3acfb7237ab98ab235dfe893123cbe9a96a46f507a07

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    73cb654a42fa7df1f32c7a970c68e079

    SHA1

    26d4b9fe69e4c7f3992a6469da2fedc009e7e62c

    SHA256

    e33ffb91345d8b01f279e8f05488d6fb047629cf04c6d566c790aec56608a6cc

    SHA512

    e764f1da32536511e0c1d5587ce35417b0bbf5cbe3598a5dab3186ff5100a59d5b2a9b183ca16770ddb25232af618f8f9cee82e648caf5468e552854c76a5545

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a9d7ec6c59df69075b46a8d47888cc38

    SHA1

    ef735104a23cb14dc76c0337e72e522b2356dafe

    SHA256

    022f89716d1f51475bf1449860832e1406014c2542dff401a26cee8f40edec50

    SHA512

    b135a0ccb856866d0f742e0aaa6fefd0b3194a210972b5b15393a1f23ac2441ba0b0702a7ee67fe1362e2f8a57a65af0ab4c602d17234656d21a130b64d8f709

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    53f05b0eabd03d66df4629d2a6b0fc2b

    SHA1

    3357ccf1b7e86a8728ea1c50cbdff27542f9ee52

    SHA256

    ba8a84275ca0b1ab2605b33f61dd92c62adf9b3e24f38dfac0027e987b0b60da

    SHA512

    c34cf5b4c5ddb5ea1999e20ba008edbbcee4e52b48828917d84c8a9794cb85e37a667b8d6020b5779e3ef07895fe52b5526ea457f0280b316d1db65073528fcb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    390519da4ab504d6e4d438e3da12e0df

    SHA1

    fd6645a80089dff9ae399b8b5902ae5398c11621

    SHA256

    2d7abe3bce60b4f154b39bd4cc8d9d9756059f1a35222d120955f877ca92d187

    SHA512

    7a1356c32624c7e5a4e8760d131527000a2e605704af89ad29d0e721e6b97fc74ba64086c6143c5bab7725497a8b2812bc81b8343cc0aa5e9e402214e7c0bc31

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fdb061fca15bd22cfaf866712f47ae9a

    SHA1

    23930c38505d7406f1369372ab89eb0d67547306

    SHA256

    448c1975a60d1f7fb78a12722b181b57d8acf67082e75ed117a7d2123a6ee067

    SHA512

    7556fc2d551a8a7591a46055ef8fe38d0070e92b14aaf97066d6f43ef4c1ffcc33d9677a647a1419c505a71c0e33c9aae07c0a58cc2e08aa4e5e215c3c15bef4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    10174b89515d82137c8649e5dd510373

    SHA1

    6a6b85d34ac29157a98b7a8d42156e7aa64e7407

    SHA256

    477bcbce53bb8c2101594d161bea0c9c724c67c6fb0dd09f57b15bacd622acd7

    SHA512

    fbcba38a6a7f7f82a910cd096eb6b1f67fc0c394b6213a1f295a97b14a9be3e77f592f6d71bbcf85ae4b34ee3470bc27b43e21b5ebe5d54c7661cee7360862f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    be43cdcbac114caf15dc42bfe267cf7a

    SHA1

    86ca2458457ce819a0f31e4e340df9604e06c3a7

    SHA256

    356652a0bd41b15e48b1a619ca3ff44100a6c4ae45c88b0266f367dd24855347

    SHA512

    1073e5f15ebc5526e6d0b2abb2f410b84931c9b88f3714006b3473462b2a63f74da1ac56c2aea0bd15b3ff81745452f003d010a7d1a8f66b950c2830b66b5f46

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    68a0ebfa62a9c1968230b1388425e4a1

    SHA1

    90b3807d566399631558d2558d19813a6e30b59c

    SHA256

    5bf2975655be4097df3889363127747d813befc12b420b638c86ae3e397bf99b

    SHA512

    49113bf4f06909761edbc470570750c0a4fb71b10585aa3970caed1e85d94fea4c2be2fad9b13a9eb41280d53bb8e9b9ff8df63a1dd3d8a74a51731486331158

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f0ee50b24cf0daed5bbdc1594cb0cf1e

    SHA1

    bec39392263c8519e3e0a8b84af7d5528992619e

    SHA256

    48132ff5822bd91ebc1df9cdfff191a4b703b56769e62dd2c15088bef1813f47

    SHA512

    c2798ebde1429bbc67751199edd34b5db943bba5b613e93b6e5aa7d0abb752bccf395d90ac1eacdc33ca5b34b91c1eaff0a9390ebdafb94706d4b7ad9807293f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5a8308f3b9cdbb622869df186ed3872c

    SHA1

    15dee88f08de1c6cea55e555103ec1fd7f3b07ff

    SHA256

    002d41d5febb4bca9339fcc768834e3095de751825609f65b95cf21488755002

    SHA512

    a0ae02bc87279ccd7b9acc7396ce2c0dca8838d6435fdba055682d4d0b989d84faf9f0590af5f96bb3869628500b88f3f9529f3c16b721727a73c98673e3adbc

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2XHJXO3H\ga[1].js

    Filesize

    45KB

    MD5

    e9372f0ebbcf71f851e3d321ef2a8e5a

    SHA1

    2c7d19d1af7d97085c977d1b69dcb8b84483d87c

    SHA256

    1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

    SHA512

    c3a1c74ac968fc2fa366d9c25442162773db9af1289adfb165fc71e7750a7e62bd22f424f241730f3c2427afff8a540c214b3b97219a360a231d4875e6ddee6f

  • C:\Users\Admin\AppData\Local\Temp\Cab2445.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar24B5.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

  • C:\Users\Admin\AppData\Local\Temp\Tar24FB.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b