Analysis

  • max time kernel
    118s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 11:59

General

  • Target

    91b52c129bef3e3ba8bfb2c703ec695b_JaffaCakes118.html

  • Size

    461KB

  • MD5

    91b52c129bef3e3ba8bfb2c703ec695b

  • SHA1

    23eac7338501dc0713b3a1d35ae67b2cd4110401

  • SHA256

    6dabc404baf5c785eeb49a5aca04d377763b5be7c0eb2bc42a8f713bf871c914

  • SHA512

    4c44f4bc1b97c15b1ff12adba130246ee400c6130d878de4ae9e14fee2f3fb986941e8032a6c9c51d0d1f7bcfea32da5be12c4f43c2479bc892f5c70d487691e

  • SSDEEP

    6144:SasMYod+X3oI+YdCsMYod+X3oI+YpsMYod+X3oI+YLsMYod+X3oI+YQ:z5d+X3nA5d+X3P5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91b52c129bef3e3ba8bfb2c703ec695b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1304
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1304 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2924

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36c449a48c5cba34374309dec2f866e5

    SHA1

    c4ccfa7af8d476da43c922a64dedbddb90ae326e

    SHA256

    30ae79f66e70e428489a728b6476b9130aae1832049845fd6aa26adcd4b0a323

    SHA512

    41cbdee0c59911d8da868da4f0e6b2e5c98946007e458101586325aca514a9f1e95afdd16c8bcbc9eda25ea6a4bebdcf53478a57b6b0da089cb2fd81326695f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c413133a0173740b8bb7b8964c03b08b

    SHA1

    807b3f979f38161fbb7e750d9a3bc6d37fa33c60

    SHA256

    527cad5b63c6339fbc1912821e74bf71994ce25d1f48afa5eace5d3336124732

    SHA512

    0dd200822bcb5d6ded9ea549168b8a0ca821afbc633df5895b43995b04e84da69ce75f9ff0cb5a572c93864fc3068a51c19c0e7455499950d54637daf5a36bfe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    96be0c215ed8da2e207cf59ace89abfa

    SHA1

    d71c893a428b7d4ac7060e6a47d183a887f75001

    SHA256

    ffb960bc739cfcc9838a960f9e9fcc8569e5d002c6f7f8e5c09586968b3e1ca3

    SHA512

    54b25cd085b6eeb12400335a0bfcd3d05856197ba4993a2ddab6a9a1314cf895fb8c18d92ac385683bb06dbac34305ea41c63eefd9112ab00b4c990761155274

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    939a2e38f6686a74b1f152eddb73d9ee

    SHA1

    d96423b7604c2f5a8be43eb990e4340641025b5f

    SHA256

    9e347c9a6d8c9bf24f83908f4922c881b70e68c01a2c82f66b9974eba6bba89b

    SHA512

    f3947cf50ba123a2af831cd1d4bf4e86051dacbe0ee17d627a06a1754ce3541e8380ef6a80b5dcc74aa4353b06656976d1abdb8839cc3ec2711300ea7f26943d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e3c6aeef0c3079c9d3a8aee4c689c286

    SHA1

    498225fa9df43cd7629e04b2229f87a9334d4c8a

    SHA256

    7b2e94f8baffe160a34fb4a330f3ced545adc71dd5a226f0d59c3fd60bb7a5db

    SHA512

    381e80842842640a74e9dd4c839b20eaa8a10a84102f2273fde4e0d5263ebcfd9d92d3313e9d398b3219d7d8293e5bc585a5616982dc2e4840943d80aa6b8eec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7c14d5b3d11d5bb960d76c0d6bc6bdfb

    SHA1

    06024635784727ee6fe6d51ca7a44d9eb8edde1f

    SHA256

    b09951d7b6ed5929e8dd5801b050b396e9ae3a478355292a12db779baffa45ad

    SHA512

    cd512f3f165fc5e2059d9763859a2be173e6c71edc4e19cca920b47e7558567dc859848c792903f1d93024b64286bb51f20c315e5de9897971c6023aa76aa241

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    75af8e062c7701c974303e3174b73dec

    SHA1

    17e9206e75250ead0bee7172f220ad72f7ad5967

    SHA256

    75b9737da3d0acc6192d83a3403ddbece445544c6c66d5f6e1d4315c1df44d42

    SHA512

    183387f550901aa1c83c6b4a623ea6b511d9053cf5ee6de603161cc5ce1a653de57e7c056b9c9695ff9fb3d7fc664aaafa8c5f82cca52f03362152a19c1ffa18

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f4685f5053a27cb5bcfacab0229d1751

    SHA1

    3cbab5b2429276a9fb48c47b88a26294a8ae6689

    SHA256

    0848e6266143eafa41ccf3689868a5941a4d357a331634d65c91f1118d402fbc

    SHA512

    29b64796c496f53e2d492356e2b3dbcf40cab500643db6f34f2e29991f1ad27ea9dff8dd52cf249d5e6646e9341097d02736a3c9bf01b4447bf0b636fe10ccdc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d4c04f12a56770bc2866dfd3ece43641

    SHA1

    abced00c35ca31096b91ae26431a322908e72377

    SHA256

    5a28f4b90d15b94a425d8d37a7b3119d6c7626e54723eb76df131a70212d3437

    SHA512

    e34520d2e504142f7a246d4a486648e32c16c9cfdd63a241e568b849dfa8376eb73d214328a0a3654b9f7e37f9aac981dfb51125d9030fdb238361f5f4d4ac93

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    66aae1aeacade658d56721deb8e59d8a

    SHA1

    696aecae05819b4142da12a88bca59c8d7e5159b

    SHA256

    a8dbd8d6be10e162a2f0b2a6cc0e28ddf9772f32eaad454b8700680c9742e0bc

    SHA512

    041e20eefeeda8f470adaa946e2c0778105be12a3eb64ac2f12d5cd4981c4ae3af1cfb71ce8adb09734cb6a772d9ea43097275a6d4ca666364ab8195de395f39

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d4d58d57dba0aef983e39e26d1035a3a

    SHA1

    a351882c15075fa3848c467c9da334fe54226e02

    SHA256

    a45d86e48d5e63cfa963cd1d067940ea289995d3e6dcfe1e67e7d41ac355c504

    SHA512

    694dd04c559844d6851adb3359e1d2691b760eade0a056d8f5b5cae2ffbd59bacc1edb4f0cf57bb080ada8898af6ef2762efb5c3246065ec6f267142d49bf5a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    84513af37b80b87ed96e9a57478f32e7

    SHA1

    b7fc4bdbf6f50684f395867d0cb0b1ca1717c3e4

    SHA256

    603afca9d74d510753d9751cc4169c0d085f8f7e741177bca2b8ba7b900125a1

    SHA512

    c3485eb9eddf68f119e8b04a63fa172b728db4c3d205c3387d7106f0ba1b98e6c34f2114a3e153d8535b1f1d37fd86159d2635ea5df1987c25f78d0b6db8f4ea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    61d4bd471106323e860c4a09edcc6eb5

    SHA1

    c2eb2c6ada936dc42ddb5dee8e7d068729d27a2d

    SHA256

    de93cd2b4b2dd136c154a874c965d33e49243567364efca07f292dfc166a5e4e

    SHA512

    757b1a40d3933e94bbf2322a8a1992e52abd084e114a3a92ba8e5a102d47d758d194760c57cc017ad620decb6dd5c0d9b98f65c04a7e798b6feb33036925841c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    789804d2153e3918a37f3c909d395d35

    SHA1

    e8c9bb45759747d442d37567b74f00fbc06c2f45

    SHA256

    f627a71e1fea7b7491e7e6ffcf40c1d629a428dd4ebff3420e1e76f5af7d474c

    SHA512

    f39fbe26355cfd4edf7d40a1b474f4e5aa80da0c59e67c880477fca5f18ef2710e4409f13458c27c0da2bd88622f7eac02c7302eb5a7e2b46af539150ec2ccfb

  • C:\Users\Admin\AppData\Local\Temp\Cab44B1.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar4544.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b