Analysis

  • max time kernel
    141s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 11:59

General

  • Target

    91b56a85082a62fc60c469a7706dcaa5_JaffaCakes118.html

  • Size

    29KB

  • MD5

    91b56a85082a62fc60c469a7706dcaa5

  • SHA1

    7b7f6c843f26d0fa22e6c1d5a210bf6bdbad327f

  • SHA256

    a94a6ba6702463949df950b34cb82f19520712dcf35d5414df479b37f0e6960c

  • SHA512

    2980f60564e536559a20293e2c2997e24fd8fc05082ea72784c9577d8ce46bfb5d6eeb4c2b1c4a2214fa180e454c0ef2f77c6cfd1eb9d95dc745787107c10f4b

  • SSDEEP

    768:eyAgkWJk6bd02NkbNNUpUHgZ7UI8uJw9EBdDzPJIAZDjW/CeiU7I:eGkWJk6bd0YYUpUHgZwI8uJw9EBdDzPh

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91b56a85082a62fc60c469a7706dcaa5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2012
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2012 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2860

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    669952c2f9e141d175aa9ad3399ad07c

    SHA1

    6f1d05aceaf3c3ff3b26078dda85aca4c7059668

    SHA256

    54c02e3b80dff82ecf21936a5a377aaef564e104f615c4f940fff76569b5ada8

    SHA512

    ca225a7acf678dde77d4b89a1017054e3ce37b6c678ea34b46f3a527fa2182b8bf87d4daadfd62f7172387a6725aae9c4bf3bc3723de012f9bf66645324d9c7e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5779da2b96f052769e6ec570c6bc3f6e

    SHA1

    421dcacf12886d21ef39ee37f34fd1832685bf06

    SHA256

    ac5a7a6bec84678d66f227e194ddb9761c285a1e7b4f8c98318b6aea6d36f87f

    SHA512

    05ab8a7e50e662a34a717d2ebec4ee848f271b6a899552446144218844fc67c39e0830ef64bf34dc8ad7164d286e91f9aed27197ff4b29efa0e79332251a2aaf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    08829762f7e8c9788da85fb19395fca5

    SHA1

    ca13e0d402406de6f8f13f86c335f99901971ad9

    SHA256

    904ff03c2c44d29699abeab8e5f1e1a657f0bef43eed51665bc1b2228a7693d1

    SHA512

    488aa6e1a5d32df8eac45ef7072c8a7bb7c5a9a387ffb880687be70d68e05425cc1f15e087739ed0dfee7ee3b57a87a3eefdc37f6b82dbee5b64580560ddec34

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e21a6500a32700334d2678edc46f097

    SHA1

    f51d6078f97d3ebe68ac2bced852550a2bca5e6a

    SHA256

    e7b570d17a711cd23b4d4d600be8a736a09909d8ee117534cc1047211032fd83

    SHA512

    27f1e4cf5c0c0fc235f2d210d38ee460242ce6594657fb49e4eb12b104e661ab67f6102a459520e2508e261014efaf4c2f1a58a33a73afe59afb68ac2e0d79a0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    16f267586bd94a5f777433ed561fe4fd

    SHA1

    4fe9c2b42527f27c8dc4522788e2840c873bdcf0

    SHA256

    8165484ef33399c63f53c984207e19a9ad01ea6b24d9ed234ad3c6102833970d

    SHA512

    9266fec8669ccd27f1487d72f50523ae187dced875d5065f0231dceb64c5524967f6b5a7fae48d7b611de8a1e7ed82196b97efffb40bd2d60c9e1edcd56cc28a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c8257a0bec40719683b8fd11b71f40c7

    SHA1

    6860575aedd23fa064dd1b8f143688d4105c109d

    SHA256

    1b3a73941f034f720412c003e2c4f1432784830ecc49e0ad7f381934dd50eb15

    SHA512

    cdbadfbad41edb22cdcfc1189bd90f93462b397465412ea1aa448927842145c4a9687e42244b395d6e1ad273b02ed9e9fba5a71f51081a830e726c05fe583f5c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    032d1f0c85d6ba47f5bcff402ef4945f

    SHA1

    0f26b002b2c79a8f38f0822bf3cee9dcc8e04837

    SHA256

    0a1b22a90dd29bc460246c6d5da65c9180fcd2e81a245990a307b6850d1a8043

    SHA512

    84b1d40406091a19ec2e157beb15ed9b4a399909e95749c9102d32bce30ede4389bc273af067d5747086b12de19a8fa2fa3f62cc0c67499103d5fbcddc70be00

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5cfb611f80cd696f8406d530314dfae1

    SHA1

    5de72c227f9954b0f669a73220abb13205972c4c

    SHA256

    4dfd1619c0d354027e3f97373dca55a1d4713c1239642a4c725746f4e514cab8

    SHA512

    62120bbec66cf6e91bfdf1b9a2be2c4971f1e7a07f29a2967b7a7aa9f24ece42c08d76ea70360e9c6bc7b6f7a298fb00ee2b990d3f6d88e7bcc6ec076283b85a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    84ca01d18d60ec482eb17305923bacae

    SHA1

    3197cac26597c0edf4cda5776f4b8187d0db94e3

    SHA256

    47a93bbb575841fc8200167586cece09a17f5dd33dddd0bf3f6217367ae78682

    SHA512

    57726fba195720826d37a36e06d62f35a977afa651605381fc19bfe56700c18e457d221c9f6a8cf0e640a3be142c59ba8b4a4ca50c289543c023a484e669e158

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b6a7323133fa0dfca1d5e86c9b5d30e3

    SHA1

    5a4d17f6f781b40d8ddb63ebcf02baa9578d1ea6

    SHA256

    8460e190feb6ce135128728463fd6e4842364c3ab446797282091316bc86e0dd

    SHA512

    cb17d967293280dda85f8b8eda5464509d15aaed3f649d07e46091395f1a3aa12f6584f1e396cc25be0b4f144aa79102d87b0c2fd67960b0ee690929f306666d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5087eec1dada50fe4801345d4d2cd568

    SHA1

    ff296ad80a8feddbaa0d30822efbc0fc5de44c43

    SHA256

    906ff94c82dfe558c9d57da0ca6908884132f877ff0f7da133b205997a108d80

    SHA512

    0c460504e30fd598b242aac43678c372443ce7d4eb837176da1347e370352d2d5a8d0858813e95a2885c5604004647b1d37c1d8780992bcb1674b14564eba52b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1649bb0ec7b45a79bb58c0872a9569eb

    SHA1

    02c912a144040810af82a012fdf79774368eb090

    SHA256

    ff1cd90c61714d9986ffd7463d4997d017f672391d15505f16a7394efc5fd00d

    SHA512

    04dc5b49204b7fb87c59160b73d46dd6ff07091b4cabab0b9ccb7dff18d2ec5e6eec105ef9cd8d43e977e0bcc474919d885dcd1182804cd5bf626f191a39b972

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    45efc8ca47b45354ce1febb096ae4bd2

    SHA1

    d511bf37212852b6943e679d57eb2303238de2ef

    SHA256

    5ffa717f3ed3e63ce0be1f03ae8ac89867edd2dbd913eb53d2b41205e652d127

    SHA512

    d134667ebfcdf2a5ac0db71024805322c5bc9600cc5926b5cee4a8cefd62e44ee50d270760375f16828ec2311156f94ec4c403678fa3d1380fa185f867770039

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aa920ffc3c6970a7657db932bd644e74

    SHA1

    f6ef79e82ab0b042049843f44853ba2f36ad6ffc

    SHA256

    22fc0e31ef47b31fd0e79679eacf1d7c906e776abee69160ffb341a3efd8dea8

    SHA512

    0881c954446edb8a1a7c8c05714ea7f89871a56515a7b68b92caecaf1336a37aa60caf438b1d96faf9aa5b2b4ce5894d5425407bb5b1a2df98d39157591b908a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a45d7f0c50b861a04ed13826b1bedd3f

    SHA1

    efd08ff7fd0039953622bd515e5e5086b101085b

    SHA256

    a7dc0eb9ed90c08903a710e9d4073d3a04e0e59bfaf7ebeb87756f6eec04f3f7

    SHA512

    ea78206ca0982a3f62340fbb2508b5da357d154bd8460628af7610b37d4871e5337e946d5252385248eadec42c7836b35997149b2aabd0ace2cf6e44500249cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    30533a7827da70c4fbc721545e8ada8b

    SHA1

    d8edbe69556db3c4c0f76b4a3ea40e75cb1fce44

    SHA256

    1ce071f757e20d096b143ec2c66b64189d2f8ee316d35edd81a907b8b8c8baae

    SHA512

    023fb9a76a3dcda782984f9f3f159ada230a4762db1561aa368485c4e0097978bfa9fe409f4d304d2672276eda153b2c964326da1bacbb642087645a52c21a55

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    20326d9825c6fadb7e13aaff3761710a

    SHA1

    3e84fca9a56f9ad23ec375490452c26cc0aa6019

    SHA256

    c3a8d391ed68756d541ed521968876a14116e3ebd56642abad5f812fd535298c

    SHA512

    5d4d67226954adf8b0f0df49669167137cec96b229a79c3f7be2af427723a424a5863f565712bd71ad14022d21f2096005fe2d3425c2c7e5614798f7f54fc9d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6fd703d81fe16c048c73d2e20c2a42b9

    SHA1

    b1d9dbf76c1ba14e416e3b27eec3fa18ee7f5219

    SHA256

    0f095f537e26aff16a61b0c8d30d75ac31d69e2fb2c9d7222e09dce6215201d2

    SHA512

    91e3941f3c553cc5e6a27b414d312ae3cc24d7b9e1be41463d82ed318d92434a12ed8619ef360e9639f6aa2d17f30dbcb619fe12c83f9335fb840030b9a278ea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    24528b8fe66d36611dee814151f67803

    SHA1

    540f961a4b19ee2121ecc10ce7d3759d44bf1650

    SHA256

    7af3b924d48b1f48264d1310b47eb78e2c821b27b9ccfc18edf4e0519fb5efad

    SHA512

    c74ae1f0cdf8f5a593099992600059f06be030e3c62cd6b01b05be395ea7e263b08b6eb1f46c2601f282cad6f4ab74e2ffadaa58d5a70c7eb12f822e3b4dca20

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4d0f755ed268becf99c9aa0d44de5a66

    SHA1

    ef2dc199a58b81f530d5dd5198c707a57667b972

    SHA256

    bcc37c1bd691414aaffc9dc15fdd8b1a26b2c940e7ed6481301ff6ca8036c663

    SHA512

    3ad478f61620ebdb7422a5386af34c87fa59045f89a8d030de016e010ed8f8e7f6a782d8e12f1b599a06173bcb2022f23e8e9a776a53366c13237bffb427930a

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MNCIS1YI\wp-emoji-release.min[1].htm

    Filesize

    12KB

    MD5

    6b8219274c9fa9a78ec3a5a8bf7cb6d1

    SHA1

    4bfc847653c2c471ed601cf19abdfe1127f3c539

    SHA256

    d268d3a434c87f2cb60dee2b1a4d3c17cc0e3ea30b7e0e0d5013f3df77c52f6a

    SHA512

    2dc1876ca2304cfa67c17252b2097d8c6cb1cf546d3d51cbc0ff674a109906a938f57a06dcb36c28a42ce409cd958d892b9709dfe229726723416346fa154b61

  • C:\Users\Admin\AppData\Local\Temp\Cab2A6C.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar2A6D.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

  • C:\Users\Admin\AppData\Local\Temp\Tar2B10.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b