Analysis

  • max time kernel
    134s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 12:00

General

  • Target

    91b5ed7e9b0da416670e152e184a4f27_JaffaCakes118.html

  • Size

    36KB

  • MD5

    91b5ed7e9b0da416670e152e184a4f27

  • SHA1

    29fcaa7c6f1cc4c3d898e78c7f1fd283b4cfb1a0

  • SHA256

    8c8f502b01265cfea0e97480cff9166231e143bba2c409aa8ddcedd93aaa51b8

  • SHA512

    e4a1bdd759562d12a513f61b5a10ad1d20aaa95da053ae8242bd90cf066698cb32c3333e3bd8da490d2929d36ba6194a94889357d24416fea5b924eb84b6eed1

  • SSDEEP

    768:SnUOoZfH5VOm53k7FWIF0dzaVvDaDWvNpliNpr5WZpeC5pdJ3caGP:SnUOoFH5VOm53k7FW+0dzaVvDaDWvNpK

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91b5ed7e9b0da416670e152e184a4f27_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2172
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2172 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2236

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b7f2975a23d23b1a02c90bccf9e4a62e

    SHA1

    e5b204689867d3df057a7b851b2473a58e0145b7

    SHA256

    4f9453373a46b42df528a5ef91e0a8f09825c7c6ece96518fe800a86c7608d2b

    SHA512

    3d9d1087c5c5f7cd36eb4cf480845fad27dc300ae135d7aa1adf34ff7d08ca0f7f541aed07ce6bd7017143e781d947262652b0675638679b3fa5da209f30bffd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9e7935bfa92146a0b6dd0b166b1fa886

    SHA1

    184e5f634d17230dc7e28f9762ef76b454d8ffbe

    SHA256

    18999a56938058a44cdfbfa2a5029b4f4216736dd8824c6889daa05ae6212931

    SHA512

    1eb2fa0b4c19ed80d1e401caa24d07ae0518a40114a95b9c7db1477beddc040c405c43dbbb4ddd66647fe4773cec8f9c399ab54675d976634edb86c07279771c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    878cb88dcb4b26ba2d1e0e067b72cc2e

    SHA1

    d669052bf931c9ecd62c0660e652bce36063850a

    SHA256

    c54917b0278b1faa5f7a4c9effb8c1db65776baa58eb3bb54a9df8be0a23583a

    SHA512

    5b514145a8a495ef5102b30bf284028455ffd1822f3ae13c85186a9bb9282ef2317f6c885bd8e3b0926327a658cc164a2208dfc68395375e2d2047c14c9e2629

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d963c56d65bead9e85a47fdf1029a176

    SHA1

    dd56e5acd260c2e537dd757bdf6ed99c9c97fb0c

    SHA256

    16b689020469ca03d7f2fd6bfa91fdd3e680b4537e6a0e162f1af4651ba410e6

    SHA512

    950b30bd62d2a3d4a95c908591a2a795db9ed514a5d964f4ad22fe56b447ed6d5d70db443c3d823ebd4879690ec9868ad0dc9752150d757536221a1f8ddc25fc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e41cfb75694a55b32302094a9522eed

    SHA1

    6cca0c8bfaf372487f65b3cd9f3e2ab8c937d967

    SHA256

    21fdd3fc0399fa405b594504d91dbd099c14b33cee057d591561ad80b9673622

    SHA512

    41eb6fec3df52c2b4a35093ab3cc1927a27b7e7318cc193f69781e27a9688723905a7acc3652eb56b996b7978226ad92bd4944eff919f470c146f375261a6624

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f1b75ea800f55d5b8b1fc6721d9301cc

    SHA1

    f82b4618f605d1f6e648a4f07bcb4577142cce98

    SHA256

    0ab862542578dcdb26368e56d3634ed98a32f85cab5154b02c025b1ca8444267

    SHA512

    09a7be6b115ad52fb5c6ca3452b0ca707a35f6abca36a4b9ce8399e723e7636df39ef2f9fe37fe71567f673d3a2d7d3b899e773daeab1afdd854c620b1cbb21e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    94b508b32c05b8f921567efa877c01ce

    SHA1

    90bf5b5705af773b50151c84e9717b37c0d85f97

    SHA256

    4a9346e2cd7217d80c3c22443178e3f08ab7dcf0aa4d35c7ae7cca90fb656420

    SHA512

    be6f53c5efa5b159bddee0f93f479a9723c8ff9d11337bee916361580e05dffe4581621db229806949eabf986c0e2a7a8ae656e2e242a672573ff0233c3c222d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc7eb4d55174ba0a6f4cbf44934d7928

    SHA1

    afd2dd8aa08c25a3ff1ae4a6affe2e386d8b82d8

    SHA256

    f7c651fd638effcef0f06d983d27ac839f20f83fafc2fb1b3c2edc6c9de03364

    SHA512

    36f132d023d2be158f2baacc3dc3759ccecd3343670d619e6bc62676f0952675981e302baf878c1f9b941131e32a1b00677148044d6eeadc6f00cae3db636098

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    282a1a0a42dbc824f46a7ca180da9e5b

    SHA1

    5d1bb8c04b5c0f4c576ba534d9ce673b1d226d7c

    SHA256

    e27658218152efdb67c96145acf65537d2719e14b5148f3320c5ee3b17bda5d0

    SHA512

    7d1a2926ea772eefd769e71a8d2574be66c1997d153f105ae9bd5de3f34f08b0734acd3c98db6f4a52244b6806cb90dd79010779728423b0f50318d3ba723fa8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f69dcb643f3011bccde036d84b2ea9e

    SHA1

    3620a3cb7b15ff1e053d73dd10ddb50662ec41cc

    SHA256

    91e70fde82f73aa1e549544347a874ce91c69497f28f812514ca01aabb9e5a07

    SHA512

    559f5277aa9005a496e009519cd7930f5b3716787bdbe905e97b198aaa66d18c08d16266d273982fd45dded73e02a0284598160977f1802042aed5511b30a4cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9f181046256e67903e33cc3622cd738c

    SHA1

    c6dd4b358826180ec93a515aa26ea11e5126d76d

    SHA256

    df728cf6619625234fc4f545a2eedebfa42c9c379153b5ce11ec6f726abbe563

    SHA512

    6a3f16619e838ccb5ff3e79bb2aac329284d9e95f85239f5096c414f1519f5a5cb1638cdf9018e3e92f64c2059621d1d2b365c92c393149648e0c81df9d591c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ac5443b923476cdec6f453d5d45068ff

    SHA1

    71d77982e073922e01b73e4855f6902e4d5baf62

    SHA256

    21997f49bf610b73cdf94abc24998b619506b4e1fb964134ec5d69387df26e4f

    SHA512

    5fa964cf82e626cb708ed8b8ae21b791556878c645a76ceebe1d6cc902be3f7df5d9e291ec4e999fe8f1712f89ddd3ca567d1e2b82cc9a8c4e8fa4f66022c479

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    54f1834bcc02e65871e70e3ceceb8936

    SHA1

    d2b1f251d0e1318ca69b58bf28cab95dfdde4ff7

    SHA256

    8517829c6a32738b0e186d636c3b70a58d25ea4014373bdbb866767a2071ee37

    SHA512

    fb9523ea45e50b86c2135eb2354f3e22e9a7f8305b046d9b9a97cdca5d9435f01ee714aedc01784d88ec4a7b16801c8ede37085d84bf3b3edff54c655e6da5f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0477c22ab4dbaa0710da623c40521ab6

    SHA1

    90064b39dec5b432acab7b6fdc55e35d496c305e

    SHA256

    38bde161c13dde4d418ab635673fbcb97655c830346870a0997edb1cd464e065

    SHA512

    18f927be081c35b0c76596e495a4425754baa27a38a4f7d1ada068f5e71c1e39aa5ff66ef785b611463f475a172283e035d5e48857e42799eacc5c8da386103d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1163289f08c65093c6ae7a5c85df7543

    SHA1

    6a85177d21cd17910788ec79c86a986dc7643c08

    SHA256

    6dd58a5663e124dfb4953085a4dbd8c0b0af3279175453feaad653916d8a0905

    SHA512

    5eddfe8b87028aab836e3b48f6ef0749c30a3665691d717865dce7b3c926fee5c1d4b62c47d39baae8bc556a22ee246f3482fd8cc7a25a1db46c66b616356794

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    13ae4f617c638edff65f470b63100533

    SHA1

    968044003e397dd2aa25cc7fd637cc4c7d4a4e06

    SHA256

    f07eaec31aada631e7501d0c7283ae719c70137176c36e1f04f8b4e2dc144568

    SHA512

    6033f37ba145cc1197f2b2d2d0b9dbac2eb4e36c61cb3543799976d57aec41de32b0ab1249197d35c3c5945c8ec6f5f7c9e7a8ef98ecc7b489258df81c29197a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    be88c6691ceae8ed60e9182c4e3c76af

    SHA1

    e1823dd2dcf2e6f23cebc0db98a2b4776757ddd8

    SHA256

    c2ef13de76410b226e1a8acd9edde51b9be0918437808c623eb1cf9edacdfce5

    SHA512

    ae25c6b34ba14f263f3fb876f3f0a82d884d9b88cd26f86af1cdbb0f6ef7b98dba790b741b6630c6512b507ef76794f410af5bb68ff46b0573d7e1771438ddc6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c7129b6587b1dd115c9444828b692d03

    SHA1

    beec3c9eb4dbbab760ac98f47577f29482f2f84b

    SHA256

    4de89e27e862f51a03bdaff6c53600160c27f235880523c7ea73e560ba4fa7bc

    SHA512

    13bceb1c1e8e98507875187166a77fe78c13b9d6ae53a280a8187b0af29d60954af9118fa2d5bd0163820d68bcd51716da9d824ad95db0631eb9843cf46e50da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    93c1d408e010fcb6bbd579e518ba5736

    SHA1

    3cacb23b230ee913b984ed79c7db37ca78f7a586

    SHA256

    cd19fbeb6351fd5170c743a8cadf69061ad3fe034eeef7e46e2d64e4dcd2b78d

    SHA512

    fab99fc1c4ea7b4a89c68cd926066841390038e22407df6f5905abfbc5a184265987652d7e1a536c16ea79d18231f7edb7fc4232bbe476b16aeaa10afd27515c

  • C:\Users\Admin\AppData\Local\Temp\Cab5794.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar58C4.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b