Analysis

  • max time kernel
    141s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 12:03

General

  • Target

    91b7080b60243efdadd475dcb50bec02_JaffaCakes118.html

  • Size

    67KB

  • MD5

    91b7080b60243efdadd475dcb50bec02

  • SHA1

    01706a2ef0a892439585217226fdd126dd1294ea

  • SHA256

    dfe5dbb8995c7e33ecd4f2642a11b69d1b01e65fb0e930ec6adceb21e64ab246

  • SHA512

    192e6ac827d73b2daabaf92eea13800cd924ace53894305a8fa37e665f609c2ca3fd58dd7b157aa74014886c6610fce72bf0107255fa5c426b4f1ce00b182a69

  • SSDEEP

    768:Ji/gcMiR3sI2PDDnX0g6sz6AV+IoTyS1wCZkoTyMdtbBnfBgN8/lboi2hcpQFVGo:JdUTzNen0tbrga94hcuNnQC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91b7080b60243efdadd475dcb50bec02_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2104
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2104 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2840

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0212b808b7d246e91fb9c9fe626a78ad

    SHA1

    057704d61708003709f16a54edbc343cdf9ea3a2

    SHA256

    b8548de3dfd164e33d074f2ce912cde4e39c8cbd20cf5f115efa211735ff83e4

    SHA512

    25d244c08124f114608f9c2a3e14b90f900119cd842e455f85d8a6f5a9655acb866e052061272f0d7e6b0bcbd1967efc0d27ed19f2aaf23069308c0330ff0b0d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eb405aba59e703a294f70532bce7ce46

    SHA1

    d79f8a4adce0067fcd9150aa812295ac25493d38

    SHA256

    09154e8abb32533d53ac65e7ed43ca1dd5f9ad56f170af63df9199b8cd695fa1

    SHA512

    42da0d591d335f2f0b60f134754742a02798b1912087f344c51b0fe89cc7a7e50b5b4431db9f02f5ee1a558ebf618fce803e791345f0d77135063ca56874079c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6afe1b207df90cee2d01c356fb2e1945

    SHA1

    8f12a349da6d5b8f8d6dd6cb691bed03217a32f1

    SHA256

    efd63ccd896c993171ab722cbcdc136c8c67ac5223a520d7266f521cb6c553ee

    SHA512

    9e4ad9bb8bd1ecbf19be4442f39606aee484ffa2fd0ef77d2be6d941b7acf7fbcc235b64dd5634b190fe355670be75c795e7d6e3b4f1ab4681ff85517f9837b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    676e2b9a9dc08a3b5a6dc6e8b2600c4c

    SHA1

    53bc9392ef6af5271758a2f9cb8b5ba325d69b52

    SHA256

    cfd3e662f319577a8a7a0819b20dc7a5960485cb94ab10bb6895f6be53ed21ce

    SHA512

    fd112803035a25f59ac589e633cfd8c14ff9a6abd3c7f6e35183ee24933668ef2c1d064dbcd1aa14526d22cb50adc686aa98828574458d8ec26a2f23aa8630e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b9edd8acd58db8047f3133734649070b

    SHA1

    2f5f7d31a40bf3a199d0080113632db939cffcc2

    SHA256

    da4ea1d62764e8d4a758a9c6717bb9f0aee7669d6847a2491dcb2c74ab9adee2

    SHA512

    31c9d2c4c5c6224708f16842ebafb6bd03b2508b044c2d3491a70078bc500e5a8d957b783a2d303cc544021e3696e69557be1a9af2c0401a80cb8004432cc2fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e791570b690dfc5db4a1fe2acd1b3e7b

    SHA1

    45da63876e424d9726b61976128e5815376dcf2b

    SHA256

    6812da14b8e41843252834bdbc104463cf86bf0715820754eed6940326428efe

    SHA512

    b87e54c2666bf636b6af7dd38e505641840346b5e59c2d3433912a77820fd055776ea74bafc00f6c2875e18704ae92f011c1fdf58fcf10d64b167580b1229e9a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    06f64b71525a3a35692f95a53b46b751

    SHA1

    b738a2062a8ea66b4969373fed1181b0f56abc0f

    SHA256

    ad6c680d0386521f5a16e4c5d810f2017f2c114393ac5e3127f51bc34f6979c2

    SHA512

    c5341cc3db4733bad22ceaf2aeb08ed7bb09d1c7b07486491b96397d98f87e2406ee9255105b637cf3deb202d91cec6189720dc6119d4490c98e449cbf46864f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    db08fde0cebe356d9033a66f2f21b10e

    SHA1

    7b90ab35a115450b0a776744200ae9dcef2e7d48

    SHA256

    7cf0dd423f413459106659b0c4794d985f86303301c69dd3bf60c7225535f2aa

    SHA512

    118716975f314fa54117d8d3d503b7a30284380052a40fc726b5a496f86be3aeb09b00c837fc5e9c18992c12db57a6981422a676098dec339e26ddc7e7585ed4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67c9b87481f8539f3cb0d574469000ea

    SHA1

    5c87547e7c6e69aee174058594ea3545a14752e4

    SHA256

    d15b8fd4365dc4444ae8e5c130ff9572a552cb6e15921dfb6fa8a429c3a93c53

    SHA512

    0ebb9aad8cc225ed795944b9a819b5abcda2c48237358bd1d19792b508b66175badb152dff3d6e151b839e9e6842e76ab780bd7325e82e06f220a64b8a7bad22

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f6f5df7734a4a520d9ca2d2f148d59d2

    SHA1

    6ca2aa2f5296620a8f50e088f7b2856c280998cc

    SHA256

    c5d752b70dd11fab08afbfbfb605f0a81f0af323ea44de11d6cff3e9709cbf6c

    SHA512

    100253870bfad820ef4fbe9f7ff96b1dd3a0e7828b031ff96b7469608ffa17d4c9ac0f9ee5319cbd39024d37b4b41f9dcebf50770ecf7f4a16d889c62530229c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6c304142909c9842db38d94d47cc69e5

    SHA1

    500104fa2eff88908e4aa645b5cb37f14473fb3d

    SHA256

    7236e78802999ea238b77825acbf3e273d6b332da1419a6003d37444becfcecb

    SHA512

    2eb34c836a7d1aa1107337e9c8630608ebd792be1bb623bc610f002d74d5c766af7644394e9471433eb4797021fc40ba62d7412b4fa8aa2fed6c4e4e755d0fe4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b32493385b8eb43ed6c16ae2d6269843

    SHA1

    2b619a49e02795dfbb0f5f48a83e4f24584a9e7c

    SHA256

    082cdfc31f4e772a0d8d393c6a0f8ebc669de8b4f2e5c6dee9ae488f8445aecc

    SHA512

    53713423a6258f5cbde99e036e10e2fb54997fce99bfff1ab8a486fac4190136c8402e8b3ea0067c719caa02b8b9a1ca9a35f68d13341b86752f5e096d96c6df

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cf4c7dfc31a5f18f7ed70435cc1257ed

    SHA1

    cbdbcbf9438286f29ca7774c5bcb9e06ef4b1ffd

    SHA256

    63572c063485fd9f92a7cf341b8f4ea1f434a5ba21d395092ac2d6eeea0c1537

    SHA512

    febd061c59c43f87b4b1c75db69e766ca59c9f46d0927c95e58bf5546e2faab0cdb5f654ba93783a6c614a0603f10efa3e7975c510bdea51705f60ef06c1579d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9a11721d033d40d9098b0ccaeaa4fb4c

    SHA1

    82e178b9fcd8098577c0916490b1581f2b3ea7d1

    SHA256

    7a7c620ff098ef13a1e1ea5f59c651a0ef5d277462b4dbeff9edd9d98405d5ae

    SHA512

    029bf7c8816e3ac96a4995cac6765848d359eea0ef8321baf522869a5522043a5d3fb434a643ddcf7b6b753a35ee18c80d4a3736853418c88535953fbfacb9f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    963becb412cf3872ad37418972eb0ee4

    SHA1

    cd03f318ffcf36e21de6a7a755e5c999582c7419

    SHA256

    063328bde130744506b96fe2b2ca76d7cfbfbdd2f910bb435c6ee64dbab76247

    SHA512

    c54ba4c8716841971913a1be5263511f67fba5a50a01e46917d20c3341936d814dc0fe4db17e7d2c009368d1d59a11c8496e88cd25bdbfa97908bfc294fd7e95

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    293cded12196786fa2666f923c94d2b8

    SHA1

    e84704ee81975e5680f3dfbf9a2950bd0e51562a

    SHA256

    46a7657265fdd28a593dd96c9cea0eaaf2e93525c861bbe3396462e278865b6c

    SHA512

    1dd318a6568a5151bd5c19d1b3aed88f61cf9f228e42059e7d2a22f751f2e327d1ef30a04d861ef2800e371130c16c2a375fd1ae15ffa534bf37fb23146c41a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf00c33b8bc0d6706a3dae00a7a02c32

    SHA1

    7258b5d9b81529473efa50e43ddf206a84c43352

    SHA256

    44cc9aa09dc21547ac73e6394ea671d5bcf26d1e998a944b54e4479cc504a405

    SHA512

    1c78b94a4400c326e23cbe8007f51b562aa11febe391f46d503070f9086e75280edd6c521328f7a7fba1f0400f9c59fbbc341d351aebdcc2f604d5f3173be6c6

  • C:\Users\Admin\AppData\Local\Temp\Cab3B6E.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar3C9D.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b