Analysis

  • max time kernel
    136s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 12:03

General

  • Target

    91b7bd8850f7a5f969c372adedee309e_JaffaCakes118.html

  • Size

    27KB

  • MD5

    91b7bd8850f7a5f969c372adedee309e

  • SHA1

    5c5f3da762b5a5443bcd49bd81b0932b76b62e6e

  • SHA256

    c0a0f0bd34c34ba16ed96347fd9304a89fadcb8a2191749f0e6f4f49f524f2b6

  • SHA512

    39804ea97b37c57aa1eb3db9e5d304d96d878e754451a4cbe078724535f6eb9927c8ca3a82292e96b6c87dcb748efbb705731aafbdfaef2e538646db88a934d9

  • SSDEEP

    384:77tNdV9tCXp4ighR0sJrba7SA3Ue81/zREuTwpmUUnUbOlPDtm/jALTdPIu:FnhR06rb46NEKw+MjALTdQu

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 42 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91b7bd8850f7a5f969c372adedee309e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1952
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1952 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2448

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eea15510d4b928369cff0c55459ae2f6

    SHA1

    c52c60ffa7c77cf02b2571a19bf3a5cf25cbf158

    SHA256

    0764480ab6753a306f2f143465150e63136e998d3f7fed199af32fe844fda863

    SHA512

    eeb473ed134bfbadd4cba1903ff78b5978ad8c67e08369741d7538539629efb31b7bdebaa173413dee2f63f8f45de0edc37c7c1ae789d6f6e53a82af0e285604

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    125665d9a8143d682db680d696322362

    SHA1

    223c4177f32481d9e2cb25140d72548004f591f3

    SHA256

    8bb2a43f485aac7e0b9b532dbc839e8823a3bda15044742bdfe690306e8b8a38

    SHA512

    eb1578d98ae0dd5e6a334445d1cadd3b4a57b89c94d1342c0b2cefd1037e5b48de1053b87fc882b5f23cb28b4f197879071263869fd0141863efcd4bd43fb075

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9563d5a2d38a7a5d0efbd02bcb65fc7e

    SHA1

    cafc87e1ca11b892bd46734f5ce065d9fbd86f4c

    SHA256

    119dfc09a55b622a1657b1327b302fa0cafa539ab8bb32ac8dedb2cce9748bbb

    SHA512

    b9261a20aa6ed3c305f0797ec9adeb4b4042806ebb8601acd816776fc4ff93915c60405a2745f1f43a6ee3f635b5ec586ea7cd06311c0c1ea977ceda6022fb18

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bb9171760eff636902e32b007c71b81d

    SHA1

    fa88afa00b1658d1456e9b7f44ab30d7578562f3

    SHA256

    ebf160d43096cbc480ce6baedfc6c5bf6156b46d09cb1c50784c8b8f5bf31bea

    SHA512

    8a0ec81f6cb46b095f634f67c125d2bc79ea100ced01a7f4d5183561592f52f0222e0d9f6c9b42fbd2d8493da37ca048aa7291d912f7dfbeea8ab54d841b9a75

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8163dae6d4cbf64b437e6353f064b615

    SHA1

    435d0d5c2b6a499d8510a21b3e08f6b4481765d4

    SHA256

    dd26dba6c4a87d3d6bbb8e540e8abc1edabd79852c2993c2eeb0af113e740d4c

    SHA512

    241e613fb84dfda69edf918533f14b09fc93508fa50dd5e2a1d126e38b1c34a79f6f4468f154b8ed6cba2abc95c4b5b369dee363034a108cd45049706ec8259d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d9a252f465fd0b8d17838520f975f58c

    SHA1

    d45f5c592b425a65b29461a7c320905e0ef5c709

    SHA256

    8160ded11e76f248bdb7e2a4413a586a1b3b2ba981c6493b6b60fa6308bebf4d

    SHA512

    42612b54e96e57e2cc657a715fc04882cda44a39ebd6feb7fd07b7fe22116b73ffed90aa87b3b3b25c9b9899e9b32cdbee8a3a142bbb1a889e635914cf2c3554

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    079603321927562f6e1e60e561b44c93

    SHA1

    a61fda791db660308d68acab6e20c65d38cb1d99

    SHA256

    0d2505d7e7e6ede68584ed6445eafb0a37b7a3e3a2f36ff278feddb3deed4a20

    SHA512

    d70c6c2c1cc42771268343b255302ca119debcb47c68bb95b3c5845f84d94363ee59500fa3a249c4427bb09527892fa8ac0a2dbe0deb64917143ee343396a84b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4953d9fb430d39964d0a702bfcd41607

    SHA1

    971c604bb3068951f87e94e20a144e648df005a2

    SHA256

    d021f7650ead1f049af741dd85eca58a76508ad9596221093dc2ae634a7eb5ff

    SHA512

    4bc8090faa96168281ae45e13fadc368f9e5528f60d533f5212c679cb3692967f2f56f2fc8c11d07773d626dc9e203128c6c5a3071958195c4094e7639fcebf7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    52be7eff83fd2b1613de56e1fd25d3fe

    SHA1

    0a9023c6f0972e8141404083df913f2e7c3321bb

    SHA256

    13f9773ac802279e62336a0162d06824c7eb742d33383250f52fa0964c238c57

    SHA512

    d502694c1d01243357af30d262e4e86dc6aa25279101d0040392c789fd233818d19c41379b1312f63008e2328a2a1553e2118821f1d1799bb01976be857006f2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    24a69f69bfcaba3eb35614cbb70aeeb6

    SHA1

    83de61f8856f867b5a9dca21319e3ce1661df900

    SHA256

    1fbe898d12699bc264a654f31d51da6c0005a22d1d687eea09e120a62b215140

    SHA512

    50ba64e8640f08cc43df308adac6f91e2a0429fe2d9742f31a37fb4b467c83313434f18cacb3298525bfb9c13d0f95c9e2ff237efa14508cf634f143febb9b54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b5cd572bcfb5254b7df5942827d1859d

    SHA1

    f0931324029b3747eb812c7c7b205826b1602e33

    SHA256

    379633796337a5f73aba4a0d53fc76b29eff139819839b08d44313f58cf87545

    SHA512

    a72423e04030d0f7d33a7ca4d1dfd1d6dff700d0baf99012c57ffdd2aca5f3d612b42c7f3faebfc91b0d1e901f59438966b364dd994546bab26ecdbf455c2d03

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a3a0b360e58f6c7f6078a3574a46a33

    SHA1

    96005eecae2fb4fb5cf8b4179920acd1028cc92a

    SHA256

    1a89daf4a52f96276a2f9511e52d29908e16746dba636a25d6d9006ace5815cf

    SHA512

    eead17d33c1d60251442372857c53ccc62bc5e2276ae49b0746cd3ee6f5234ffb95d16a8fa2805f9e4b7278a47bc1975063ef02942f4c426db0be9365f6360f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    93ab6898771527e2eccf484633cf44f8

    SHA1

    a40733e464e45f17806d3ea848ecbeee2da641de

    SHA256

    a6cfe7c44d6e170f1fbb257749ff765063e6b2280fa50a9090caf4bfa4c621bd

    SHA512

    968c4845d5b5585f11c1ba8297054e80f30b87626eb3ecc752737a03de4497e64c4c29d3a5663cd5790ef16b619ff5eb7dbef2e2d63a18ea3e0f70b213fa0a70

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d88dad3f0512da1f6931c398969edbc0

    SHA1

    a36c74e109536080057a248be496dcf7f9136c38

    SHA256

    4ef480f4b53c57c42a3b660b5b483640e3f949693476bda2595fc6080c1f6a97

    SHA512

    d51ec0dfb4b24aa34a89679770d8ea325ca9e42eee2790a8482d6c382f71a580f52f03a4b84c46b2e48591c78d23add981c6727809fbdd9e98498a6eec8efef1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5e65c8cff25f5dd8127761d446dd42a9

    SHA1

    be184a2193e41d5015669d280f60b15439c9065a

    SHA256

    d8cdf27b50399a876424e58e53d729783adb955584f35c887f2f4918b471e19b

    SHA512

    5ccd5ab0e29f9e88fab581e4196127451965adb9f3e2a9c61ff22b4409cc92a7606b3c60d9148f7c8f3d0010062c8cf0082b0ee251b1240ca893f4157cfcf1cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed85aab683de771aa5b43bfe11775b92

    SHA1

    3e7ddcc30b68ba8d8470b8257b990f49ea2c0414

    SHA256

    e093310a5abb680b1f64849ee337b7ddacd88a0f14a70ffb97d76d909199b849

    SHA512

    d2c2529e68f3603ae73db2b96d36cff8d615dcaef6870cb74c63da7722263ceecbc937d360511f78dd20ce324579bb1a0eaabefa48b3b2b8051aee0705bcda5a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    25e6b03167168b3e769b1540c3b6607a

    SHA1

    883ddddfcaf5ca4bffca03b45f2d5d54cbde5808

    SHA256

    675345b8b264ab03dc6c8d924fd1836940b105e5e6189a5880841304b0879158

    SHA512

    beb0400afe82c2038715158ab40bcd0f1852fc0277efc8cd18fb9747d0548ed95b6043e9be8c816b35cb015e2d819e90d2f35e0acd33521689d6b727b3417864

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    da833410f63dceef6a919ded0d36b8a0

    SHA1

    fda6a8ffb2a39ea82468fd6f2c106564b39c561f

    SHA256

    5103c1072db6f64c27a918f8016b286a0b2ebbb2ebd01e4959881a1d240b1c09

    SHA512

    3bac43f995740997c532ccbca88efd658784263cebd44e780effb2848dddd14bc04b0ad05b4aad020bf982c53d17f4e302d4372f2f52314bb0f27e1518145572

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    136235877886f994b27c22f042c65627

    SHA1

    65161a42b0acf23de67b575edec39eefdc6f8a74

    SHA256

    f6a6c4c8c150b1cd6e7e3fd8068328d8d8a846fa6e78827f0812b79cf1d4aa7b

    SHA512

    c77533bb2e5bed2068263301d0d2d40874966cedf5debd53276e4ae0ba54999c52705eb832fff0bacf87b5e4d59c5cac84b825ab4daf03b3b0730c247e6e5165

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bccca4e8f4dec011e1f093f9ce619dcc

    SHA1

    9c4f2faced0b576ed8e16f73777fc42989a512bc

    SHA256

    4ab7f59d6d957022a540dd88646015dca2bfdd9672eca30af7359f95e453edd4

    SHA512

    ec09a6f403c373a943128eac8d1c6f64f72525a811c97c37462ee0abb14431e8e05ce21255decbde6a2778c00f43cf65e20883eed6ee91477813ed86ffbd6baf

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\673IEUYT\bIMCDyRZW[1].js

    Filesize

    32KB

    MD5

    f48baec69cc4dc0852d118259eff2d56

    SHA1

    e64c6e4423421da5b35700154810cb67160bc32b

    SHA256

    463d99ca5448f815a05b2d946ddae9eed3e21c335c0f4cfe7a16944e3512f76c

    SHA512

    06fdccb5d9536ab7c68355dbf49ac02ebccad5a4ea01cb62200fd67728a6d05c276403e588a5bdceacf5e671913fc65b63e8b92456ca5493dae5b5a70e4a8b37

  • C:\Users\Admin\AppData\Local\Temp\Cab1805.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar18E7.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b