Analysis

  • max time kernel
    141s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 12:53

General

  • Target

    91dab2f2a0305c3b104cc60fcfd42e3d_JaffaCakes118.html

  • Size

    139KB

  • MD5

    91dab2f2a0305c3b104cc60fcfd42e3d

  • SHA1

    5ad5cfad33eac8971d534d5c412fa1b03f4a9250

  • SHA256

    332102785fda24a16a07154cfcdcf9ec4b5078955c8ff13809979c982f1daaf4

  • SHA512

    5e7c051eb86644490f75de8f640f700035a49bed19ef5b4e9d2ccc2cb5174ba3fd50f444e0ce821d25c76ed96f04ba5a165326290e8a3166a4cb75df0b8e79bf

  • SSDEEP

    1536:SGPmGV7iZltzSEyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrk:SGJ4zSEyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91dab2f2a0305c3b104cc60fcfd42e3d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2208
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2208 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2532

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    62b52807d1dbae2323c8d48a15d1c836

    SHA1

    89fc6d9d8586a7307d18c47a0d6084023d9092d6

    SHA256

    64ed59c18519048fddf0f999df542e62c7f89755e3362e5c0ad45d4e567dcf04

    SHA512

    f7affd9ca60a69f0090438bbb092d85dd794814c833c948f894c0089c163cd9e49fc2e7e4ff4d306e1505b960443ad99a4b702f6ce4160326901fdca7895ed78

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    016238395b293381121baea558516943

    SHA1

    c1297041a34a73a1f3c4ea53770457be9c9c1608

    SHA256

    96b07b806c2759c2e8fda099161f7d067d3e7c012cbe4fd564e66c73ee084162

    SHA512

    372e86ad08b321d046a67b49af799ceef4f1886fabb71808a25e365e7acc8037f6ed121bd838f80012b70a098e73294385cda3a92783af3d2a21e7a173a3bd53

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a56a175dacdec294d37a2729f84c80cf

    SHA1

    d4fd4029872d283983faa4c6f882c69d7e454fca

    SHA256

    d57b7ac0fc93784d32c48bf44a9199f2d22c1d1aba1efa1263730c1deace43f8

    SHA512

    3f145b57c7772b2a2983d5b9316f5628abc5dde78c36c4993364a933d711a352a1a7c400721c9e3cacbfd092c827c7abb3b1d3448a5d38e095ac78ec672e17f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4fc3617d858803b3728667e1b26fe6be

    SHA1

    d4d41008fc085c1129c85f7e6ca2bba8df546739

    SHA256

    c85e6ccd87e92f30b987a9c9c30399b035e738efd0e20efb861f0cc400a92451

    SHA512

    74c0b79a0532d1ffeea23310f7af6b59917dbe3bdf486382f62d619649a59d4837f51642a6996b277e190b11ab705c8f403692bf274b1e28cbf202fa8c19900c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    37704830f4dd9811271266685562d9dd

    SHA1

    d08f3b03790c5441b750acfb60f59232590bcdcf

    SHA256

    dc4a4bf67aae68cf7704188813d4266c77bf97bdf67730224f0fd2a54c6dc231

    SHA512

    5eff8c2d674b35c51e0e780bf30e21fd7f7ded3b7556c5c731640d963fbb9a209a73eb21405e6ce47bd4750bc79d12b628ccd44956c72cdbe9dfaddd80168d1c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    047ad4ff4fc73543a5de7d232301b89b

    SHA1

    b71bc2c4d9a475c65fac5b7902a18440b5b87869

    SHA256

    c26849cba9496cfec9e7cb2a4edc2ca85e694290c3bbaa5cd02e3ce283c2bba6

    SHA512

    3304616282634d00d605e6e39986306d2cc27628d97120e7ca0b1a8496f090aedfc2fa05b80951106fdec5138bd3e717a3cc5a1349b323add29eaabac9e7ca39

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2aa9420af271ccefa7a225d588da3597

    SHA1

    88592545d6de9f0e28166cbed383b3b8ab0028f1

    SHA256

    af1a156bf22a8eb172c01a83cba2e150812fa7c34fad7cc8c12d8765040fc801

    SHA512

    1b4b8d5b8b83a840cf59223abeaa88fb6bec71d51cf24c260e3941124256e86c6ea243c38a59642b11a9c20a956050905a1e3cd891d657faeaa8ff69ce9fe3d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    41de98f293a67baf04768589585d6f08

    SHA1

    5eb62f10aebea16d0c0efe6343ea73fd4b11769e

    SHA256

    12f18329ec4b93948836a44323b25ed0450ed4f9dbbaf62c7f1010494243886f

    SHA512

    5a85a811ed029ffc2c0ce634c0738cb23b358f2730154fc2764e7b8d7ddc1449a990d200dddf44c0c667c1ed281b76e79d2b78874498b238f57fc42a99a089ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4cd6744eb3ef2b71d22054c3cf855715

    SHA1

    31728252b2819916d6f297027b066911d9141567

    SHA256

    b861f99959425813508d885776ff1d447845b8dc0582ddb0df23626c3daa0a44

    SHA512

    1dcfc16d5e7d7d10355694ca097745e27c5d9f0cbaa071256cea149d4ecbd221ffab385de5359f1ea5762b5eb3c2685f7ef5755c4791a21bccb65de50f0f90de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f60ebb6a126af802a10c1dc8d1d865a

    SHA1

    08ed04c3db9512149fac5b0fa9d4355e6fd98589

    SHA256

    f91bba340287e6bdfb62bbaf020a299f567a614422271c566b7e9db7d6d60deb

    SHA512

    c3bebe780059c938717c953007fc8114af381a27b2a71a460564874227cda751848d63fb981a431cc532e75af9df87c84feaa6337b0eb37bd835c760e1f3c9fc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ed43ecd51b6e7b43327c25a1e928a51

    SHA1

    c3ed742bffd91c4abb5a0b6196fe821928fc4b45

    SHA256

    8a9e62c7ae31a0a4aa1d93c1a8b89cd227e9cb0be6be5e1556e40c7ab597ae35

    SHA512

    e2b91dc29a7b55dee8427f08a979c7a1c39fb0ef1a15158004f641315aea0632174817fa9894131810611918335d65db8ece73841d6ff6b0ef67dffd67ba553c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2de9ed26b048326a5c03f68d09466d8

    SHA1

    374297417647efcb4818c74d3a09647d150e62e2

    SHA256

    1a531633e1037bd0e4cf08f16e792eeaaab2299674abf38e2390c235a8dcde8a

    SHA512

    dc37597c3312b1c496e72497fd1412772fb09446c9eed822c9f51ad08d1969187491607c498c512e71ffab466184a5609d361a7609278129a836822c651b2e8d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d5ee7a943a9d66d7b0c7a44cc7ff6aaf

    SHA1

    c3f17065cf7d3543275581b299e95d0023d0cd78

    SHA256

    7fc35129171dabe147a39e22e874bb5b8035151b41f99dfc3293002c0be09803

    SHA512

    8d971c79eeca24c8fe2563b0b110b9ae12bbba6c0d89cde74593a40a6de3067b53b76be84aa9a9845090eb39dd74e5a955be6817021b8c140067d0cdce10ab89

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    112718b8b2b7ee9954c56d7bc5efc8e3

    SHA1

    4d0dfb944509a09a1a43dfb150ad113cbc94ebb3

    SHA256

    f56957bb1bc45b06ca0796c124f8ad9ad79423d08ae925f15c6a79188dbe2aa2

    SHA512

    2c38df12032c0b9af9608d9705a98dec95734bc7e1f1197dff6f909d9a15a7f552bebc7503736883a4bed061cdbee00b9fbc8e89708a8cb739de9e43b45831ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2fcc3582b0d229e9cdcf92d14fdb8997

    SHA1

    a2c39372765e9048c3d457621c43ff06cfb4e225

    SHA256

    636cc649c3362956e700015000b9634e1231f203b6320e11f02f6b94d52519d5

    SHA512

    83683d8a253636fa3afedece649225e2b8038f5ec8ebb24bac062e08d3b559ec3352f3452698091b4be342037a2669c9eafd8998b5eeaa317b680c78f3204ffd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b08dc74dd8156f8a50654d2ccdc41557

    SHA1

    cec53c5be1d456c0643389393601f99657312300

    SHA256

    dd0f0e592e5691d1c138a88b88c9619d08159a8ba9f7c9f722d9b5d2c5a0df7f

    SHA512

    f77f4a34cacb0512e204b542cf89296ef8c81e368a9e9130e6aeff439b9da858780803858700c20efd91297e882a8e9a3cff98b30a239b182c42b03137de120a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c2ce55db4b71b94d966a4a15a97018b2

    SHA1

    2ff651dc05b71e57793a3126f0ff199a432ee93e

    SHA256

    e2ce9b6c3738b2726edbf65c7ac78fe1de6d5269990448cfe7ae373faa3991d4

    SHA512

    b70b5be040f5e17ed8db8263ea2c81f741f1c239631b9b1b9e99778144417d247572cf36245c40e4346dc2a2d65f84ab864804a59dcfd460bb62cc2bdd8b0503

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    886c26f261196e06ab8036a8c9174842

    SHA1

    e825e1544e0ed7db2723e882a4039f2cb63e331e

    SHA256

    8b88998e21096f9e8319d9cef766b454fe11d2e910f06e6612e1d6eeaf9a272f

    SHA512

    4f6a8d0bd881f66ca5cf1045d41faa687e90e14eb78ae4d0742caebccc66f6b00897c1caed010d55f2a847cd98be14aa1babc4fa992e196df50a51ea06b146e6

  • C:\Users\Admin\AppData\Local\Temp\Cab791.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar8C1.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b