Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 12:53

General

  • Target

    91dace6903c1544b3ab731bfaa393903_JaffaCakes118.html

  • Size

    460KB

  • MD5

    91dace6903c1544b3ab731bfaa393903

  • SHA1

    825ca17accaa32949f52da59807a9bf6d4397764

  • SHA256

    578c032edb3c066b2bd1da2608fc2b9703360bf9958f3a52c60f6380e18a1ba4

  • SHA512

    5b2df3dfdb173f522793cc5933e191d78eb889a1adfb0034d78ace7d6b1e282ef40e2fe50d676160b32ce2c22bae91bfe8fdb80777c933981303b922695c9218

  • SSDEEP

    6144:SysMYod+X3oI+Y9sMYod+X3oI+YwsMYod+X3oI+YLsMYod+X3oI+YQ:p5d+X335d+X3s5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91dace6903c1544b3ab731bfaa393903_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1684
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1684 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2260

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    afa9321bdb3a228ac70ddec482be4e67

    SHA1

    ba03fc07a140dd27d115cb751bbbc47bc27bf4b3

    SHA256

    26030fe1eb59e945e6695cc24ef7581d7d65ea644558bbbd7cc7c09a61f527e7

    SHA512

    3bb2960fd96860ead69c2e296bfe071fd79f14c1913559df3f9fa069ddac3f9362c88a63da046ac2a10f1e3b872eb7acd74ec067bbc56b3e269695239a13909c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    be0c559010d58b410c1667ad848bbf7d

    SHA1

    718d44aa8ab24f9efaea9391e361d1b11b243007

    SHA256

    04fc877390816fb205cc9f277e33b143d16ef32c603c5e7a334f319e9675a53e

    SHA512

    5fcc1971f09690835e78bc367b11cc9c0562567eaec47c3e750da92b8209bd24c5f58382f79d3455aa2a18703892b6f7f9bfbae990f973e23b287ed484ae15ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c4092cfc4106302efbc652945b012fb

    SHA1

    5d6544d818d68d14311a2d568d753330e2984d71

    SHA256

    fc68ac2574128abedbf2e8303b8f4e790162a3437c98a5f69ccf7f110ecd38f2

    SHA512

    5f9c8818a475a22bc7f031248a08299484295cafdadae503ea0bfba846744c9486df1932c69dce5f156789c9a710e9f5663381c288cb3d7f1c4faf054602af04

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1fd09192c46f4fbb3b8a1227d67a2cef

    SHA1

    71ad34bf3362c7867aa57e9dc970bc76c7e6104f

    SHA256

    7988c614b887af8582919c355cf0f2bc241a0bbe5a10e30aee0edc91d3e0f65c

    SHA512

    d7a61cf516fba21d83afb4fd50512d3f7e4f7b68facfa84faf0752b9cb41c66d7070004ddb3468966e35972f72e6606e4393a6016dec3d4ac209b3bc6c6eeba1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c2693995356186ed492460f58acf2126

    SHA1

    e8c1dd45e990208ce96709d09d1b36d52c9ec5ae

    SHA256

    f052137d2bb6107f17f1df065663e6ac4a1b97c4d56fc0e68b2d1e0fb10e12f0

    SHA512

    3abbacc0169b005723414c23c59ac8675f1c4cf1cc5d647534e977cef64c8d120fe059c4669359f3ae864be253afb07c504d1ccf7e1385f9d9e4f8b50c8ae04c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d8dd003d8527d56f24b2c5d74de8835d

    SHA1

    d38a8815d41162996635e72f331a4e66e03330a4

    SHA256

    c9e2fe855cdb87d09b34e6f92fc6a38ef5b0fce1c4d8b7c63bee418693e626ba

    SHA512

    987017753f8e4c40de82e0991b975120a04cbb720d58995d452de58457e1f783a21db8c9560e3b81f2ad09bc9ed09214a7668d2b6840fa7c767cc6009a7f1918

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d376b8bd050d9fe28c009829f6d38b4c

    SHA1

    08e2f76afb52796a35cfb5f4025ffd4f2a0c65d2

    SHA256

    81fd87fcbb4fb4332429172e43700bfa896adb210411432895b55a96628ac84c

    SHA512

    e1e7be056bc41ec4b77039088363a8b968a6f08cce7755ceb416f88be504156982e0d745aaa7e4428933ea65621e307ec73909a9900946113d4345844cf67e0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f099eb58a4c6d066c8a3046cf4f6f4cb

    SHA1

    ef13da4c0feff458dcba71623313633c1e87f3b2

    SHA256

    e23d4c5c143e7c7940c409d43c45fa2a877c376cc53bf4973fda08dfa72ec097

    SHA512

    09c9e9c7aa2c4f0533789ea4ef0abfdc5cb5f4a48c8b579c622a06e9b95f788503f9658959b7ef794dabd42199b83f3c6f4b1170ea5bb39bba3ea7f8ddee3887

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    73f14538b3daafeffe47042202c333ff

    SHA1

    0f0aaab02454569a043ae4217bbd0e9b50978e15

    SHA256

    ae2886d59d69fe076e996f5b5cb40b2782571fed062bb8ebd4d643983ca5d1d0

    SHA512

    3dc55bfcb60e5d46c350de854310717b29dea5771373630ca31241ff73d7792391291c54accd676574913dd833015e7b4fb3cb264022420b09627b99b7acc3b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2041a9a33c414bed0452bfda28872f85

    SHA1

    744fe02a1e027392cec9b75a80574514a5779c9c

    SHA256

    308e98dadfafdbd69d6be83ea83da2c9f10378cfa5ce586eeca6ce66c276b809

    SHA512

    ea45cebdacf1bea26fbc590996382d9d883b751721c3be3bfbf6478b89a6a4288dcff77f6c8f5ad926981457086fd3ac9b37def7b05cf64d296556def7e9ca9b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    98602e72bbe7044dfae50dc59572af2d

    SHA1

    c52724a5ba4ca7d8befcd82f56401fcb0c366017

    SHA256

    b2c50c7f2863ac31a7c6e57b08db775912d3917e6e8146929c0c7aea08d80e75

    SHA512

    818ef154754f8892a58bf278115d91c81b8562959cadbfff89f97064de5937a723e687bde8d425d80d4e35ad295a76d183d4080a204013d4b3c7bc1db349d3ff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0fae5182fb79763137b49823c7b75f32

    SHA1

    6f7bfc44cbefdd87f7d50f1418bb10b391cb5858

    SHA256

    35118e67fa89f38e119874965a31114408efc4efe24cc334ebc059c0cf523389

    SHA512

    aaa9dd506d52c59cacd1401993d32f30d0884f8369105647f874880cedcf8c3acd3b3862ae80d141acee549679cab1decfba99c812410ba89675d438502c0895

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dde7801aeaf350a6acf3001ab81dc2ee

    SHA1

    75061ee9c7dfcbc00ee8ccdeddad3d432c19811c

    SHA256

    4f67cc2fe7d9e0fb4ca65fe8802aa45e67ab890a659081a463e56f7277b4e988

    SHA512

    111e84f9c7c81871bbca021a034fd7a0a631c9ac05d0c15207f56f338418801a491b0b90be00db65757f00ba81b1a7f0f295191886d5a7aabefb36af63bfcb13

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6fb640947344af223ce41afd7969a77c

    SHA1

    89ed5fa5c1a5c1c7bdc65f79352a237f3466c6ad

    SHA256

    54300455cae0ae7038abeaf9a7a47d9053e58bcd87f0ec4a3a75f403865b5bb8

    SHA512

    d8c674803ab56aa431fbe7c081652b02dc734d886c133ad04666e1590cb7d29ad089b3485e5a2342bbb66bd13b688b6d44c86e805f4237941133a080da75cbd1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    20bfd543972ef9dca98f9cb980727138

    SHA1

    f992fd00a83d47a56c49fef20b7384286a39556f

    SHA256

    68b61069072224122277d8e9cf385420d3b03e126da9a013f780c469f44a49b7

    SHA512

    f5cb1d9aa92a14c8172386c6b4d45907fcb36db3218b410a6f61296ba005df523e9917d2dd85e3a0a53063e2eb721d441a34fe273d225249b2c1a3316a40ff52

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5e7daa7a8809c8f6b6dfd0a183d25b79

    SHA1

    217c36fce0ae3544595f2e9da29dab1fe9cfea57

    SHA256

    65b935b63948933167af0e6e6cd8f54bd53c8581198dd263fbe42a24f95d300c

    SHA512

    56b8d0380c4212510a15707b0cdc05b4b043726f2cd6c02088d7c921092c2eafcc8d892a7d9afdf9519a4e4f4a1fdf3aa492c0104210c2b9ba52c950825ea8aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b8a5070f9214024ae7867a6660361998

    SHA1

    0de1875c96c8a760c804ba8883ae1f5298c4de85

    SHA256

    3ea6d9dbdd0d42627f9f8a69de0a4792e9294c28b3e245994334f41850f690c0

    SHA512

    251085a7700728bba30f45f4253731a52aec108ac2f6dbb7f86a2d577980668cda2fffc8c0f2a9e95713d13c8952ca54ec3a55350f81d0268d1663297f545490

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6c9ceeca1eecaa912781a602b4227167

    SHA1

    3b59e02f5208c0e5eae45da5c87f780b8ceb641b

    SHA256

    0855c2c99bfaa2120f646b35d07620b3bdc9cbe14bbbac31ffb1b747d3bfa21a

    SHA512

    2d8ea8b5aa9b8374890099d5b0dcb9da70965778274224debb00b9278b9f943d75e8208a1fae7a6387d061cfb0a004e76f8760f1e02a0459f211c7ff339b20c3

  • C:\Users\Admin\AppData\Local\Temp\Cab3B1E.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar3C11.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b