Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 12:56

General

  • Target

    91ddea14f0f896c0584fc93837054c7b_JaffaCakes118.html

  • Size

    27KB

  • MD5

    91ddea14f0f896c0584fc93837054c7b

  • SHA1

    bb9abbd0749895d9adb2e3a1272a556768b48d1b

  • SHA256

    eb8a389f24850bc1235946e51e1183db53629d02da4af16b852ad7c1145e5656

  • SHA512

    f9055a7bb77428c69996f413f87d46ab6d88f798352d6d561d14446709476db8b7c60ff82f83a8256769901a90a442305095059e1786b3e1fb39e46f0bf76cf8

  • SSDEEP

    768:H1S0m8MV4UwhZgEhyYCGCgCUCXChCWCYCswZrINhk2Z75L/eY:H1pm1V4UwhZgEhyYP9dYu9tnwZrINhkW

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91ddea14f0f896c0584fc93837054c7b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2576
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2576 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2444

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a1191ccda67ca622df901e8a558081e4

    SHA1

    22836f92c2c9f33d839836f2ec5ae5cea8bccb46

    SHA256

    e657a4f67b4144d7e6a91a25068b31ba32588595d5ab116d0e06cf23865cc4f8

    SHA512

    35bcf652faa1b512534828f1df1dbe2dc6446646d4e28cb9e9f3513ca13486871b380de1555306ff577d8ed6850249063cecbc29870c42c174fba1baa08867ff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    05d101aa5e347fb463692b551b582bbf

    SHA1

    617f37b30a0502a389d856e6435842dea4236dca

    SHA256

    66e0f0c21a5a9799375dd52d5e6f9f0bd0e71572542ef443ca290dd717a85be8

    SHA512

    c7dbb843f0f1b9fe85b934bba491bcb23be543f24676a6d4ebbca8b0d4c707dbdbd8547d684bb1f2e984631c93b2b84fafe3d270bafb260049361e2fe088fb42

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    98016bd173c1d6603903121a252fc9c6

    SHA1

    c22eba919bc4b96ddf04e80339f5d90caac6de63

    SHA256

    51eadcea5f6a8ad60ccafdb9b6f1a23723cb4c43bd71add7d6fcd07ec942b9c6

    SHA512

    e28ed7f934b4e5a9de11ea43bc0c1e358dfad5a40f2c05fb2c6eae8cf3c48c6d3d3a1818a2e014615943bb9fd246bb39e1b3f8bb8894576399edbb1f3a04600f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6997755cd0e9283d40f69d4af5457afd

    SHA1

    fdeb2a55d76ee24d98d49c89792084c496fe8342

    SHA256

    bb4a7d8190fcac86ae1add60e64c256a6e2b396c4a31463439af26e75b45e1ff

    SHA512

    10c0dc6717c97ea9d4858b9175db8c5ffc7dea3c20779da94e7684e7e598b3720e6df503796551c9d461b56ffa57cbf2a0657b28f9ffe27956f052807793ea17

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d57f7da9db8b5db7743730ba2ae3428

    SHA1

    17d127afc64d5baf4ef4793bd07aa49c4a1deb01

    SHA256

    f7d377300e1629b5916abb64214cd9edcac46e1669ff6eca31d33c48a3c1818e

    SHA512

    2ab6a95f442b0d8d651fdc7d11abd6cf1f874bfd4f90441967dc95b097267be22eee8d2bb192547f75671567aa475be65f5e9a9455bdc9434f07e70f376c05ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5509b04fe31ded4a948b360b039820e8

    SHA1

    587b8a6044fd3669fe584db86cb74671022f2ef8

    SHA256

    d50d7b8a1525920e90afcc55e555269a28320ec855171c8f6396b12737af1c42

    SHA512

    9c8c321924da9386a042846b10dca640fb95cfbf8dbafc6829fabf84aa6bb25953dd4ed9a6c7e9d20306721e388647981d17da893275606d35c50d3b07d632d5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1a1170e667152ffe9e26aff65313f154

    SHA1

    915df6a65dcfb064f73f5907557dc178068076ff

    SHA256

    63d9ecf0374e289eb2e0d527d5dfef03dd59dea4b408a602c801f2c631eda7a1

    SHA512

    0a2825ba43bd5c56904804ec7ffdb6845bf27534d69cbc06eb6694c28c545ca147c75da0f0e7f24415f6df13b0823f6d8c1f00bc80fab16b2d4f009c66952c2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7938aec1613d2ca8f9706f9491f3fddb

    SHA1

    6f5a3ce3f2ddc7d205b619ace435306c0e59fb0f

    SHA256

    2784d7b26058255633a1dd49a89373df3f02534760afaae7a416a689de67c5e6

    SHA512

    7f25e584674ebc76d2e8a1d1c8911ec83749abaf860e12c0ec437b38d5e67e89330fbcad02fe965199b06f522d5bbdcfa39a1168e1859f9a7a21f83390e69e74

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    331b3ca12cf300e1959aeb5e3de865f5

    SHA1

    4e3c88d58231f556ce1ce6c9f2911daeef4b8223

    SHA256

    7db5f6dca30a2b15b3c05e4d1c93205064548ecccf96e0869222b6ba72a47558

    SHA512

    6f6ed2450879ea1fd4dcd65b4e29dffe1950cec14c6e0428ccdd2da4b5a9b63068c539cd583645c9269a27cdb9e0152b06fc2400d07f3cb491fb21f297d3159e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec503bed095b47aebaed054d027769fa

    SHA1

    82c549afbd043401476851bc2ab10c4baff0f2ce

    SHA256

    1ac08a9fe0691e98bfa36d706bbb9d9c21d38cdcc2ab74a185cc852939b36984

    SHA512

    60fbad6fca9ba83e9dd24fb9bb8bcc9e4920ba85c3c69281d49b7f2139df7e7aa90bd11cfb26e9ca3837e680f5c4dd14ba5783a5b517372d97dd933410c36936

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bc7a08abe48babf4ee33ab7b6d453d45

    SHA1

    1c88d7046dd65076c0bbca3a29537e6afae312ca

    SHA256

    7bd9f6731844e2e74e3cbb029884d00cf00220a12be37618b916404e4077a1da

    SHA512

    2d486a087830426aa90d3bba507e362b2e6586619cbbc8a64cb3ce4b0100d5aa9e3f8586f988513965f40598d5503e16e8efe27ed1960ad1cf82d747fe6274bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d83ea51dc892d1dcb9b05d852d8cf728

    SHA1

    5846b771dc43e009e5a0aecc41324bf69d725a72

    SHA256

    8a61bdaf5e350afcd11e48d3ee9cdca4983d6d51f595638a4632ad3b105d57d4

    SHA512

    be99810539ef49692c0d1cfd03b9b36fd931e88f617ba51320a2c91b17612ffb46693a53bc48f53b071822b89e003b50e587ee2d72b12f1fa37b54a9aa33f1c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    930fb56876070f2c4d7b961bb8343253

    SHA1

    65c0bbecae7c3674f65d892aa495ea8b96b4d62f

    SHA256

    f6cd4f9c6d2840087297edc237674369c5ec81b25f2d484ac5d196c39ae2601d

    SHA512

    d0bd8d21916ef28727b44feee3cfb9a8e65a12701d1b3b7fbdb3b5a24d49b4b4c0eb2a49c5b0005c48da37e7744fbf8b4df30093d144aec37402e69e955b98a4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6987580e436c7c7c3ecc9c796ee70838

    SHA1

    41802a70bbb77040815f75f47680399d13d2c9da

    SHA256

    ec879dd44fdf4addd3f486242de509b178ed9bc2924dd991ea82b3567487caec

    SHA512

    2ba2a9f1c5f4a0ebebe5af5a6c0c6bafc14fe2a275ac28fb1f39dbd881a99e8d81107b43b204dee9aaf6917d8e19a08ca044bedd256f3431196f4d7f3702ff4c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7a02871f85b46ad9e143ad8217665058

    SHA1

    43744f338ec9301ba94fd60ae66a3d5b2f9b25fe

    SHA256

    f7082660460cec8e20638ad18a6fe331d8d4e11f06147a2d794e7485a7af86c4

    SHA512

    d7e6a462671d61efa0edf5756381c30f941b31f4c8a803ae69515edabca2289fcdfcc4806e04ad03f75c22e57c5b7e8df8eda103109f46b49283afdedd07d203

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6aeb4e656a4904fc74bf5d817849c4b0

    SHA1

    5863121b151d675a04cc2c02a0249ec75ea9e579

    SHA256

    0bb23f36d152a849d53a45a4e8a9f2112630dae03710e8eb87ee9e99163ca9e2

    SHA512

    0f0eb89688cc89c889507dbe2f1bb6890b5be97186634e32c5f407d48b65d293b4320a95e5bee225ab473f661328d680dd20380328390257c64a7988ffb2e54d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a800cb0a84f8b4977cf681de5152f0a

    SHA1

    d525d3dcdf94b68efc030c9a0af2369fcc97349f

    SHA256

    b626d2adaad9e856fd09d254e6d62a132a754237598b976560b61242770af658

    SHA512

    88329e26ec3fa71c44e981c92d55ede29ab774a58544e913c961f2549814eae2dfd348e1ed19f0020ed04b416629c505c4fc508329b69b0f8796ccf161e30e0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    efd9b97c8b976118c9b45dece6c72f90

    SHA1

    85a54776d7b3b32052234c8910c7274f6ada1ddc

    SHA256

    a43fc00d6f47770d8fe734e0c978f3b9ab439492395fc2891cd417bc64dc70c5

    SHA512

    2c511288243ed63503d0ce2ed3866e8c99e4739079db282c509125673ac24ac35908dada8fbf85c597277393c1b847a5fe2edaf7158a17af10d270d5fd6a0c45

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7551130ae32cfe8a0a2f1681b38bc274

    SHA1

    0b2b3de25b0e48ae42040aca8662f889c652c75c

    SHA256

    16e8e10fc43f612b0afb919841460a25f15306eacc829d679fe5ec5e8941f10c

    SHA512

    9091f40cb015761e9d56efa87d1d107f099e176e7ece37ed83564bbad5e7a498c9c8e187ebd7258b7f9596b7bd901d997ebd3598d9edc74b7710b0bdadfd1779

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fd5f59e4b715505ac6d70a6e3afa1a32

    SHA1

    12329c72089ba69745d4aa26548d37a82b791f5f

    SHA256

    f3f74511188eddad9289cfd351db597948b8d9873ae6ced5ac0dcbd9380be035

    SHA512

    09ca290d5d412f5d40c89dc8462937fe5c5d5c1c3e5bef3c60b701fbc3ceddf6e61c5cef3ecd4601c747a0de2a903e1d8a4c2df82dc3d5ff0cba95dab67b367c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e905a1e905bb9f0ef17cb7352e4c2d36

    SHA1

    401c0a5841232950a7d9123145d24b4fc4135687

    SHA256

    cda8c5bf0af9b4551cd4f7e5ba6afae4875a8f10a2db0bc9ceda326332853cc0

    SHA512

    04a173b32efa647ae308bac0eb9add066d0b0b0846015eed69031036ec043acaeba626d12ae5cf9591b4cf97d8c8fed27542d5fc457656b314ebac96c8637272

  • C:\Users\Admin\AppData\Local\Temp\Cab4397.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar45C1.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b