Analysis

  • max time kernel
    134s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:00

General

  • Target

    91e0b92fc6e5e09a202c575847cd1c83_JaffaCakes118.html

  • Size

    116KB

  • MD5

    91e0b92fc6e5e09a202c575847cd1c83

  • SHA1

    c7099a50d90f16afaaa452e1494d33a082ade319

  • SHA256

    d8d98bc32c622d90db3f5b7c86f6e834b898628251120f7851100121e3cf8200

  • SHA512

    c734c31f3ed1fa65c819b8f9c553c4695061098b0c329706a2094724ad987cd6664b0ab8b277d2f6cb1f4790ead185a00dc19cc84aee87315146f8c7f31a6aa1

  • SSDEEP

    1536:Hp5SyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBTOy9dGCW:HiyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 43 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91e0b92fc6e5e09a202c575847cd1c83_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2820
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2820 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2196

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    e388704e878e05b5b75a47be86344d84

    SHA1

    0d7f8278db5aee921da646e2cd6fb4dda0fcf729

    SHA256

    828ae658dd016e689c5df4a744e25f0ad37b55af78e5dcfcba4404e257aa19ef

    SHA512

    36694f61e5dba3f293ee65bd510d1a7f0a7bbf0a762d7072e7c30fe392bf88f5efc8c5fd8786d1b8f07db577cfa23cc1b3c4f52a31ff767ba80801179c5cbabf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed7314fe94c68e1c8d7b6c2168d62ca1

    SHA1

    ebf16d24c8208705615a1d9170bde98311b74522

    SHA256

    012ad19f891154aa3af96fc058bed2479755dea63e220c058ec18e7517693236

    SHA512

    aa9806b0db47a9d92097b3ca539822679483a5ca827adb1157f91708c82dda00e770f04f198a35b893990561a7fdc711535875d30b0fbbf6b1385a515ed9c7de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    697f1dff92866fd16c8e92426405b740

    SHA1

    0069c18e7f9e00317b376fb89b3117c146fd68cf

    SHA256

    3c4e6a2fcb41fb5035e314d76ca5a5f2112e9f439970049c95aa2b8d6b4cd178

    SHA512

    a3f16b3a4bc388c9adc69da0908fdf2aebcee5fc5d1432c011ac0b66e7f6b428670193a21e96ef911c0c18f2b8f432601250ce247f432cb4a615d9cc428e9397

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    51abdd592ac17c23d9fed8c0c4d9a322

    SHA1

    925ee8eef59c1581dcb94a9af65adcb248c551b5

    SHA256

    09aa22d48387d015040c76a3efa5eb1ab9957513b7473c47a852b4f324acae9a

    SHA512

    eaebf581dbcb4760ec49d72cbf9b8e98e6220d1dad873b09a9dd67bf8fbfd66e2fab8e34972cd79a2c859e90ddad05c751dbf32c2e93180f6c4bc860466e1b6d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f448fa874032df06c44ca2debda9a317

    SHA1

    8eff55f48221f0184095ae12cc263a59adf6b0ec

    SHA256

    396122855cfb01c6bb7184067834cd464df21223956cd0f2e6e4c0cd1def82fd

    SHA512

    bd6cfdc2677fdbc141973d4833cab24ad9ac4ef8f72b7278d807061adc0b69c834dc152b7bc71a6dbaf054a6ef1b396880d8d3daf850d28fe2b8bdf88632c517

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    96a165c44fdd7bab51ad3e2773a65d62

    SHA1

    b433c2fb410b55aa67ca0a1e6c6ff8af6f178cb1

    SHA256

    bd4da82536a4169221572759d1480050a69df6d26298cfeeb3fb0c5d964eaada

    SHA512

    0921cda7f48e075005a810b22dea6a8448cb724029a80ab4303731e936e43f9207374778667195a9b852ee59cdc871eb21f1310e4e9b8e34295314e9d4cfe9c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a5e589d8d5a1bb43470384b2d2a1e08

    SHA1

    c81534e600af3b5ac9c0788e5ac665232e7a302a

    SHA256

    a815e887607f1aa863e12ffcbc6a96fd5dd7448f90c4a525881a63950dc212dc

    SHA512

    4ba163e570b8d7bb0826af183fb4f46caf10454e6b77084f418759d59e356bd5a296a6757d623cb814d8b122626843183cea8c706e1745612aee2e2296eae95a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5ccee8cf3b6ca51d98a6ad242480f63a

    SHA1

    116f069f7403f341b1d5091680819f9dc5eeec08

    SHA256

    1d2687a40aa25d91d269ce334714858c8b0b14ccbf1de861874463861229ee93

    SHA512

    d4f452798977361f7db9d3b17cd0cca751b53ccaab5a2d370affbe3434539c10facae87aea629b18b61ccacfdd95bb35649745972096187c91d11306f3c4baa7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4346b96c462be1619379276326f4ed8a

    SHA1

    1840df9a188a70c0d0c6344e6eff573ce1a08050

    SHA256

    036823a31a2524b20dbf2a0f472da789a7f86605276d7b5ca4b634db6dd73888

    SHA512

    f9f97647ed258dc1b49acdf7bc5356330409b7aa67e3e4ca240a4f307d23b1d33fdbedc8f50dfdb5d378be9974c554f5b139496253116edb4b0ec5a66629e3f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b334fdf51e6f4df3812975d9719b92b1

    SHA1

    b6913adb1fa34f9bf88498cdfe71cfa758c6df50

    SHA256

    d09db4b231be85e77ec25965c9a3f0e017ec8d0e2f9d7e3326fca8705ed07796

    SHA512

    9bfc1fa90a1753061ca6b24af97c2ff2f50f8bb7b4368969585e65a2b2b651e0116d5e291d7293fef4c228ee5fa0716d8d1cd9f34bdadf72016aa1f7341a414b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    66d937052b1a58e94f27c094151a2504

    SHA1

    95dbe0997b59dd0efb2d015eebfb0c427edb914e

    SHA256

    240aa673fea6cc1188817c515a912f1c8e88f285de8cb33fa25690ab2041e97b

    SHA512

    99371a2e43592d5cd5b21cda779ac7c7066992a17e81b17fc34ab903bc742694eed712d246847ebc1b265bfeff0d3caa70cd9c5d0997adedbdb177b954a9d673

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    902ced77df3ba3a11bd018153135321a

    SHA1

    fd94f219d0112bce0d75f401c4f3dcf329f58911

    SHA256

    ecc0bae2ca2cdc17954d2ec53e29e0b837414ba9372134ae8fc39b0325c17f97

    SHA512

    00ccfdf6657fc21d7b6cccdf6f0e7e86d0d0174375a1586118a81c4da98eb9f3fa2df101853b5575fafce9bde1701897bd18663cd37905f32ee1b862ef72dd2e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Temp\Tar26D8.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b