Analysis

  • max time kernel
    119s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:00

General

  • Target

    91e0a8011c23564d8f81636f62c7a1c8_JaffaCakes118.html

  • Size

    43KB

  • MD5

    91e0a8011c23564d8f81636f62c7a1c8

  • SHA1

    2c23bce249a1364159364507477f7971ac62f3e8

  • SHA256

    d64bdd5f1913fc7ba30a0557769abbd51aff6b3c6780fe1dc54e64502c67e7d5

  • SHA512

    973ef38092eb425515291f561b3d3e52b708bb8b1a0b60ad0bb2dca4465dbbc77c7819a612a0529a788bd1ad7ca402892e17a7f2af04ca62f1500882dcd9e440

  • SSDEEP

    768:Z1rqjhMxSCP0jqF9GWRbC9DfHcqnQGTSDT:/rqdMxSCP0jWDsTSDT

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91e0a8011c23564d8f81636f62c7a1c8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2868
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2868 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2208

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba38d6f2be40f57e8acfa53402d7095e

    SHA1

    8a132bb69cd257e02158778aa5e5798d38e4fc51

    SHA256

    f5a6b78f83a119c3a28a777cf54ea93957c72ab2bfcc2aca573f1f46c916111b

    SHA512

    6e6877f4f1b1617768415f5b056e2d9bb67316220206778a6750caf13839c5ef98a357435aa3e29f3ef3a1b3199353199ddb7c3aa46315acf453fc8b558101b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6894e5a6ea9ab36517bceca97d23c8ad

    SHA1

    9258f02a14f5fb17f6eb055de146d8715e4d9381

    SHA256

    6cf2585e104c0764daede6f31adb3d1b05ec663a66d01cc78fee762168917f56

    SHA512

    55c856c682aac2f47f583937822efd8efda6efa7939baaedf941992b1596f0b0aa86cd8d86736358c542aab6966b61feaa3a82f249f8b0a3abed4afc42abb3f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9a0c96940810f755b180af41c30a7fc1

    SHA1

    519bb3afb2694c9f23c1ec5740ff8b79d52d5b6c

    SHA256

    82d417726f1e4c5cba8e7695eb361ac08a5f11a8cd04bb3133ae955ba3219dbd

    SHA512

    c1773c478a5521542e248e051a74a7912c02421d8da8ceef0402eccb8fd998fac8c13a2d71340fe6b27f8e4b52569abd55d81db89e19e08f36fb4cc8894d5635

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f668118e91407086015d428ad3c52fa9

    SHA1

    cf248056e581d36574c76ae93611449e92e9e8fc

    SHA256

    1dfbb4a72412a3b447e287f952c11d3b16e4bb675768c52c4f4b54aedd815221

    SHA512

    269661d13490f33d3d8ac548df915c4d5abbdca7569c2911153353bc6fee9453b884814d1eef29128ace8635cca014e16831db3fc9b9e46666e1efa3f61a74fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    27e9d136858014db9b06cf63f78d4727

    SHA1

    2ecfeb645eeb55c6a60611a5ba194e1c9c320119

    SHA256

    a2548e9fb8a5a02468f31b5e974cf99181480c65f5f5ab92f3bf56127668e8fb

    SHA512

    ef5e0abe422d0ac7de606c8c4fcd0e28d66d1f8cbfb540f9d4e5f63ac7b72fa1153db482ce555cc24599ca2cb101feb516704e5395f6ae95ea697203d1879125

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec70e3e63528b21cd183cd942a168c46

    SHA1

    2e80fba0bd3e91be9edc739ada1ef75f88d4c33e

    SHA256

    0bab8e951947690fffc7381e1ecc701d297b85f01100dac723c3c4b156a601f9

    SHA512

    2d924427f605e9369ee55a6327074e9e0d12a4c8e2c4130c61693a6ee8e869f241bbffedd7b93e3643e86f01d834e04d69ee4944bd8e8baa38a4e87e82f30d95

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    470c31504ba556edfac9c92c20c8357f

    SHA1

    a8e86f836e04a4db8f93d51bb6218adcc983fac2

    SHA256

    d9c0d8e51633a70d95c0444365022573acfa70b9610b2eca4bb15f613e58ec99

    SHA512

    a3a9f1e9c5a4e6d6f69eae2e3bc541c419764dd1927bda49d4201b57cb0988a1b2541947bc7a4482587820bbc0b975ff76a6a6dfa3eecf4eb0a9b839c49fab45

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    39d7a29cc4b5d7be865734fee86334a4

    SHA1

    838634b50bf076e1834924fcbff97c46a0682f42

    SHA256

    a4e5e627330e6c80d62c7218cdafda2c514b13704850816d8ed98e859c7b7319

    SHA512

    79963958cdd7714fff5172a7ec3905570350f5d2fa12a34f1dac7a1ccbf48821353645d0886e91b414d0b8d65a1a59a7d739917d83bd486cf7d2cc4494ef77af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    687ccb12baf42af4ec40705dda3a334a

    SHA1

    4d1b58fbc538d74f531b46f6e95034f91f2e439f

    SHA256

    79c4795af216ceda65c9d848a8e4a049afff761720c621b6788ee17cc81d044c

    SHA512

    55a3950d9af005a22ad092c3460844b3fea31edd7b787a4c7462bb91eeb1055a2fe9bf30ce3e2c09940cfe84610c7c28eaaa3746e9e2378ed4f98e7fe8bc0c75

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6203bb59ac991d532d49fe6b3b282b52

    SHA1

    ff7653892b3989a1b0ca21ca3dd7cf9c9db6a427

    SHA256

    12173431360e3f8a70c77198ad32c6ab8a19ae0f2b1af4bd22dd0c0fd85b8aba

    SHA512

    066be81982996fe14b6d27996ec6ab3b6e8b687ef24b359f8dfa52aa1bd8ef368e6627e86fabf79f69858ceae9520a1d93536708efbb6a7f2ec91d4bc8db508e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9968f451126da32b5fea83356cba1492

    SHA1

    26796f96792a245c2ac32f16e3a60f062b15cd2b

    SHA256

    6f0ffa3dea62d04f51f969ebb67a8d71d37f46fd7e0c8e7e9cb1f88f7065e2e4

    SHA512

    92fd7b4ae62bed351e4f960211ecf2733d0de328e7346098a43cdab1cd7273ed6b4e309f7cbdcdd0c44bb44d57f7c14cf40ac00c28e9602df5985f771f48571c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0054223d81cdd4bf0d4e2947860964ca

    SHA1

    bf45633a278c33f214a6adb6e304496083fa06eb

    SHA256

    9a248b4869012de12aa2b881147e41afc3f1eda4c81d0bafec409180b1c783a2

    SHA512

    9bde87b38f029334ff5a246f5adbc27fd2041e6301644fe45461c2fab519db62c1f40c8ffb7c7567784d07753b2369c27341d65d9422f43abad04ac2de449005

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3dea2b9acf7fa8d8e06d7a320dd6841b

    SHA1

    8ec4ee419b625f7c7e3c129d1bab52ce307d93b5

    SHA256

    086ded118f807cd6be8b7a4ffeaedb9641b3de0a2e27590e40e69e5de136463d

    SHA512

    43323b360a38c104838527dc4bd0ef37cfa4cdb645f05777fb734953dc38e723d1462d0d7c92d12ee18e4ebc631d2bfc2e27ba18bdfaee1fa182a6641fcd4189

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    988abf4f10d792da8d3d1fcef3723582

    SHA1

    e84dc0b3eeb9453c5e688d1615fe784a0b1386f4

    SHA256

    4581371dcd052410bd97b97874d9e08b5efd939535d348c275a77352b6c1b692

    SHA512

    e31ec7ba922aaf9bc0babfa9c4e157376481427257ddac8eefe4e659c6648fca2e71f8389d13f978afc64f087d7ba44b82693666b086507f7f831abf73693710

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    80a233016c2c633a28ff00730bac2d04

    SHA1

    73ab3377b5a981d9d5d02f4bc89787db8c515483

    SHA256

    54f0b17a1d0bf60eb46e19a926cdedcdf91b50699a64dceed5a85b676657d31f

    SHA512

    5731f83e07e668786e689a9159895e7e95cfcb0a6f349d8c751fd3b67e75d63b051955ba427a9ab3a64db026036bdd34cb8c75864dfd842fa5164e5cbc0ccda3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    05b61edc5ad8365e77d59d6307246cc3

    SHA1

    46eaeb0f1a69638d8b95420f05cc3e05f71b5e4d

    SHA256

    cec073b8a75223c4dadcba9f2036db880cc54f39e0438caf7b0b2be70ea010c8

    SHA512

    32e2d78897f02a9b1b61fb4ec9a1f9c31b359c395557206d9ebfeb581293d467d4fa53cb5b3d5488794201badcdb8d7486a524e5735c4d880da44c2fdb05b327

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    440f2e02cc3a2015452f951d704713ac

    SHA1

    5c1eec8c590cc455ee5fd5edde239de130b75994

    SHA256

    610567a7fc751a5747dd62738e4fab4435926f6b3695deba9d19f7d45e5e3a72

    SHA512

    d595a10a8278eac5f50f1f7b7b15d743e73e07691477e29173e3e50e4e612a1b4825c56a1a7efa948a40cf9b7f648c9d6c5c5afd949a52ccabc7173b4d988780

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ea7fcbd6945ea35741c37d4bdff1338

    SHA1

    5d0ea41c746a0f3f43fca852e7630ef60c12ba0e

    SHA256

    8abed43617e6c9c423dfcfb76ddb331e8545259c44765399c763e69966d63358

    SHA512

    b24cf5806236fbac53036d1d3eade7f9e7779da1de5c38acb0098bdeac88cda49bf7e18f2be19492390f2b2422851721bf830c05af1f643a1a0f483d7dda4fc9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3db66273ea52e5cfb41061f4602b9011

    SHA1

    6db2c316683e0c3b1906b43d9c849c37117190d8

    SHA256

    8d3e161d6c14740b5e9477b4b68a02f16222ce763765370c384848a0895a90d4

    SHA512

    bbb9944aee59b9720752114b252875728f8f98a68e4a92da397d86453ac41dcbc20557b2700953349f33ee02bc1388c273b4b8e860b5122195fa9da5d97d374d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    387e9676fc612dbbd01172798ad57bde

    SHA1

    bd39371766eab02e59352f09dc46a0e35e1424b3

    SHA256

    f4b2f5294c9daae9e70f1d8b0ab4def1c49e11c86a25b5a5f593e4403fbd3c6d

    SHA512

    273042b6501f268abac407a2e510335142bdb96fa65384d7df5f4c16de1bca98ce50994b41003c791ca427d66b44951e73c547d02263b136d70cedd4f6d7070d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    61a6958eb032654a0fb99acf3cc55fa1

    SHA1

    20d33a2db6149d09c665aa4b93d705a112d6e93b

    SHA256

    d2ae8c23761619e11b4089d1ff57a01b8af7a04d6facbde3148935e1be90d9fc

    SHA512

    c410d32f72fc895ce0f969c32f65a652778aa4cdb7f0aaa0276310b4facd3151aaefe7cbc07392f8c4e62c6fba86a527fe7ba0ed49e3c4089ca1b0f8816af09d

  • C:\Users\Admin\AppData\Local\Temp\Cab8430.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar8531.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b