Analysis

  • max time kernel
    143s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 12:42

General

  • Target

    91d36114ef911347b46887b535e0c9db_JaffaCakes118.html

  • Size

    43KB

  • MD5

    91d36114ef911347b46887b535e0c9db

  • SHA1

    2f31dd5a0d43ec53a70be01fff3631982f8a3bc3

  • SHA256

    6c3258334208e68ebec8fd5af64b1e388065e530c96f26894de39784075c68d6

  • SHA512

    574c1af46099d4625cb1305d9c4fe037e11f05b5f22d59504b022f4e09b48f47693fa0fd1f7ac5af7ceee406fa3eccd19ec897300dc5627fdda6d42da99b98b9

  • SSDEEP

    768:vGFEUvjdxcXxvt8nEAY46bw7F2m79rDSjRd8U1bTPuYR1kxm:vGFEUvjdxcXxvt8nzhp2m79CjD5TPua7

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91d36114ef911347b46887b535e0c9db_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2028
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2028 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2092

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    ad9a78fef314b4e90f6e086e2af91d1a

    SHA1

    cf012cffb611df88b34f742e80e16f372b09f309

    SHA256

    ad626699e90f3a032369a60316f4d171e292febe4ae5557a792bbc509542323d

    SHA512

    7eeff52bbc6dbfad01d9667dc8c7f18f1bb673ca70854cdd711009fd591f5121eaea06ce6d9ffa71484fbcceb3d45d015d6423410df4f4cfbf7ba026d3f84919

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8145ba3d2eccca99e60bcea509874ac2

    SHA1

    5259fcacdb952ce16f73a1b7016c9ff7e7cf0219

    SHA256

    1de1b170e8c7fae855de2049933f5d53bbe957179bb758aa23ae3c3b585fbd2f

    SHA512

    ddff7509c92e9caa57b1020eb606f4ccbaee466200017fde2e47cde19d0d39f9514d334ad6042c5eab19959cf666421772908df5f4fe5f6ac54d30c0e4697de8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    177815db2820c78387292a2d848e2a8a

    SHA1

    3f1b25e859a600f2f8335c4ecfff6252324bcdb0

    SHA256

    6d90b8971f6e40fc249cf3b9ed0d1ab79590d9802c9eaa439bd1308e5b73f4f3

    SHA512

    8d4e495e46efc0f0a8da6acf95a9c619b866419bbeddd79ff680380e71c9241d111ac4e56dd28e4ee108abcbcf32a49bee08bab0a7bb3bf88d259e9fdaf2a5f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d52a7d305b5f6c6e56dbfd9a67c20ee7

    SHA1

    60d6da92a5c0d4a2240bb226321ce98ce63c67e2

    SHA256

    841a094edb12dea04e7b5c21e79fcd843d6b70f56c0dec7c1c2889ca692caa32

    SHA512

    4095fb8f66b9e8e7ea6b86f939e263861068fbfc62b905d776110c0dffb6f668994494a45dcb83d36b10438ff70a2e9639f5bf15f7eca311b4152363adf061b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    46baa04e97b70ed9c517ca00d18dc468

    SHA1

    830c7b631967481032bd01ae60475859c6d7c1d2

    SHA256

    b3ecef76b6b97ab77ad032e2054037e563d0b5d216eef7b3c85e1b6ae41c1770

    SHA512

    cf1b951a3a735d2200abb4cda9486abe60c7fa3c2558821bf5e50618be1d59ca8fb255d3f97ba915ea86c56ceb13d04a9b14261f84ce39a711026c48d9bfad32

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    803d5716d7ef35697bd60fe6f282ae7e

    SHA1

    69b812eb33c9301665bdb8e47bffcd9644ba16ca

    SHA256

    e368069ec3f34abba980ca45703d0284ba0efdace24b5adfa251109cb7271f00

    SHA512

    1b8ddefdacf183b46ec9a182191eeb008d82ac7249b17549d32e96db318bcf534b21db9a2898ced65f3912e9829f9fd25db3bc63031efcfaec02f1b0c82878a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5a0bfcf1c4b55dd7ab61dd814524b50d

    SHA1

    397bd6c0272aad98bdd57fd2603d16c99a62ac02

    SHA256

    6664b8b7078e40d0cde94bc41e750b39985cc2297b784960d6f5d51c5d3ba114

    SHA512

    92251b2e58b0b855cd98def28e4de662f6af4dba7d4d225696ca684fe7441f0d0c0a5cb50945a0a49c5862bed485afb11518197e06b5f58f01e0a76e91a877cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    87e92b5d60942ceb8258aaf7f9fb8f13

    SHA1

    9739e069f2024e136eaf1e34b878b0622ad7685c

    SHA256

    38b73bddef176e188ff6cc2385b85413343e67c7f90eda00ea3d9a611a7def00

    SHA512

    709a1b50c55eb60da91420db7a686d1da54e12c5f7ce252970db5b4f3d1fcaceb6fafe999864e8e772c2efc3476c517fc21df77efacd81b8779a238859c915ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a952f8f6b8c5ef5b542c3d04e24c3ab5

    SHA1

    8cfc7c416067469f53a9895bf9eae8c0638a4044

    SHA256

    05d10ff891a768a1340816c76b1bf2e4c1abb9bff57ebc36b25a12a1c0d25c5a

    SHA512

    65cf1839e528032b6272a42746e61a58f8d62b8adfb402fa1a2eb660eb3e3829b278363751ae2b30ec9698762ef4a54900d269110ba2449649db918794e9296b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a8d087b2d6dc3f930d35bba7c7fdb48d

    SHA1

    8646b54b320622f0145c8e9bc900decf031e93c3

    SHA256

    d5fccbc25119c72512e705fddcf85c0805ce960c96ac51a6b341e021ebbe780a

    SHA512

    1f32a8abbe2b3e22a4d39ee277731cb63363daeeea2e275d6b1c0e06fa9a68fd7b69bf766f0dcf5963859d29769e098f6be46989aa459a1907c0b22679236f63

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    385109f9e461ebc24e3c5b746b00a914

    SHA1

    02f5284ef473ca5c926e57d3b936d7047bae1d26

    SHA256

    9ad58f349ddd6380811583bae0d1bded570b7f4d20655b12ba7324d7e33ebbf1

    SHA512

    6e465d40d2d836255b7153a1dc97f533138e70a1ac6ed50310c1513f47db44ac9a880f8f5df17e45a5e9161f8e0e6d5e6aa89d5b0c24b62a4090297f313e976e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5553d522919efdede450395b490a407

    SHA1

    cfa65331323e244d5d847d3b8252d8931fdc7eaa

    SHA256

    8d51af99aac40d1d0edab9c3cb8328d76911d7938819879e02ee64bc1eeea9e9

    SHA512

    c89ee4d2936b1d553d3c75bf48d66628a701b16cedd234de799aef1f0a57849eaf05fe868ada98ad4f17336e0765a1ac8133e530b81a0adab961ce6ac0b80e6c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    8ed4781915d4396757f7e506fb145718

    SHA1

    fe16c2218e3aa176599339b70387129c64544aa9

    SHA256

    137c5ea73fd9532a54509b4bdc060623aba475e6909c653823a08ace6600735c

    SHA512

    09ec4abab4e86c5c3898cbfce7d26979533c8c28dec907e8b0d7bd5f33c15235f08b2a67d5a33000b9b72c30b8a2089990dc579162735b6b9d5184a69d0acac6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UEFR4HTX\news[1].htm

    Filesize

    7KB

    MD5

    efad160f7740473a7a6297466164409f

    SHA1

    e979843e468aee766580b4ecb511295674f20163

    SHA256

    2b71a7c41789a74fdf4d6caa51a92282050af814de8a4bf65083486b88fd3a52

    SHA512

    be3c52d687c06bf91817ed75e05861a211b170eec9183dc73095dcdd747c4e62c94248b3d637a184ef0ee15526e17040fc20fe13039b99838faf08439d859bd9

  • C:\Users\Admin\AppData\Local\Temp\TarD2F.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b