Analysis

  • max time kernel
    135s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:06

General

  • Target

    91e3fefdc09dc02943d75e551f6967d8_JaffaCakes118.html

  • Size

    19KB

  • MD5

    91e3fefdc09dc02943d75e551f6967d8

  • SHA1

    96867da5775ab43c0c2b036fe847e4123ce53d46

  • SHA256

    321572ad0ddfc38e7278acba7555a1012daf79fcdb7b318611d58f6d2e2e638b

  • SHA512

    ddb2bd19d071db8269c87444c7e52b4f4190b58891e3c0008fc77738a563f7ce8307cf9b26fa1b04fcb884954e92bfaa1c844ee9f5cd03b62f66b02778566fc6

  • SSDEEP

    192:0dCHhx17FHlrlUHdWqPlBYAn7Kc+B4XqI7LEOXB6pe7I+96cFYiu0G8fO8sPUpwr:7pUXHY8+BLWYkI+y5f8sMpKLX

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91e3fefdc09dc02943d75e551f6967d8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1592
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1592 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2116

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    60f20cd2e582de77b2c67fff260578a6

    SHA1

    f42a64ad995dcfcb4a26154852ccdcdedb811c0f

    SHA256

    d9063d2ab2e95272aa609cd6617f9c1252001a7c5e40a9603ea2109b3cf965c0

    SHA512

    14ba92b93f0cc4bc59f3ed20f0fe44c50f092eb000b774b70527b2dd8edc648bfb99bada384345c75ea4331f5dc6635d83478c613e6f992a4132e94296e7aa73

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b47ff11c53d1d0ce6b4ddf1da8abb394

    SHA1

    cb31eb90e6a4800f4898a270fe523801a89c39b0

    SHA256

    4052f5063d704ede9dc3f2471ccfa839567470781a1423d65456821156014945

    SHA512

    fff467af69836efd27fcc151495f4802607cc558888f85a8cbe8a1cb7ef5d25412322877ed9ac810badb81a42df7ce17c9d7bb4a602d9fb152609005af0049ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6faa2ac0eb9bec466869260896959562

    SHA1

    0f6db42d3ac120ad3d387206b06f59b4f500605b

    SHA256

    34a58e1a525d2722d5b5e9a00a16326d4fb654f59c073731bb9aa58305ad4ce2

    SHA512

    981a1693825f546d649a69cf6ce9153b9c75b07b5ce16e8144709749722af46f5cb1abbbbb7bb0afca84b653fbe57b2c1688c35b26c3c1e4d9f44ee4be88b772

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3e64466fd2ce825bd49541fa2337297e

    SHA1

    ef83b6bf2c1ce61de3d079735cac639da5b4c5e7

    SHA256

    0b0b3586bdc3c56201594c46cd2b803938a7cc404d28a1ab3debf6b017bbaa9d

    SHA512

    ec690f2340e34740dbd35975562690d020c4d827e34fb81471075123efda1e84799034452fce5ea93b9086ef346490a1e0cc90a3dbeacd7c386e8c3134b53d7a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f2e3402f0c7249aff74ab0f4d7266e6b

    SHA1

    04c8391030441b26df78997983295a02c638bc3a

    SHA256

    8ae2d6277760320cd162aac3fbe49b649f9bef278b14cbdb27648d17238806ee

    SHA512

    507f9bfa6c56b0b91922a441e5c4dc818df02acf715ff97987d69d1f236d87d3f3ceb160ac02811a892ecf3b5da5f7fa9abf876c40230a8d1c34703b4bc28f0c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3cb4e22d87603f9af876d3c062cda3a2

    SHA1

    ff9bccb8a912fb5b1dbc345d216030cb1ec7cd18

    SHA256

    65efebc16acea1ffe0dca388b4497b4ba0c117df970dafbdf48ab42a797e169d

    SHA512

    ca765d1749c8c9df2fa0270474e77f2ed10c42ba1ecb95fd0f8a43f17507d59b0d9b34da1dafc4799cf715e5a4d464b46bbf13d110f7bf5ca8f6bfa5b8244f5f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67a76a06df3ae2e94ffe6c48ea388ad9

    SHA1

    9eb05185abb35321b3413b34995d962bf6817055

    SHA256

    9b35271e359ab4a215173d03ce1ecffe5eb7e51cd38d62cb91382352aac12c49

    SHA512

    179e25ca68bf8ab16ee5861840c9b5a87ddb10a20ea84236ef92781bdc194ac557e983e0839335db417eaeba505c83853ffee0a210e00f23d691f93b440b265f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    78dbc23289579a94edd6d969d75a4857

    SHA1

    9aa7f7e070003e46eedd69f11a82f25b4c620810

    SHA256

    286c314baac85da308c94660cb3090a57b86975849bc9e6fabdd30c3bce9a2b8

    SHA512

    defc2bc73dabed04f7989d178cbca09e42bff03e24732e8c076408ccac08c3731ede07e8d99c906eeefc4015fabcd01ee4c791644a4bda48d8585714dd82c788

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba6087fcf118190cbac6bfae1dc648d1

    SHA1

    ba7e0e8aee0a7607458bc3ddee432db002740400

    SHA256

    9fd3fe5d669bc9b2c131407acc9e7176eb33ae07cfdd2fe98f5e76de3aeebe83

    SHA512

    4f6ce91241594790923559fd5d214f78a7c2afb7d273141cfdfe471d605abd6950b12070f6a5a637c78f4a199c3542ade85accd3f1e3cbb109f72ae5adab00b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    58123e665bd9b04218267395ff968279

    SHA1

    b5535173dda43fc9db127df5bcbb5edf6f1461c8

    SHA256

    9de9b0459cda120bf59e78d54f6b91e49fb51f981208afb094d83616920dd012

    SHA512

    7b2c2cc5031d16e99e763ed8faa585375ca91e7d82495608a35d7a9393100aed911640b4b83128e79fd11cf8c3962f2c92bd9f2790be148c0a808410d014904a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3a048bbe622b2058ca6a9ee679164c08

    SHA1

    b2c71f731b814c5c19f4c2c971449e5a55188a37

    SHA256

    c02e97488c52915489d8e80542cc5fb7581fd6bf38ec79cb11964c7f1e69fb59

    SHA512

    a639f684b6f5af04e7c053049f9ee4a5d65a64c6944a470b41e84c1e17155a43dc21e23bd5945704267f8f050f07245010bce9a499d7695a37fcc2360ca2fcac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    efaf1ebf4f79cbb3431c67fa593ac114

    SHA1

    f622f94b01b8db0edd8d28f885f29881b9b8fd20

    SHA256

    c8b9339e988ef084391e6c7fd5f4ea12fe0f5d6e1f8b4b1faa335cbf975096a5

    SHA512

    e4d82be380ebb2e176537b66a638c5361ff0313a6454d4e3bd059213f184a2e0251f67441634af99ef5a00c44418d453823223b88e56faedc40aa82579cdab64

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    07595b1c56ab55e5b741b46afc2d2586

    SHA1

    d2cfdc3b61846dcba3ec053426fbc9f907dc7bff

    SHA256

    3b7fe65be427e1d64fe66a238148598fc4911f0fcf1d8c6e908ea946844dc6a6

    SHA512

    f024c3ee4dfd15c11f0dbb1893a300f1dfd1abeba625c29429a88256a05ab9f77f6e164c4d3582bfa167ed5b8bd698c5659fc7cf948a0dacea6a09b86531d2f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3fdf98f5b3cbf99db64d7e78165112d8

    SHA1

    d9c805efe545b22848123c46effd8e05763ec4d8

    SHA256

    3155dc9d70820e1d79474958fb7ee14cff04b40cfe84d4bc61a89e6488b3b5e4

    SHA512

    718cb0066f74f4a492aec1162b5eee9263b812a98a22e2041f1c28d2a3a4974f53167f2888631c24015f3f9018e4f2057198be10a717e9d06b84b0d91b9ec1f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    20cd513da124875b5bbcaaa3b5a49bb6

    SHA1

    98802b3129704768263fde683d523ef4fe4453d6

    SHA256

    405a7b9084573530ba8cd2a832353fbe2d1ef071c6e0fca399b5c7cd471a1932

    SHA512

    ff20660897d4afc8d236bfe0aa17d6a845064e89dd7d714b78181345c633b600e1d96de8dc53e285889d40f4743a948c8bd28e4dd2424a8fdd8a69e82cb470d0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e9c02c43cdcb87fe36879a26df3a325

    SHA1

    8d4ce9c5623878856360377386b007dc3078b687

    SHA256

    f767c5d5671d146f337a9eb78de73b9b91c8dac90532de4f642cb603f927a810

    SHA512

    3f5a5e7722b5e63257c2667d720dc42d22cc24063bad040e2092ebacf4cac09d14a2603998c27039c37950276ccd7122f9d4f938c78184ccd000308d0f6a8513

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ade86719332fe909249c148a7993f903

    SHA1

    dc15f5057b768e9f0272d9d474e27d73b3eef40e

    SHA256

    3a704e0365c0fe558023bad71f8f29c0d6b1a1605c482414e2d59d233f587593

    SHA512

    3d62040b5fd611346a7279966bbafc8cb2cbb52aa7f993b1b89dcbc0c6e4079eabacfd1d7573ebb671bfeddb7a36cea30ee2a69bab800d0dc5eaca2f3b3393d1

  • C:\Users\Admin\AppData\Local\Temp\CabA334.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\CabA440.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarA4B2.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b