Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:07

General

  • Target

    91e444d0d2d990089833c4cfbdc7d857_JaffaCakes118.html

  • Size

    46KB

  • MD5

    91e444d0d2d990089833c4cfbdc7d857

  • SHA1

    4dd279d48b2596ccb2bf7cdfc083e108dba9096d

  • SHA256

    97100c34662872e3847581c9ff01518f3f4eaf18a27d6b927c31bc9f17c5c043

  • SHA512

    671c432550bb8fe797c6ad2745244c55c9119a8879d847eb4db037faa231873567e9317fb1eb167bc6e422f678e69e7c341f6406ad681e33c52e68bb05e19a4c

  • SSDEEP

    768:NJS6S7B8ROZOrggBbvFICSCfC1C1C+C+CQCQC+C+CtCtCECECQCQCHoY3o+j1IpE:u62BkOZOrggBbvFIzCAA99xxllAAppxI

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91e444d0d2d990089833c4cfbdc7d857_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1224
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1224 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2916

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e028d64b02be61288b4cdd3ebd3e2022

    SHA1

    bf6b9f56ec48c3bf76c653fa767680037ca91a7e

    SHA256

    7522fe274af23b6c26cabced1119738901f2da93cf27e1ef1f4be07923db6c08

    SHA512

    45bcade6fc14bae927b2d635dd49eb7216b756f24e87c8af5aa0ddecd9d4dde107336d3a9edcdbdd72552cd2f04105d0e4fa5250142e5dea9298711a8653fc73

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a87832c5310de7c248aac5d22f87b589

    SHA1

    e31c4dbd8377961ca295f19d5bb71abf322178a0

    SHA256

    ffce7cb284366a5c51ac34b510c45a899555247053238215dbe4b185113d6316

    SHA512

    3fa845e56e60537532a47a799ee1deedcae5b922092407d7bccdde749b01ebfac6ce3fb797d83d28063b6de0ea0d8420454072c52a0c9562c7b1abb13df787ea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a19c44c662fc946c69554e1018200ece

    SHA1

    0bc61a4a79cff65b8f3c23b0cd277ec8fce0a787

    SHA256

    a4bc8b4e3bccc8cf6b9f66fa683746a2834c4143b9f48295e2b462c725b64c0b

    SHA512

    69e47ab70f1881df8bc7a1f7a0d6adc8bd95306ca24af20f02449e7415424a3080c8d6e35d0b6750d2625d75e9e9337d7ec42bd046e7a1f577a81931ec30561a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    55d555d1d1e95b00d80a6c0cf15bf916

    SHA1

    c897389ce14ad5aca6ef014b66b62b94f95b3684

    SHA256

    384b669c425da645c0c7421616d9dc00b8a33387671bbb43fc844d171e33c2a5

    SHA512

    c71f5ae9b9800ecc5b151b3c711aec5a3b3893f3821ba50692b18540b535361f14e88866fe38225cf32cf6ed673995e68aa7dddcf1ab0ab5d7cb1fd9e2b49409

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f92bb9f4be412a19682fadc79d678a76

    SHA1

    48e7764aa85ea4ffe353459d51ef503cd373209f

    SHA256

    10f783846fe6ac15bd74a2ca5d496bfc67acf671908441789a86e3f87cdc39ca

    SHA512

    38610d94f4782d2b8670661900a4fed30eb196ab3f3ff36278f7de3b297b07b3710b16ffb9dd253c8c8f90f296e09690b58fb5e62698ee39f7ec329f6370b77b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2988728f595180ef632a9cada7ee2a8c

    SHA1

    97ca3de03f4b2e272c15920ac28d20b2670dbfc0

    SHA256

    6dd2d266c75595c4bcd2a60ad8bcca89f4bc5acd1b342c507e59173ce5d4744d

    SHA512

    887d2e464517f1b6da62bdf35d5214a3eaef3a2255da20b74c30ae490fc7b8edcb17129c9b60e268efea0d5c172cf1e4d7b22827676bacb288cea4babfbd4c23

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    616ad1f2f9c04f958f27919317be76e9

    SHA1

    b74d0d78c58d88e3ee21d4fd80a1710834bf4525

    SHA256

    0ded6cbf2e8e21263f7ba979f6a6e69979680d66fbfa053a14a58cbbcca7b941

    SHA512

    9c48c039e08d6a6542ef47ef05b33ae76a8c2ee088b5be170edbbb66d2898d530a77af63a1c9f287668acbde50abc082f2dca024c0e6aeba8c98c3919aeca763

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f80bb6cc72d3e46c928adf49b1ba23e9

    SHA1

    85dccf1f774b54ed5a6539913da895682e4f0883

    SHA256

    041605538271bbdb16b92ae8a5aadd6ce922849a866966ea55ec86c305d83e45

    SHA512

    ca773606ad14fa957af209ad809218de3a7e8f0f78e438e35df8945583c01e114a86794462331c9e6e082d0b546fdc448f344be9a7a16d5e5b8431167efdbfb3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5153923a0652e885418578b0a8d43650

    SHA1

    a4425911f2f55fbed7e68e6c6f87ff4809cbac50

    SHA256

    9dd9c33b2d538224220feb40165da7bbcdaa6db21d4d275d0955318868c67ac8

    SHA512

    a2068335500878df3cf8ce7b3f133060038028daf3c1ea56a6d4d87e03ea0a2031942eac00021f29bc6e4b5d574d636ade65b732276e12634eb0510e1abbff84

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4c4def5eb0f5f4c9be2c8e1d02e38630

    SHA1

    14f8851de69040a7408e8d20d9f108b0d08782b7

    SHA256

    4b8893f84f6b10795b1467a30ce0e573637bacf60d6afb4d7562eaada73eff9a

    SHA512

    3d7a7a1fa5baec4d1b86c4d190ab014623d4424769045e56584a029eeac09286ddf8aab05eaea6d9e580727dc6bffdfcbca01c71565b4874b88a634320d8d870

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    787c09a5c5fbf45eb6b4a0661218030a

    SHA1

    33a4b771432d4719b82f065ca653678a8fb473be

    SHA256

    16487eea85b2b68a441ada2f602390ded8727b0cc430573a5bc21aa320e5bbba

    SHA512

    1394b361341cdd5ff63e35f4ed678d1e6a9474309d5c56dec9b03a7db9a31f2dd1076c72cafa6b848b6d75296efc80d59339b7efc048f4b551d235d6472ed7c6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    495d3ff6b5feec55dcc8f38370d2a46b

    SHA1

    2fc16954b0dfcfef7fd1a57e0c5d0550f161e4f8

    SHA256

    e1fa4dc95b20b978cf036f45f7a664f54c526aca91eb479720914b88b45c3d18

    SHA512

    71161bb9a102074702bda13146efca891e422e12e085f3091c9caaf105e74128b54bbeeaee3abda8d093cf18d2877a43f0120e0381ac4e100286b8204acac006

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d656b6e47f788e692870861d6b222cbe

    SHA1

    1e8839b236ce752487117f8ac8dbeb711ab25754

    SHA256

    a3826cb8c381706bffcb1e82fe432e1f7b127e6f7612e5152dcbf5a1837e5d9f

    SHA512

    18b1d852832a3f542c996a64fe7f4b178b98048eb59819677e92261166a89016909c08662cc1219e305c522b3760fc2d1dc81714434a3d6f7e8063825fe402b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    83f8df2b4205d51dda1acfc92ab17293

    SHA1

    792914020c84e37d710bae9637ab106094dff963

    SHA256

    43dabf1c51b9c2bc36bb3c6794c89b7f5deefcf91ede51a5576114ce9c29c784

    SHA512

    28948c925ca8b9cc587b948b872b60484bc3dfd4eb9e567dd747ea2fea123e8f47afc06cff12eff6cc9ccbc00dfb21cebd6b0d50d001f2bc3b6b2fe9bbb45cae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    49dcf02bec07f8da0e2c18c30764ca08

    SHA1

    87ef3a806fcfab48479fe077ef05b67d609cb461

    SHA256

    afcd791762e20d360de5569e0bd0cfdff4ffa83c64f112061759bec448bb397e

    SHA512

    1825e057e429c060e7247d892505128f8a1366f1bb7810aff27f946369a6cc1891fc79103be145e3dd320a9fd8cd786370825a9802dde78d24e246802760f84a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a5ccacc229a1dce7264300efb598a8cc

    SHA1

    9002dce49e68c1cf918df8904e845c856524583d

    SHA256

    66b58ee4f2110133bc557b9de9fed44bb59022746775145e9f0926ce8d306aa6

    SHA512

    f6abeb0187c04db97c272ecd3ac7600c4371fd0a182a4531a403425554825012670b0b0016a4591436d46d9ce709fb19d3c9dcec19ef51cda418bde93dce2904

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    47acfb598aedf342a5fefd327abded90

    SHA1

    34108a51149fae75625f445e3a7e63e357471efc

    SHA256

    9e5ac16fb3ead4b846915f19ba9764c53e29e524760c0939192d07d1388db140

    SHA512

    1de93f788a6012f5c226d2e03807557be47e84b02ecbd90641ffde3663f393749ed08ee6953dda0e6db99361c5c09f89fbfa5c134ae23cac12afeb6118bf1996

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c056a045420c27af77b61f01817351e1

    SHA1

    2be9d659404baee89acf9e287b2f85841ca00ec7

    SHA256

    821c6b016565d09b2d339434b63e7669826bd59631a43e477acb20dc2dbb74c1

    SHA512

    9ccbc0dd82375a8f839ca8d3313768d2d939667fb2956815a53ba12587a68f2aed4d2ee6768636cff4d3823d327da3595ae1d3c7940833d63af32ccbcf11d863

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    235d1b9ae86ba01fedce4520fe9772cd

    SHA1

    361416f7c2be4de44febb20f555d4d5333fc4a3a

    SHA256

    79c371cb49d733ff0fd154bdba50b4cd6d75f91d19ce6d0561403a72001f30bc

    SHA512

    5a904dddb33b9881a0aa31480784c7def9a43e56f0a4d3b0d4b85e6e564956f1bff6cae77ba7b922763c6d360716ba65b5a71c20ba8685fc738884f1cc636326

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a46df7307be6a74ccc05fa9ba71c9ed7

    SHA1

    d913a2853cf7a14bd7ef456382bb97c4991b633c

    SHA256

    9d7475b0c48c2ccb0b0f7b67abbd7c6208ceea9b3c30914dbde81c9ebf4036fa

    SHA512

    a81668c126eca9c34453ef9a8aae5d9ba7b2e1aedccd5ac7c6930149161ccf7eb7f516af586541903a49a87826b09768d6f8b724d5f1da13eb1f5a7e56831834

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9e2fe1842e412b29fbcf0690550ed47

    SHA1

    82fb096075a317c3be9d908c0a988469bf422f8f

    SHA256

    07f0852f0ccf4fe5254b5ed29b2cdddd8cb55e5ba97b06c59e00023a0e0f5990

    SHA512

    8fb9ded848ef7003477d95829082446cba335cd479c59dc64d6726c648d67aaf570a9874c49c9a91658a1eaebdd22f211796c2ffa687aa008c234430fa81152d

  • C:\Users\Admin\AppData\Local\Temp\Cab5E97.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar5F1B.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b