Analysis

  • max time kernel
    134s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:10

General

  • Target

    91e68f9c86bc508efc24c07f56273ce6_JaffaCakes118.html

  • Size

    213KB

  • MD5

    91e68f9c86bc508efc24c07f56273ce6

  • SHA1

    49fdca21cf5e02d21b484c0fdcbeaa54573a360a

  • SHA256

    787581e8eb94a3a49d9449dc10195e16b7f557391eca9fcf2afb62272129bd93

  • SHA512

    9d1f289511026b45bac2fff882fc62473aacc5b4d7eac0dea83ea945c0889055c92fecc880f18176b8e83b078f12056a612e0637f9db075946ff313fffeb58b8

  • SSDEEP

    3072:SX8dX2Dqi20yfkMY+BES09JXAnyrZalI+YQ:SXBu5sMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91e68f9c86bc508efc24c07f56273ce6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2312
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2312 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2544

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3f624f44fe11412966e2ca4ab7b4aef9

    SHA1

    e6a0ee7ebfca949a361e419e038c509bc9e38629

    SHA256

    bb1a9a6560654081a46ce5bd4cd08c4fa515b594115c63f541d6adb5859b9255

    SHA512

    3aa2ecb52bcf007320250b85976c2e58f941f8f29254f740d13aa56f98d394091539a76e7a965bc81dbb793d183c868c91ab7500aca59dae1e037e82f00199cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    174c9a3f65aa92395f0a5e3417326ad4

    SHA1

    99fe7c3e5ea90ac94757736b8adbce39df72c3e0

    SHA256

    d51d3dbe98acda00bc30cddd8fdad93ab4d96be4f5eb3bc0e8363f22a647438c

    SHA512

    6601f66185dc0120b0f66980e1cd00a704dded4480011f80df972570ba48bb0b9c4eaf1998791617e73f7454837a898591d2298c8a2dd7215ecc129637a72506

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1045e597a9086f6dd3625680dfaa7bcb

    SHA1

    8d00f1b8a00595ea63ed833ce1c3d6b0a1830db7

    SHA256

    10bbde7c490d79a7b2842dd9cf4738f30d6ac91744391fa1d37396e822749dd8

    SHA512

    95551ad0b6b1e445d3b464249fa8328278ec8906730e57e9aa69b75de20daac3ac44ec6a84e95d0dab4708cebdbf642ea9b2a58cc191e25ead212df5ede072b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b6a32a6f6f25172d3bf8d71f18dd11c8

    SHA1

    45ce21798912cfb9da38954b5ffab2144c83eb89

    SHA256

    19985425a0b03a57e6ad489823bbee7e742379be31b401b4f5b7820158d0ec10

    SHA512

    bdb74eb1ae9ac51ed1a22a74c4befc6a4cb50ab6a2c1eff76068c66d73f8658afd4041818bef79042078f41eee9bfb0ebf948489e9e7db85ee2e99cee571f3c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1de1702352939c01cf704c4f49f20455

    SHA1

    afe59a06d8939ac49dd57a9bf19978eb9d36dd76

    SHA256

    52580d291e79fa820b034a4883ad92491f0f29a61f5f5e3a7f3195ff2cfcf499

    SHA512

    1bafdfd350b6c33f5cad628f9b29dc46c1d7316006e2cc28b3687270b1f9fa63705a2a2e0c9bb699d4b78e27011889594fa3fc4ecd3bcd9fa1bfc5817dba0793

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7e59e95932d8fe89ffcfdcce889d3f41

    SHA1

    2f48836715f0a1baeea68636a8759268676747ef

    SHA256

    36cd38fc5445495ece64ff9a3f908331324b0d06739947420ed6198dc28819aa

    SHA512

    19cd760ee0dbfd316a06acfe343286fd81c669f48cf37bef96b4690fdd64bb0f5b734839c2082177c6dba6c6a7135030d6e982ba3a6304af8e83470aba232785

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e549df41cf4d0daf3d6662e97db227a6

    SHA1

    dcff2dd5e83c56339c3ddbc7e3bac45f12a0d394

    SHA256

    e434197bc2f326e2573078056fe67446bbf345a7580d8567823631c0f6f9126f

    SHA512

    ab044276b46f4c7e5c6d5ebeb1d41153720804833a275320bb23a94b87fe38c699f0b943859775953e1d16b7bd9162ddfd68c80e30766170442be452acdc8ad6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    95d8562ff8911d9841c238cfa6cb1e88

    SHA1

    8c719eaf531ce1ba3c163649b944870ecf4c2d4d

    SHA256

    9d8fa4017100f10f116b6115581cfcbb9539cc296c9937e75cacbd2ade47b1e8

    SHA512

    3eef991b3256f83209b4628a4bcd4f796aa59b19361db5385e73b8078980eb6e4794925f441090a1a07fda698cbb05b94851b4e2be1fd4245b9a21a023edd194

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d766a5bed79d58c7c1beb66ec8b792e

    SHA1

    42665c04e8250b65edfafd5fb442f465a866cfaa

    SHA256

    288dc569501730778ceb08f0dc867fa3e12a222f763a990ad85601c36a92e058

    SHA512

    753b6f4e3aafd30801d6253853d345b19a08b80df47d49c558a704e05ea7c9eaf777e38f5eabf8a37f76b21f397593100a3f9825679558f2e4961a0ae6b620d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    05aea34aa4153d0740e608dc6a87b1b5

    SHA1

    a8a9f6dcdadfe73caaee7fe0d017f5a160f3107b

    SHA256

    82b3409b2bf64199ec952571eb9bdc44070a713e2227d9f45da659093bd11e7f

    SHA512

    0062899ff52af14b9e05753250efd684ad042b687bc670efe5ab2e83430784326a98746e2a86e6b5a52d2fadfeae34ea39ba26567fc00b95cf8cfe7b7527f52f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d4b831861173548ba8979faba38ba1a5

    SHA1

    e266cdfe869734c6639d8b470e30b3cde4dfc2d9

    SHA256

    8d864033b14e42c64556be44bd3a6494db83c42106450efabd209815e2b99fa8

    SHA512

    dd3867a5317988f5766748f2d222be643293f4aed445e7f44f14802be11687cfcaa7766c82809577fe4e3444fbc517aa3e2b79e91cfcb2f1eba14bbfbd54999c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e112e50362d714549e00c6f96de98e0a

    SHA1

    9ead0d808bb5b99ed303eaa3d0e1e288a22c2b85

    SHA256

    c08c6146f947a8847eb1ae540c709a88296b1493d8bdba444c42b033dae18f8b

    SHA512

    a6dfcf5e729ff80c2b30e15479ec9e0bf2ea204b02b9aa3ace7ee80aa7157362eb2181f51a9d619b68c7a2b948a7c944e68c0d96cda20f99264c38dca4fe9018

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6108f8c15aa23fbbc90e167c7ed26a83

    SHA1

    4c911824f66f53ffc949300f2650cc25c629bcd4

    SHA256

    808a4ddd39bc457f514759b96168bccb1a52d7ccf3a5753771f1fef16fdd9af9

    SHA512

    b9a3fb5f9e7dedd7cc2c1f2308e7c632d91d28de7b6dfbbcd2d6cc725500d21d20848501b154edf5004824c940f19f1685eb98328e48987b1518961d40f39c2d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cf5e3ebfd2bc66f9c4bf50d3749be4b4

    SHA1

    7527e642615c56a66d8eea07aad332a863fa96cb

    SHA256

    037e9ec313befbf8aa1a5b6a30728bfd9a397d90d2902247423ca163801414e9

    SHA512

    f4338edab047d46f3dbcbbfb5610e947087dbb427393d6bee3496809c212aa15ab42c41cd534a504ca0b1454cbb8f2a67efb91c6f95006e6b7a93a2dda9ebed4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    40a83ee1a71b20592e7c960bd45fcfd4

    SHA1

    f58fed07c82b87ac61832e201439d27c030129a6

    SHA256

    46421936baf31002d3a1d51f7a352ed1878d99abb62ada1e64b49d321e0b63f8

    SHA512

    47d9f5ca66b21e2fcda691518dcaa300c47762cfa0128485188c64e7c35f37b82502a1fd7e94ec1af602628d0cbc1a416f2a1b3c2ad9d180e43d192d6849df33

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1eaf5a45c534a321558d5e3360e3deaa

    SHA1

    32caca7a0c3a174cc95b9e9054215ee8e68510b6

    SHA256

    1d8d85358cec5771a9d3f5f267b174ad8dcb42af486a769761a75c03ae8a5bee

    SHA512

    8d1d71c468ba15692bb7333590b0dd842027fdc57b21bd7c907648c045d5f82fe9db8ea019cb2802065e62809821070a941f6b24e9237a4eeed3176e52efa868

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6ab52c342948a9aefb307d85c8c2e766

    SHA1

    7851a82b240111d1ee2c50458f010b82eed745fa

    SHA256

    9fd9ab77b9a9ed10c69462da75f23e226c689353a92123feaf65988119d0dd92

    SHA512

    3e8373f3579fbc4f4339ccbba15d759936aff8866c152a0fbb28f7c9dbb479fbe74aaaa2ef413f8c6d4caa1ffe2d25dd6de99d17733105199f10703cf1ffd22a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5668cb8b7499597c650e8a2c6da62629

    SHA1

    825ed5694fee856d627411de87da6d9e8c3183f9

    SHA256

    5bd071c6ef7b5a796a36661250f14e1284668d8540985a723d8383e9f448aa93

    SHA512

    650677149666ba9512e0548578eccb58090090b81f45315a622d630c7c78cecce8fb3a5093ca2fdd3f715b1eb708d6470a05d7a7e212c1d9a99e75b866546a18

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5e31d3416541e322f125d071704225b6

    SHA1

    cd83df0cf9d606b9ead57cc2898f09ad48c261b1

    SHA256

    b6ab7d50064ae5ebf9c555b9ae439dc6834614c8a02e9b4262b182a01d7ea427

    SHA512

    a24e4f3c41d29c9835913a338f717b335af4a56611208713ff0b4f1c045e1d992eeaf19cdd84cce76aa95cb4da0c4787b3f650258719b75518273a1a6124299a

  • C:\Users\Admin\AppData\Local\Temp\Cab124B.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar132C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b