Analysis

  • max time kernel
    121s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:14

General

  • Target

    91e9cbf3f4aa5388daf9453ae454bcdf_JaffaCakes118.html

  • Size

    461KB

  • MD5

    91e9cbf3f4aa5388daf9453ae454bcdf

  • SHA1

    88ae505eb6b5a4f45ec42250e6c3f8b281b673ca

  • SHA256

    dffc552824ac428a5b86c7cbedf597ed7bcb564ca6dc46278ef34d49d9e678e4

  • SHA512

    ca0467b69e982971c4afd92a8c63f84c7b850d840b098e04f6c4069857b608a9d2072950ed4191c6686b5b37a0f5630232e5afa24d1150e10afe29ee4ee64629

  • SSDEEP

    6144:SosMYod+X3oI+Y4sMYod+X3oI+Y1sMYod+X3oI+YLsMYod+X3oI+YQ:r5d+X3k5d+X3z5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91e9cbf3f4aa5388daf9453ae454bcdf_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3000
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3000 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2744

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c4839db9c219d72f0bcefb0620e700a4

    SHA1

    72e6467281bfac6b7976c21c91b7139fd9ec9d1c

    SHA256

    845f08436631b5b23fdd004d9ab67ffe750355b9dd5eec158e800a9a92296ec0

    SHA512

    074f8c398cf07ef6a0df346dde42e00658c5e2a31abb94fbcd42e1a8c2483c9d5e06f834d67de5c82bcd68db88f20d5cb1bf5f84f5ab16a3cd7b0c5fa34bfd6f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8b345e3664baabec384ff2d6335137dc

    SHA1

    4cd76d3696ab144f724c0fbb04dff3f081323070

    SHA256

    cc3c37dce613ef985de857d1dabd3e4041a4edf10dd7782a6b1869a9912d8019

    SHA512

    2c1e120d6485a5838237af38433997871439439a36aa6c07ff578990be3ef04f1222aa1d1223ce1c0350df772e3f5b6d5fffa6f11feae20335f9257bd498e0d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    496a5807a6aeb2dff4ca117804aa43d4

    SHA1

    63c3f557bbdf210acf982fb31f6299fb9e2bb35f

    SHA256

    70d31fb17931ee11ac5689e2667b5f843fb509b817e091ad3eaf7f5636762d89

    SHA512

    e182c01936564ec459fbb8f5b3371cc298746b6051d45d485d128526894d16d0dbad66bcdb82ea4e651c95b204ffe0cc21919998673e6b0cc16184b3515697df

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fe81b770ca28dd9d7c5e59e5350959b4

    SHA1

    8f0eab2dc25dd2cf272f3d04cc13c203b9194ac0

    SHA256

    0b6372acb7efde5b885aee0a2279d628be33b380eec6a5ec0024322032335859

    SHA512

    7211e6f26441c220b6c0eeda6d960213659678c18a471578491ea14ec6530857cd2dfe808d51ab7eea6fbb9170caf2430496aaf9521380565f2bcecc1c4bcb70

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c89081cc4f8966fbfc4ca34e1079135f

    SHA1

    144c06a10717178cc1b680d4719d0fd549b23f4f

    SHA256

    33eb74fca41c7482f3757302f20094b8fad38a7b06484137714a88532358e1fd

    SHA512

    f17a4e5183501c75f959b9576c498921d89e05e285cf73bfc72daadfb27b2b870efca76ebbf509811df81aaf2b311f1041a09999140c1361e96e60e67b28d050

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    effaa0072b783eae610b0b8d36a7cd90

    SHA1

    5151a7e88a4e37bdf979b6e92d58ca1f2e4a72d3

    SHA256

    45cb2aae502cfa14418a9eb1dc196347ab28a985e03933351eb73344a8ddfe14

    SHA512

    94098e6fd396dc69a0d2137755f99e8a3fa4167060c7d70e6dc2b424da273d4e454b96362e06a78f1d2ae49366e7dceab609eed296c08e23c09b75e706dfc59d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4626c52913880e3c2cfc18f8541ba6e9

    SHA1

    f473c219ebb247c06568c19fd4adfaca713d5e10

    SHA256

    3331bb35d3067d65415b45ee3d01746f391d840a9376549667bac8d74f8a29e5

    SHA512

    dca7f9229a77cd344e2dc17a135fa3247b3f427c5b1be9f68732d7b59da839c984a6984e6ff33d986354d6d0eedbe5b0cb9fcfca85d7f73dcf8a84f08d04b9ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    269d2dde52384799f019ff5ff560a9e2

    SHA1

    f52360092c3faa28d762501bf0c355df5a772ba3

    SHA256

    5821b256e380be65326798d1450dd5ad145f11825d7379403d45969f38db9007

    SHA512

    345e8dbac02df4574bf6f061d6d3aa7052c244de7b86bfbe9cdaf77f05acb1317276302e8f6a5268fb16e11f7eb8d06debf7bad805ac52fe490bba9ac30b817f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2c0b153f92ab49733af24fdd78c9df19

    SHA1

    80341fe1fe6a06c2e105c23630e4969c19f01ed3

    SHA256

    f5b0098774645690a6bd1a30bdcae315608e41034d1e3b1e864b99a42949c997

    SHA512

    ee754e5b14c1b89d1cd8df216a9543c83255137401a74c5ee58e29e9d0fac91f1cc45aeb166442d413738401f0cefdd33b7a00f9031d60ce4f1d765d6365da19

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ea7e3ad774ec0df4b6e011246ee82850

    SHA1

    5ee6a7e1d973d57bafa5a9a1f12be5541eebd0ea

    SHA256

    fb99db96cbe0d3078113bdd18b26d63ac65ccdc426947dab4b3d6acbc86920cd

    SHA512

    0a11715f706dcccde887578314588a18f8297e9a5f08b7ec245475785839fd6a4ff05146a0594a5533757bf41229f87daecf679272aa4ddd28308d7e34403a52

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d7d0d1c790cb0539ace0b1dd607aeefe

    SHA1

    0ca84103c1ef26a8243245806437d3ff77e75577

    SHA256

    7bc64868af1721f76fe43474f1869665f29a9aa1b4e2d6a7a693e968bd28b2e9

    SHA512

    bb7b0ec00ecf4b75145e8e50620ad257faeb71cb1bb58174196cfbdf45ac3eade75ab87b7cda7ab013a53eb84739aca15f6cf5626406b9936105ccf427952be5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8e4ef26e1b5b4d9ea1bae939f69cfb55

    SHA1

    fd7c9a3a2c7f2ccbb5802e8a89c1f60a84d8e256

    SHA256

    8dc9d2bb7d9a3fe208d51684f720c48f9f2f334e9dded3747ece6ae6228f1233

    SHA512

    5d9ea3d6b7abe2c0e5bdd3a1069ef0c75c2f47c867e04d3907ca2883edf7a209ecabda48f6d2eefccefda7f050f9ae70f0f98d4bb7c954a93644e5e5d688b90b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    371d779de1e91c4c1b904cdebb363e7d

    SHA1

    f9a194a15e902adba4e9de95d37c15811e4bf78c

    SHA256

    458a41798ff687b93319abc029562ca6092497e07f1bdf09ac8aec7f4b9fa65e

    SHA512

    56d2a574b4693193165176a920311d7d0c6fea80ab2cfe68d11e0cea1897a2b2e82dd3c75437fa1e853609996032d429f2fab449d9b735eef3dfd7b1c0cd67c3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f01ded6d48b555f4fbbae0bde334ed33

    SHA1

    e181c763bd86f76c5f6163911f68faf06871aec9

    SHA256

    74a5c63a2f3cdc80389e750744051cd257038595d74cbe06782f571b494242d2

    SHA512

    8274245ff6bbdec1ee03d52ec5fe45b55e87cd35426e783af8397000c36c77c34e594c0376b6a3359c17146d48035095114154f90cf76195a50b101c9cfef721

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba08e882d867d45074f1da625f80cd98

    SHA1

    ab0fbba6640d94145673d5931ffa75c71291c387

    SHA256

    ec86281531ad20b9cc3d72930f251bb588f1099a0e8b24b9eb72796c1697923e

    SHA512

    1fb6b6c663b1cfbae4c344f7c2b802c1e93714798d1fad50eb64e65baeb5157edcc6e0ec6766db991328a70cd046b8eeebea3c36e3dfcca0e1c652b7e3fab20c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e1d99b5fa72bb7bfa5d6d2bfa803fcc

    SHA1

    9f3d481f604276f608b6e94e8575b7c6352af149

    SHA256

    10fda4e1ee36edc29ffb93a62ce7d98a7e2f4f77fd5b93b1d2757551155fca0b

    SHA512

    fa5e5af19fd19ed056fd26299c3839d41b8feee34c3034ce732f48e495223c01b15768c88552b0a96aa718d38e177ad9b83091e2053be2ab6deefaf7603f2892

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    20791e8a3b6afc8238fba8ca9ab050d8

    SHA1

    9ebfe6176749a2dafc498ad4bdec7615557854a3

    SHA256

    fdf7dc38e48f6c2d054ba760cf8ed5f0d686d1bd693965d82d6823c9682e8ff1

    SHA512

    53d75e8291aee2d05f74cae76245a42854a2eef22d9735fd35233b54a28e184987d0b49be45e9be21c2c831b9827612e1ce19baaf32dab91a90a88351bdfbbf3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ccca96a5260b328416dc5a5121129db

    SHA1

    c2bcac9d456892344071f2d7b003a2bc34bd1b12

    SHA256

    017178236d8406924cf376f79e209bbac609a7f71cb445a1574ce8f2b36e6b11

    SHA512

    3ccb443422fd50eeee880824fef067e4ce17314fc1641ca4b4f321ad375e43e09fd92546558111bbfbf72761a7a862ac75cbe96f70272fc9531cc41c14e9ce8f

  • C:\Users\Admin\AppData\Local\Temp\Cab407C.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar414E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b