Analysis

  • max time kernel
    133s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:17

General

  • Target

    91ec409771871dcd8b495b026e0a7cc7_JaffaCakes118.html

  • Size

    5.4MB

  • MD5

    91ec409771871dcd8b495b026e0a7cc7

  • SHA1

    ca3595a8aedbe68bf8d32bd08a197cd46fec8e97

  • SHA256

    0f776249f8a020c12c8280caa98e40c8db76a5c948eca0d3f7327064586943f3

  • SHA512

    5cfe0535916b83549334bba2190b37fecec685433005d39fbf5cfa9d87a1c98bffac734a3bc0afacba7722b6995e54c64abf7eb856fd690acabc8a3196f913af

  • SSDEEP

    24576:p+Wt9BJ+Wt9B1+Wt9BL+Wt9BV+Wt9BA+Wt9B1+Wt9BJ+Wt9B7+Wt9BW+Wt9B5+W1:5

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91ec409771871dcd8b495b026e0a7cc7_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2192
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2192 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2732

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0cd1d7f3ae252892ef1607654f604a09

    SHA1

    0d14b25bc6c9b6413f8bc1738c5a111e5a9fade5

    SHA256

    5881e60fec1db6d5b350c372a2fe4a0c6d12eb379cb77063fb7cd6bb5f79ce90

    SHA512

    9a50a4976f6b59ffed5e0b97105b3b64ccea89b461a19aa41863330d15cf957bd352e9ad5f70e6b66821f874f97eda6f40ea02070903cdc18322e9330f14cf80

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d3b6c08bde2d8bba7c05b8b380cd8902

    SHA1

    1df0ff5aa30f7c5e99b47710d59720535d4669dc

    SHA256

    c1fa847ae1bd5d5ae8ffb93264365148a74001277221feb91debe720710a4549

    SHA512

    352aac468a577a7010070b12142ff4a0621ef95fb6d6b0be0226c02317d7094d4ba59e9a4af3a8c30b3ec3fd995d4ea9cfd1a15727bdb30e1f9a0de10b39ff54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8c07618ce36dc40a327501d84236978e

    SHA1

    f64665d070b022815fe97e1e8a46e426f2aa0f49

    SHA256

    283449cc32e76aa886fb96d88aa76cfe7db094c198d85108177174d4045f71bf

    SHA512

    744428cf0e0f8ff1ac6c8588fe12bfdeed1714b98c6a4724e81a0e2634e7ed0fdcee9e2862f9e11dc1c68b710efd1ad739dc2dc41ed467baf2b382e265e37145

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ac25a432adb38fcf2a70383b3ff8970

    SHA1

    fabf7411d6eae286d4cd53270ba1b570deef20c3

    SHA256

    22ea4f5fb0e724d7604d934d93424212771dbd2887636ea6711131a4f66190a4

    SHA512

    391d049bcd880fa8b3270873897efe910057b3752d0b779bdacf7d4da3440b087b7d7e5645b38d13f50c07eff051623f12aa645bf86ba3f878e34b3afc566567

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ea78020bf07d5610ca32d91488ed32c6

    SHA1

    f2a885d310408eb3b388e264035c48da9794d126

    SHA256

    57575515cec1f866178ce664fd276167181dd75987537ea7e4c2303777ea7eb7

    SHA512

    5e8d5960c0e201434fd10deaa2368aa76b32f55b8c685f4c2ebab5f65b6478295d743637cc741d5e52fc644bf232e00973a1e19dc0efe37231186ea66104b323

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    72e12613dc34085e85821d5bf936f893

    SHA1

    5915d5a782072c15d88a66b4f6203f0e82b6bc51

    SHA256

    eb235cec3ddcb6780ec76c1d2b9934d5c714727aefba7a28387d9852dfba1d54

    SHA512

    57520e4772f47075f4e568897cb4bf17187461c913b8bc5bba2049b837e379b34b8fb26f655067570b8219cea5438575001bcf934dd8a35a15aaaaa4464f1e17

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d3f0fe0d6cd8f59b956819256afdc263

    SHA1

    a8e165fe55a2d3b14c825a7171b826c1cc422f87

    SHA256

    4cf36d5b8b1e935aabd650bdf40dbe0503af89fa63329317cc54733a4cdbb6d9

    SHA512

    44dcaeabf4530deef0038bde5c60ec5f109de67c4498e16577a207596a6c9514a19bbd59c748c3373800a3462a452627925e658e93c44ba0b92b07fb335eb512

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    91e4fa56ae5edb5a847ddcc4e6760802

    SHA1

    bc3dabbbf40a09eb82a645885f5bd8be681a27c2

    SHA256

    cc27deadb42406524de2c298868e641f5b0e1c4a49bb3ae8cd9d580f6c40c8cf

    SHA512

    87bebe5f321a6ca02cbf2eaedcd2d2a5283b51251af0a1b17fd7518b0fbdec528b92f49a7aa315b3f16cc59c325ca434e0fa1012a44fe4132b4c2e0defa958c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    01dd9061ee1a23fb5491d30d68db621d

    SHA1

    22ede08722aa2ee3d38b6f7da44383a122a061b2

    SHA256

    53f054db1c367face17cbc1eeecc59e59c8967fd99c6918cc69f76fc23c5f880

    SHA512

    9b007744305d1d6a879ba6746b6868e2289f7e3f2287b94e2a71480dd056f0d2574ec1dfd9d59247146d54e47f954b6104944d1d7bcf01e3adde85c56e7b0418

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cbe7990aedd01fac502cc67cef23cc86

    SHA1

    b7c493257c2146ad80971ab10c0a97088960d71f

    SHA256

    8a30448184fba8bf8d155669bde5ddd437db4ede7a8a40b78257ae46b280ea70

    SHA512

    1be3985abf5df20ad23d3b1f5360c0450b6e98b47469dbf4529bf40e97d20b5afe12a9df877a07f0451bd4210441087880b86e6b0f4ce031bef2857e9ad95293

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    09b537f2d4540cf8efb8fb62ea120ae8

    SHA1

    5f8eba6df2d28b5a5065891d33d2cf82b23370ef

    SHA256

    5c3aea0ed94d9313e3d0e331466bb1a5d983a016d6ac83f384bc9091232d8b9a

    SHA512

    bb0813bc8bb3eb6895a3c8952d68deb4b503ae8c9395a0195123f93071c514e43eae8d8d6c9dcf15fb4017e2bf5920d7a969e049b63da0e648908a942d9c30e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    38e07e1ef7fa64f2ea219a572ec940ea

    SHA1

    d8c9430c0a98ef46c9f8a38fdba4ffd6e02b0fb4

    SHA256

    b6df2d74bb5bf0bd3a6d0db4aeedd178721003460cf369097a3dc9ad0bc34856

    SHA512

    de5de9a691070cb2f6f4936cb96e7c4fab8a77ab66c79099f6fed2f5f75e8ecd5a1030b3175e780887629922bd3741ebcd2fac8723f36eb401020b1e5c0166fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a91eb5357e497defce98844bd6769ff9

    SHA1

    34f0ed7474721468abd29d8acc4d0414dd8a0a11

    SHA256

    5ce166e0bb7d964ea5fca69acd8562f7cf0ee28e045d9847e3ae7826da9bb707

    SHA512

    d634f66a4b4c22c72dfbe647baa9d7de5b15e7ab71e92d011c14b6ed87bba9edc61a8aa358e5fa921208401968bdc2ad196e8384dd1ca61c1b71ecad82cd2f8b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8a07f6fb87680036af9aa87aceddc6a3

    SHA1

    11240accf66eaa944fece591bfc7052fe8f400f8

    SHA256

    ac5199b9e010939ba07da00aab1e383eceedbe9d7f756a622394c3531b080bfa

    SHA512

    6c3f8ddcb02ba9062de49b3b9ebf035b77a6534fbc1d19ae75d1a5294cdef50b8e7d2780d94be911d12fa1e8c8b5491990ef70b188220b98cb7d0e5d461558bf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    060d3dbba50ea96a3f64424f684b9a2e

    SHA1

    983d7f32746a6add3fca204c611692b3e32ebb97

    SHA256

    122f83872773537cbe67bd848ad54e167b2a4a5ab6b9b7eca7b5f20a14232b91

    SHA512

    42cffba75270aef20973ac38c9410765eef79d07c79bb4cec2b48ed840a23874d63af0087514c0817ce0f53462d0ce894ca9ec1d0cdd2c1f70adf41d315cae4b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d67804fe9f6a7ffe22f34f5b4ff097b

    SHA1

    a856c4786a3b954749c06ae4f83e959cd92724d7

    SHA256

    5f682ec5ed58bab51eaa3128aa76aba4163038f86e3ba2aacdb07275d06de3a3

    SHA512

    86e91ae7714fe272dea99bd208ba03c627395f9fa1daf415ba7c9dfd15904415feda8facab3e9f6ddfd2b072efbf49035ff5b6390c6ea190f5a06565bb16b5c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b50f0a8abcf6e4c5bec4d1033a266044

    SHA1

    edf605d2e62903076baf1ea60cbdd64e520b81ec

    SHA256

    21c1d208e30651fcbe1a0a684d9a3be03381b104f3190dbb07e9f7d6ea8e7e43

    SHA512

    badf5f7582d94b15a8d5c4cbb7e992b2903a15338c46d6604a237ce0c285f827a4c382c8e46f895a3690fb5438ba00b2eca120d2cba288cb85afca776fdf709b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    749d56f816e96d6a4150fc750a567f4e

    SHA1

    937b6b8838f5b84b7b521c4b3bf27c32e0d4ab26

    SHA256

    ac19cfcdc41c91e98638b0e057bbce796a9c23483815767154566c664b1efde7

    SHA512

    ca998b1ca21393d2195f2be91bf223b12ba9e60cdfeabed0417ed71fb4aa3cfe7cc7a4e82c9e96e5cbb2fd91cb3b7a2b184863ef28f037149b3440dbe4c4006c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e0a6968285fec1e26ad28538a4c65a45

    SHA1

    1b0c506c263508f11e5bb7b4c8cb750b6e89eccd

    SHA256

    b9601d424cf0fc9e9b7422e22deb9b9befac6fd0cd60453de009438623c25531

    SHA512

    f9e300c229e31faab1b1e514e2432c00130a79794829009a89ce15e8cd40685771c7a55ffddde24519c83a89a9626f6db3b8002cc1cf119978ff19a7d3153851

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e5f2d8d2f580a4569e9f4420fbf79ff8

    SHA1

    ede48c6bae20385b2c20486df9c87f4317da6d4b

    SHA256

    d54b8f546e2fe21f0a41194c3b371af9f000713165e6cc4caa5d55bd426b1ca7

    SHA512

    6e094f7152b7bb847d25fa550c1a5c647e8374148c6b0d43250216bc0e21e5bb64acb5482a7adecb9f6264892d8ed7bc54c1dd70c9ffd60c0df68b03e5f64685

  • C:\Users\Admin\AppData\Local\Temp\CabE9B6.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarEAB7.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b