Analysis

  • max time kernel
    118s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:19

General

  • Target

    91ee10c75defeff2955f1b36ec41c0a9_JaffaCakes118.html

  • Size

    65KB

  • MD5

    91ee10c75defeff2955f1b36ec41c0a9

  • SHA1

    0e34323cf26b56d569c01aa471f40e94b4aea828

  • SHA256

    73e31011966fc0d58bc1f13420a149bc580ae23a8365847cbad753795c6649a4

  • SHA512

    4abfa8adaf324634e37f94159b4572657a982c6b29f17782f217891a933fb0277392fdc7b2d68906f84f7b75bdbe2e58211c266290aa4d68165417d7378045ff

  • SSDEEP

    768:JivCgcM0St8tN99OIsuj9OSVoTyOqhCZkoTnMdtbBnfBgN8/oycc8QFVG8sP/Ijh:JkF+5JSTIgec0tbrgaCcFNnzAC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91ee10c75defeff2955f1b36ec41c0a9_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2424
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2424 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3028

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    13ed5e0369cedc64c8437eb9a493a981

    SHA1

    880053c91809fef7b2a3d688143f554d5a05c0bd

    SHA256

    3560614f2f62c19498d2ad6c3b9fa8f232883167479de05e924a5a3ab19a8454

    SHA512

    18b3c940a3b722b58c476af4141ab987ed9f7557c1e52f3f20548b2c209abd67c943761d22e20ed59c36d69f8cd911285aff7efdf2d20f51c35cad62932aefa0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    961c63409dd9649dd7f2905db08c4b3e

    SHA1

    ec9433644acefa7910b28b05f31e5ea2074efca0

    SHA256

    7dc3b3f6c11d69d9b237a843c9adee4a3705939e92a618b40bc4cd7af76b7ff3

    SHA512

    01b8fc2b8920da74791628b75d61ebe03a526820d2a40cd769d6bf5140d96f4ed639b59499495afb70a1e1f73cffc5b776b217563f70043a68882608c2cf4047

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eb16073222c261b033ba8959fd484542

    SHA1

    532e0ea8c4cb3cb2c56a0a06b52a8a9cec181283

    SHA256

    5370b7758d77d1a236eaa23e249b9e0c9852b575a112b0b67a70fa83a795b7f4

    SHA512

    12ff566b2286eb3d2ce11a39025df62e52245a005b93112ec2844c8f615f1995b40a061ce20a929bf237f67e549bbb64c09b5d21306eb533865b20f747a1a759

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0b64875daa76b6472781041241070059

    SHA1

    99b1582e4fb24b9da64df2c30f9fcc5d46d50c71

    SHA256

    074bd5ff489a15c0ea21b2ff6f46d6677462f21f80d7d2187b1fb7bfb3f0b7e9

    SHA512

    dcdf4cf565db03d41c1602770663b1c5ed2ecd4ba7f5cf624842501506f51f87c287e8b465f36f713cf62cc14bff8e069de425684176ab87692a9c311fdd0ff6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a62cc81082e5c6d9757688ab491c9201

    SHA1

    c1ba03cd1f1032e8384b7f7c4b56a8afe2c2d322

    SHA256

    c391e59070cbebd45e717f2594f01913046052e040193d78f9b28198585a0028

    SHA512

    1d3a68b53c778d10518e6a8e49a5af0d69925832de3fca0b42eed9831e65426f99ac8f8d1d5c6f046e8dfe312400d0cd1b5e4a55e0dce03285110a54ce3aea61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c37f75a5f05f3499283e0b10ced7b69c

    SHA1

    8ef49a4bc2dc15ea5dafef6e8191eecc9a7ea392

    SHA256

    e079051f521a5ef61063a60a8b39d5d7db89b7ec1fc7096bfad48e3d48846b25

    SHA512

    79aba4ab14664f77f93501f96f0481284adab95da054eea62c9a30ecd07181dd33635324e4c5b1055fdd8dc6c22c1a6319fc0db4196425ec628f610499afcc87

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3fc279035db94ca61325749f5071e26e

    SHA1

    60af8d526772cf89ac56deaee68054add9c42e2e

    SHA256

    f3d15259226a919732f25bd5313405d50671640759b441287e72ab4e529e6091

    SHA512

    2782da432534986d9df3a58115202a228f8c96fc97969ae1a5d9d160deb7d793d0dd86be617cfaa3eb64042094673f10157032d41ab40d90149b77a5a87fadc3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    211f5383bda7c1867d184fc6ee84705b

    SHA1

    057010f86092a26e1ca38d20cfdaa12ac49e5d0c

    SHA256

    5c0f7dd883da847e65276c0e0551fe1362a3d9a292b80f8d4d02231ee56e8863

    SHA512

    34b71c41a9a8a4ec7de56777f58f821ba007a2677c0880125690fe8c87c0968576f567d8964ca57e753d12591a57c9995b529effae44837c814e9ed1fbe3689f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0c50cdb5a5996143fa5a47b26b8fb4cf

    SHA1

    fd6a959c93c9a923317624699cdac7f40160c9fc

    SHA256

    7221bcd41fc11de2a5d21cc0700f11aab75bac9b00f651eed872227790e397ad

    SHA512

    1033337374d06fda9a719e4dcd8fd3df0cc74775bf62d83d8ff15adaf90aed7b20724ba83b8217e5c0d425abff30bacf701904e458785879e8c686aaaba33fc8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e4ce3be6e51224856fc7a73291066143

    SHA1

    5682ab57ba5402969a30ed760e125863acb5227d

    SHA256

    2d4c1200dd9f3cb5abd7fd8083fc6b3c1f5055a4a1e2c24b5eafa615ccf5857a

    SHA512

    da05672ba73df2287d42efdadd1c852e33aa224aa993f80d068555ebcedae807cc1764dcb5dd0882b2234b45d64273021602914b5104402906d25bfce1252b6e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    92d21407821ae0edf005a87fbb81a95d

    SHA1

    01ac0283e64c1a3163657cd2ddd74bfe3c766cd5

    SHA256

    39c8b47a976e7a1d712e08a60f2ff317fefdd8fbb6fadb0d19698cf43c0ccd98

    SHA512

    5d16587f7fc11d86a2823aa3a76f87910ccadb214c4d04802c3275c07e3f0cae207db09dc0c3ad2f8dcf15930a83047f482d9f7ff91771c4ae1b919dead040a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ab4579614ae3b3bf98e68b82112783cc

    SHA1

    69bb75f128888d1aec1671eea200a4fcb4bcc926

    SHA256

    ffcd6782736d15fb4982c38299b33a8ec3119671bd05822ea3e834ea3d35c4da

    SHA512

    8d05f6752e5d8bcf747cdae8c9b415f87476a81e8a806d86473b1003723f69e0d5c8287ab05af4a8fddf8bca0ebc3b09b36f057f50f0347278027afabac43e95

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9f43324a9abbf3b66d6eb2891e17c320

    SHA1

    b709b358b363b4cc3e2e61b935d7f53caa09cf9d

    SHA256

    da1ec60fd8333ab43715661b8eaba980f9b9a27b7e66ea8697e3fa75964db6b9

    SHA512

    504f350eb07b157f677d1ade6d56a31eac434f106c9c090678d21f7226d063df38926e7e206d0c302293003e935ce0e1d889cbebdea1cc87f2587a3cce827977

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c81f036d5975b537477c3145fbfac635

    SHA1

    7f61ef34962ffddba898c7752540d2e5e214e522

    SHA256

    2200be498545d35f84f605c75ddf69ac3c4b5c55dac6ef9e4f8f3f8389f61a0e

    SHA512

    55ee929254e61fef469e48ed8b33181b02d9b26faaf113364af1b0f5d87993bedc39a187e0a68fff9e3a1bdf8b115cd260187e44f2d21e6cd7aecda8de5fba96

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    74df1b14345a6d71b92b1e5cf44865a1

    SHA1

    5772adb7c4caa8184f47b1c5b3422719726ee78e

    SHA256

    9117ad630bff2e635be536194eb19192cc2eb779d4f452e94b2c62b8dbcba4e1

    SHA512

    fe07823c2462a6c332d8d40914eaf59c093008cd58bc7b9488d3bf661267d69c035689e396717a1763d52bf22aba082d4c9104db439472c2b01ca65b54ebaff1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4b1f194a7cb6e4c2818efe5ad65480aa

    SHA1

    70c8f364d45f3db8d6a2053514d321094ac322ee

    SHA256

    471cc91efb2996726256a1c74253829097749037ebcf3cbaf0d0dbe9b1dfdd73

    SHA512

    125c5f8e89e9cff3788ee866f973e597c75ec2e6c0bb8cab19ae7770043d2747bd11abf6028bd54d76658520de8c94fa6103b68ea7c0cf2b499c9a4887503767

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a796cc12fdad6715b45a71eaa0055217

    SHA1

    c71a255ce0608f0869931032ef1a0130e94a885c

    SHA256

    70ab50e3995c2c5ba8aa9e1d6d7b04ace0cab9173ff4a80144dbd243cbc83cb8

    SHA512

    072c86c056e85150adb33008b7784862344c4a35e8ea8bb9687e2741849bb5370e610bebc55c6e840ced28d67c81f9ee8c2dbd42b5d88575cbb7e64ceae8c878

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    89680c09783f4c08c5d0c359bc5a587d

    SHA1

    2eb28d79503d81221e074c94f86077d9d58910bf

    SHA256

    19c307cd32d1bfc6f7134a4fd17315b8f11b29e96749746cfba35b95bfde8f66

    SHA512

    38535c59012e8d617d784f1afe742b9ae583452f6cc5cff7715ff72469f76f92c609f2c89870e9da9369bd23c8f74879017dda689fd6c62f4c7bc194fad5e211

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4784229a7fbd7b457ede075e91f07386

    SHA1

    c1ddf85e97bffba2ce127839692c3cdfcba76943

    SHA256

    925ca0a5cba4958f6156c5a0728f2466036a725df065fc9e6ed2af83a21d1bcd

    SHA512

    6b4fea9e31cedcf7396d98c54ddc3453deb21e8cb0ad41786f2aedb49d11f2a4c74a63fa1364c6fdd2e1bd12f0d89cd397fd1bd73f1097fd81163b49bd5b661f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1635a30928d99b57c38331d062fca3e3

    SHA1

    eea564ef3fcb27d5c7721d148de6b3b0e522b573

    SHA256

    8e6961e797989e0ad54edf96ceecf402b1010cf15ac1085b61ca8e3c6c736b8c

    SHA512

    738cd4c576c2006f3e5bd993ca11d4e619ed7f17caaf1cbf7c14639f68d11bbe3a492771f9c19df68f5aa44c1c9598a36580dffbc6529eb1cd18c43383d7a1e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2eaf8913213abf64f08f06dc4695b6b8

    SHA1

    d49400221ee44bb909db2e9871abb2c63894ab7f

    SHA256

    d54926bc5798e7b8faed08ac103918ca33543d4e5186e6aeedcf5a49fa49a9dd

    SHA512

    314d89e50a0e2f19d6247188554f3dd4bc06c47bde1348d866d24d888775a99df2ff5a11b7305f2a98dae979ab672dfc6e655631da7f2e4eb5a6bd953aa07a76

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9b61f5487a2f52f8bea5b1d2d22ebd94

    SHA1

    545eb901e6ea6047ba9377c25a1f60ec734c3460

    SHA256

    0c306d0dc8d10bd0c4ebb58cb95a59dbb7493b3e746a89de286fd509b1d38548

    SHA512

    ef9a2a5eafd9740cefda92d3a33bc2f0722cbf76756225e0337ba1d8566dd2ae0529da5be93a8aa1eca3ea4906dc89c36efb0095f5a055e6bac01c75c6c67dd4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    832e67ace7b3200b54ae2b9510970043

    SHA1

    daed42c6f6c0a58e1b062e49dce23ad7a2cd2b83

    SHA256

    af8d342467747487ee427bc7193268f5672fd6234edb330d3ec638d75928ebf0

    SHA512

    e1d7ad0e8bf87d4ca5f4348c6197efaae49bd4ff3e60d083db6983e4d8e2dd49b6ce7984512695eb24ef18a199945e99409f7b96d820585a01a93a4d2f4c1d9a

  • C:\Users\Admin\AppData\Local\Temp\Cab1E6A.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Cab1EFB.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1E6D.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

  • C:\Users\Admin\AppData\Local\Temp\Tar1F0F.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b