Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:21

General

  • Target

    91ef1952a24e344e1b5e79b62c494911_JaffaCakes118.html

  • Size

    461KB

  • MD5

    91ef1952a24e344e1b5e79b62c494911

  • SHA1

    43a89424e9a0e0faa52e73d671c38d6f3d290747

  • SHA256

    39e3e0843fdcea8411e315fd0b783ed52b320092b5cc8d5ad5051585d2c849ce

  • SHA512

    bc2274847f0ec595dfc2bc19d876d86856bd4aabcd1e4c8e71d2e4fe2ca8c23fe17390b307abd46f8a44fcca15cd3589efe5480c4d1920b9a5876c2645922f07

  • SSDEEP

    6144:SfsMYod+X3oI+YzsMYod+X3oI+YgsMYod+X3oI+YLsMYod+X3oI+YQ:w5d+X395d+X3A5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91ef1952a24e344e1b5e79b62c494911_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1976
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1976 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2344

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b95bc6c7ce9cc1246f59ec4bca6cc54

    SHA1

    3abca02dd70bc64e713ab4ce7916c2b1d73f3fee

    SHA256

    f0e3eac02ddfd44e7fd5acb972bf54e0c7d56c8711e1f2bb642eff5580293cff

    SHA512

    75cede179a8cd212c51d1bc2505e7eeb276791c93cdd7b58798ca3902348c4896b1dcc4e057538b23b3f48e27a3c2875d2c8c38cdd8029906dc579229c1338c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a5890dd7d1e806c0dce4e9b55e80177

    SHA1

    573b5dca921c3873d773619c7c032b7efeea07d3

    SHA256

    0443440886e5de4ee367572c1e406305ee99933f37d87321b0f614177d4dd8f3

    SHA512

    272540dd999c824daf3a5938982ec88feb07efce96ee54e476bc51e0f79f9c1781b3c0835b437674aaecd5195602e0a17170c267ce0fe358b440fe19c866083c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    069aaacc3362384f3d490238ba14114b

    SHA1

    101ad4f615e3e727cba861da811844060531a14a

    SHA256

    4689367ce015665cc2b805633c6e3d0487877e015c0de7f49ba5230ca98aff13

    SHA512

    09c06183740713180fa7923be26356f6aee23b74c44edb19299975c9de5b7039f2975826185d06a30b938b3dc6f0ff3cdab019853ffa8444276689d44f97ec72

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    47083e65bb49bfbe1f6144282eee8531

    SHA1

    3ac72252d140cfc580b1088c219095c0dd9e3233

    SHA256

    f1fba0d60f5cc3f08a43738eda1c9be35ec12d1041403ffddd643fd4374542e8

    SHA512

    305924ea741a3185242515ebc2b3e13270aaa7de09371560464f6848a39e92fdb04303dd06b20555b5a07019edf2ae380ffed95348ee3e0bd307816cc4ef1b8f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ef254c2cf50a56b25e3efa1041eba290

    SHA1

    da26cf0dc659649a5422180252ad57d0df3bb0c1

    SHA256

    8ebcd14c0cc4685a41b7a38c022eca0ca3105ab695628b605412d776532f8939

    SHA512

    e8732feccf244b378ea4b16c716a47575c02ac3384e228fd1a1b213056c2405ab3daf9ef3b71ce75f3659544ccf6382611ea807f60042faf01b1e96b5e1d2d6e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf9adc32955771f09574c70cfaee2095

    SHA1

    50888ec05d3c76e374369773582b5f1631fb1f67

    SHA256

    9728c6181e6c656e5e77ae3e85ccb1c0c03bcc926727647010c2df6ce3f95017

    SHA512

    f2b18bafd63b600b795d23b6b8f45f5c875e95f0619a9fe68974f069f045eb60b54f2b7c73da126ffac1c9f097ceb932bcd08263e192bda019172d3be0864170

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e826add13aaeae014a3f4d4295293a6f

    SHA1

    08e4798ef9118ae7aa86459e2d8b5b9686401d4b

    SHA256

    9a55abd172fb93c281de861317829ecdced63f4dcb6273abb6f8be053611580b

    SHA512

    64005749e252b505b492d19436b96aa4786df20b6a4aba479d6a65e5fe860a28b4cae3989391c35d24b41d6feafba55b52b1e71a88929f5bab023ec87b420807

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    95a05c7118365cca0a6bf8ddd959faf1

    SHA1

    1c4d82c7b8c46418fc7f4ce38fe66c50e6d30f7d

    SHA256

    0c345c9e79b05ceb2f7f09fb13e226afc93f36fe7534c19d792c107364269102

    SHA512

    933bbf4bcef7862b1a2621331dd14d9067dd49e60e10fc33e5e17571e9f00ca50916665f267e9658034bb004c8eebf64063eff3217e1812794ec6af12434a3ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    364537d419276c30882956f6c8ff89e1

    SHA1

    4cc78521dff5dc0604331b6b8dcd7e10ee8fe98f

    SHA256

    4257d2251854f410e968e45b2e13ea539759e5c1e236bef2e87af820847264ac

    SHA512

    65db8fbd5914475d68aeed6c13a72e3fb0db28c1f72c59105511facf1c3a1ec79e90a02561f9cf6dd02d2c63483a4b8bf8f0298f53d6586ca9dc53d3770c4d17

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cc8b131ac672931f6a0aa92dabd638c2

    SHA1

    3bc7b1d056f0f569e4d004bbb582150f7f8672e4

    SHA256

    f432f7b89acd92905a1b87421f54cd05481683941da269e5a1333eab782e8e91

    SHA512

    af31a414eea833f049df3eac1a8d851b007cc1e7b02dc5218f127926ecad1c2632237e992eb9455a9074f413a34cfcc3c7c2134114a454caaf5a1a80a9e4a9f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ea71e200b185c50d74b72fefe0984c73

    SHA1

    dc65f18eab8fa8d411779bfe4e8491c837bc769e

    SHA256

    84dfd7d1ebab68eb49d9edea9eec49ebb905b58db9784c82e86024d3f337344d

    SHA512

    4e6477c2063cc4f805781ff3a6bf6ed4497d404d98bd4620247c7f3724cc99c56192dcd7efe2b71077dd5dae2b35b2e4677ea8d0d12a6c6053a8c02d7c410d7d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    10e178b21aab2867d36d704ee9c51e4c

    SHA1

    70636f4e7c767ae9c1951bd77f0322948be04d8a

    SHA256

    07ad464f322478299870be34f4437221bbdb63541e929b4a808d104784f9ea37

    SHA512

    57ec3611102ded8226ffa6198f9d6efd42fdb1644f927fc30e6ef077c047ba858f26bd81d080d7940187940cf8a5b6990a1ed6a46527e5a654889c5cafd2e0fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4dc77761453eaffce1dc66af0ea3a019

    SHA1

    0f9f9f4cf68afb004af6474ea1736ee4f30aeeec

    SHA256

    d85164f44388718529146a3d80042ed6121b908dd9fc893492a90c27ee5672d2

    SHA512

    e621bffce49dddb47806694b5c33b808d22f022c70e401f925e4fa49dd89cd4d0a26535274b9783691ca2eb6c5e485be151b0a6557fdd5062be402032ee77ed9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    da0a21a98a7df23cc8eac10f8228ef2f

    SHA1

    4f0f87c14f0a91ec366c88a68503381446c46fee

    SHA256

    57afb91975dabf8588f31fab5aeb4acc137bca786b38e4787eedb051774b6194

    SHA512

    4cb2a8057738f7fae12ea5539aa8f443bd818ffa999543f2815bc914932078085393f2e303b71012f97aea0523971bd73be4384c1c190dba53f6124ce9b1f85d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ecbef0609589a48e58d701f4bb16acc5

    SHA1

    a8ba712c4d785445d734e86ac2bf1ffb4590d0ac

    SHA256

    9bb9685c9f201a330a8cbfcdcf31b7ebe5346c2bd3aa02b0467d7ed86131086b

    SHA512

    cbd923d419d33c548c413f35af6212aaafaf67e7147c93fc7ef62a968b9646b69eb1b5a3416bca27e515f4850922a30da5732cae176b1c52bb9bf0c9869bbd83

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4279060662caf8142fc1bd8e7f835ee8

    SHA1

    cd469b8a4c039d082122e1bc13a40204022dad1b

    SHA256

    49cca0038b77a7348c473a2b0221cd81f7ad665404921d2bf241efcd4dd65bd7

    SHA512

    7d9f4cd01cdf572ca4b8724a2b743745346663562e627afb738df4efc891c53d5ae50c02dc6e4caec0a302ea317c3ed6c58257a2f095379e03ce205b677a849a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ded99dd9b5170d102a761b5b1ca00bd8

    SHA1

    6b1b1f21898191a89d12abad9222af42936b5737

    SHA256

    300f21282fb53ba6afa9b66eb89ade7ab50728dd7f6b4c496e811ad222317fd8

    SHA512

    9e4d32bd4abc3b6971f2a42bdbcd4b455e0de6edd62ff6c13944fdadb696c9fcf5ff612ebe19acf11c64b6687aad3145d8c309698ae023aee9c05a2d9eeb8038

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    97388084e525f1c6cdb9cee7fa2c5076

    SHA1

    e9e9cd2863153033802466832a43540d3448553c

    SHA256

    ce40c41ec351d6a81c1a80ddf12d2b417d55d17336abc07fe7f21b7c6c7fedb9

    SHA512

    28254e896e157389c42ff8f93943a22171deedf2ed8e7d5cc73e8f395892955ccb4757fcc61594b06365455e269bdc6605da80c286672aae307732c6a60124a4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4903d9e374dc191df5f3b5daf153434f

    SHA1

    46751ec685f01fb93e0ae37d2dfcd7a0d4b5a598

    SHA256

    339c818f8229e424461fd58533804a44dc57a1e57d21cd5d41b19fd9fd0ee412

    SHA512

    8404eeab05d7ff5fc234e9d63fec5a2976f3c68706a382a96453cd0f3aaf4b0a3caeb83160cdf0bda5196eb4c19163ba9d766182abfe20a68e84c00c702c0086

  • C:\Users\Admin\AppData\Local\Temp\Cab4260.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar4332.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b