Analysis

  • max time kernel
    138s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:25

General

  • Target

    91f1907110678d70aeb03d53e54989f6_JaffaCakes118.html

  • Size

    75KB

  • MD5

    91f1907110678d70aeb03d53e54989f6

  • SHA1

    475824352a30edcde444513f01bdd128d95af74f

  • SHA256

    3afdef34a130f995e641d4eb9866841b5c4fe3c8f3e3c4c6e18b228ae29e025f

  • SHA512

    e6e84fd7a3e99450ea33088ed3356bae59be501e366c061ca52bf2bfda1fc53adb6b6f8c0f4c87562e5b993711dd1a12af7a88a002fe36f72cd9785c5c8b5a22

  • SSDEEP

    768:GlkSgOriWNQuavoBgGUyNtJ1vnvbONIwaVyVDYUf6IEiQirmWXfG82cNwy5t29CJ:FaayNtJ9ONIgWia82owy5Z

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91f1907110678d70aeb03d53e54989f6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2872
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2872 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2080

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    1b5643195e4b8a054ed3ab6411949f44

    SHA1

    9fe87ebcc14041b69eaac83801959862ac91ee88

    SHA256

    dbc797997ee7645b2c427e978506b0f259c6bfedd186b29b3db66277af129c32

    SHA512

    bfaee5cc971ab42eac9277d88fe78965af63d314bcdae856f516873bf3c2789b085f5a1f1363d86acee06f55170baab3e8d09ae01793481c79f2a4d5fd04e465

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b656ebf079aa4d5b6581b64540d0172b

    SHA1

    f1694bfc42950bdb6d9ed23fb0d5247c28e17baf

    SHA256

    c9643e6a2e25b373e1a8b201029f8b0b80fb991857aa48f05742f6c2da792335

    SHA512

    5871b9c7c73aa48a72d42effb9871ddfbcd1454f22e7e6e80b5cf2d8e79388716e7c622e778feeb0bf51ba62b83bcac1f1c89db1bb125bd372b857139740c982

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ffe162cb6c6300e856ba804b480179d1

    SHA1

    3239b40c8909e763f5f356ceefbd5df8a1d103ad

    SHA256

    bfad9914bd989c5f09c106d68f113b75eef3e721ed9425725504447b3bdab07e

    SHA512

    fd8beecd1235b443399033c5f1bc9a11d2c902622dd9fca369b356b026fa021dd6839cf433268a72859f3e4283ad6a322fdae62fb5b2fa2152c6efe745e300c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6be8938fe2a63ea7a3b08d318f8a343f

    SHA1

    2c29884c830125de387c21cb6a698feded86db01

    SHA256

    11e935b4f4a353808d3a43518264f3d2c155c72fa4e25de63042fedb46e929e3

    SHA512

    1add3584c606dbfbd135cb5493746abe2fa9d0aac0e09569e559df00060d0d23fd3cd5c9c10eaee553178e644271c5276ef75ef94e87e6e9f346861a9ee166a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    815c9960c391327f09d6f3645289c7f2

    SHA1

    9421eafdda776c07f7de52221bfab3399c3fe9a0

    SHA256

    88bad3ef0272d5d6aab4ef8d22ed5b5743631851decf5fd70c2fc64e9df2210f

    SHA512

    2e42e1d51668dbe1d8ce16c2460fc17057f134193a3de75f51b19e7c80e8264cdbdecbde7d45ec29e64c148e087c2613bf0e2ff172fe06d4f74d7f26621418e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1771a099337d003b75e6a91e253ebf69

    SHA1

    21f280e9c3085e5e242094a4524e30d3a56831dc

    SHA256

    26f90ce44a89c8b74a7574138c40a67cd643c29377fae02477e20662569aec20

    SHA512

    40c68c02ee40b3efbb03a89f19bf6b310300dc08211b14650c233d598f93aa97c15fd05ae3a2e67f4b728d31796975464610347fe38aa2a64ed0ecd34add21e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    399310006ff23ee3bd3e15d6ea0d38aa

    SHA1

    624ffd24167f1349b0728ad10125f2d18475ec9e

    SHA256

    ead8f9f18ae4427a98f438d85553d5e1b3cba165164f2c21b57e9e9678d4a595

    SHA512

    ee5e42fd2bcdee63629b25cb00fb9cde9fa13151957e18d54f99fb48015f9f9668cab5aff51b95b136d2bce6e9bd67f66cde73824c5b17e1f2df0f7e915a5c5a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd48514f71ee2936b2665972b0697eeb

    SHA1

    dcfde1633e576038315e159d4468b2399769c0dc

    SHA256

    0d2d8b50a763edd151665904a1dad43202fc7525325d9d36a30f0f591a623564

    SHA512

    91e6c2eaa5ea864e09f766f8fb94e8b28c61a02afa8b70fbe81b9733c78fb8c2f4508c13eb94060d3a8aeadf21cae7dfe2bcf816a6659dce76e875efb3e79a7d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    896d4ae55316421dbe4d53148eca90be

    SHA1

    6e44b2fdc0c22cda5cfa4fe0f6b7f62760c2c1bd

    SHA256

    aa919e48ee1aac82b5ae4ad0d51e62f9c7942877c34c61297d6fa49d19311b02

    SHA512

    bfa51c1123c9bd8999763a9e10d19c3e1f1ef6c48ef0d99450828acfe320d1531773e7192b55cb3c5650c29b002dc0f51039d1875a071cf09d59e4f453a7d25d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    41de7ccd48ce289e4d2023887219734d

    SHA1

    49e013c1208c215bdec5177b381f7ba38fcfab71

    SHA256

    d7d52cdb91a396baa02b56e898a6b26182cdb63c3ad4da5031bd67e94af7b529

    SHA512

    690de4d349a26d0f2182d6dd9c89c3370206fbd2bd83f844ab5508375d716121fd29af052911c38775aa570f0e17c66ae8d670164b6f548c1aef599bee07811f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7f26ee589e93d5e6bf8930420bd80ed8

    SHA1

    f51a4c22a992446907fa1d5099d31ce2bce4ba84

    SHA256

    c1e815951d05fed0d0300562d4c0c23a8c2e8b2d3716ea35b3187fd1c92978b8

    SHA512

    c7c2894570a70f41984ec186af9f6fb2ebe03829c1e9f8cf9ea590b8ae9361ca5fb73ded6d219cd778c6c31d35cdee88f9c5b188ed46db7d14ac044f596176fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    44ab02d446b15a85ab78df942962ec01

    SHA1

    96d3f66fae5fd635fb396713e5c9849d5d8e439d

    SHA256

    1e71262a57daeb0a39acbd45404745d931fc3716b9b0361eb61c7b8d189d64fe

    SHA512

    9bd2afedfe7aabcc84cb24777a922aa6374676fee6ff60b28da9a8e5a1c054a3bfdf74686772785b0bfadc871339b82919b30d4b44ffc32fae7be2c38b4311bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c34adeda78d7ac65aec446944ef32088

    SHA1

    0950aa46d129b7542462e17dc77aeeb7fce1f079

    SHA256

    bd2346f4791221224847f3f9946dfefefaf42b3519de287457f2840d1af6427c

    SHA512

    dc47e90948d3e71f3d00a2fc0f36af3aecf31b648c2eb60f44e9f32ed69a08dbf3ed16f35077603e226f91ccb9f194fe0da3ac449a981634b347bb2efd7c0e39

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    68098f9f93766d51badfac0b23d5ee4a

    SHA1

    ba069a5429bdbd3836574e48411ce42b10e771b8

    SHA256

    31cf065aee5e8103e5d3bbfaf7faf3cfbf3a8b77ec134df1c293147741453b84

    SHA512

    330c2bc9ca44deaf4969c0af3640bbbadacbf21cb171c99fbff2ff4493940d345aac3a059e4441afa4c3627857aae3f0af64d75ee6a6d0e289b22cc7552b321e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    22d53849c23b31282c53d470cebbc896

    SHA1

    68e64277360e8fc83171c843d03cad9e9448324d

    SHA256

    779ff822ebb1c9d65711a9c186d1712a1d84b40e06bf78c941604f039341d33d

    SHA512

    9370806265de02532edcd8627d746ac9850096c2b125e05418b02b6072701d96885ac0b4f28c7b46a6dcf35cc33acbda3cd06d8762fee832489f2eeec10bf02e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67e98a402b926ec9b46b8bfd54ae35d3

    SHA1

    2dd65d800c630ad36bca2cfac0ed6daec1f725f4

    SHA256

    15e98c12933b180a70de5fab2a19d3a58cce45cf27926556747f5ea676ccaaae

    SHA512

    3d03f93dc50a9eb0578809e3e6550d1724e953ac1ef096f116a9498904594df57d12dff92416d47048aec2683cbdcfb6cafc169816de6159afb1334dc483d781

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a17515361c18fa9ebb0d739b0c97da73

    SHA1

    043ca900c4f93f236bf61bbadbaa4e507162f19b

    SHA256

    bbef35687d605d39669a048bb1939cb5ad3d30ee282a6906ce76b850e43a7c11

    SHA512

    453c1214e8dae65b3b8fc28ba943d71b8b56e1b17266541220ea90f20efc5f9bafe2520651071addcc433245990572d7e7a128ce6e63741c22403f55a1bb8862

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    45ed4cc492d2481aaefed3b2decfe741

    SHA1

    0f698556cefbd6e19db32992ba171bcdbf186ae8

    SHA256

    8b56794995fd4ac529f2da2027fbeb4f1f9e1724facc04b3ca63e3bb57a7f011

    SHA512

    0a81cf2625b2a190d026e6d44518ff43bdc8a78ff924dcfde6f8d4f65c9cae8bb6f9bba1f9a988a60c3cf3051c203336f8b09eb175218edb9c9b8221ab5edcef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    64f303b38a6b8436f139a02aaf096860

    SHA1

    f02012ef822a5bc608e24edc05cfe61d1505a3b7

    SHA256

    84ee4955fb968e8e7388c34d57df21aaa95c342ce6cf26e521b8eaa5d68728c9

    SHA512

    3d5f704de04c56e2196e6ea5d0d35deb4766b796e523110a79dafa0881d75010f4b96f5c2b5eda460df654d24452d100bc6d54745d1fe3e5ce17b6f65d35b124

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6756e73bb6d4d68ee9171305214f5a46

    SHA1

    bd22f33df86499c0e1fdca9ca7b0436d2511bc8e

    SHA256

    db47bfa5d52b3d0e411ebb008af55841bb17dd03d9e391a85425606ae88e8397

    SHA512

    9f4a22aa89c5be9a17f37f14c2c9c931a394be3e4b8dbcff70534cd201fbd222a11f0e570858e90017fc140642c6c5da8bf291d003079234a599976bf6f54d79

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fdcc54fbce489d455ae114ae5c07b5f0

    SHA1

    0261260789d5d64a83f594b364d4568c81746657

    SHA256

    54cdfddd0e6fe55a4fad932a11b31df370eb48c553fcc91bb5e93b3af06b9164

    SHA512

    1dc7b976ccb39ac5620b2cc5ca9547f9e95b0dc3695e82ef51c0be318caa4faf57c329950f48f65efcabe9b0869f17dd3c9e0582d40a81beb57d918873d96382

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    727577ecc6a0a677ed19dbe45db2f559

    SHA1

    6a623548b111b9d06f1a6506c94d02a536429f55

    SHA256

    1627f916964f252109de780f3bc1d806ee9eb4004b26fb932597fc45dfe52e4a

    SHA512

    88e3a51359948db6b4ae38653db6ca7b91dcdfff0e2484c88b5a1e6738c09c45c93658ba9e198edb94ce3e910b9e1e2bdfaca02fb4be752a957b58fa23f40beb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c05b34dbf94e493e183ebcb16140244

    SHA1

    7bb602ac7efd084b323549318ef0684ff6a93cb8

    SHA256

    7807dd0030046c91923fdfccee1effbb36478b0c444095218c52e30f0426c9cf

    SHA512

    d06c7c92c71c80193c37a589c8c9a641e688f9ffddb20e011ad48b6ac5ccc4967668ecf44af6dacf289703f58954359218b297d448f944fc105a7616adbf8ffa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    cd5a780e7ef078a4f3c05303d5914113

    SHA1

    ad555abd2b0bd85eb853ad56f43b011298cc8114

    SHA256

    ef4b5c905a86896c5cb1aeaff1569116a625f1a3dc9f5fcbbcb0c0a43e1a3f5f

    SHA512

    2fecf6653d0a42fa7a3252697799fbd1df418b2d46769c78872013ce08fa67dad946b5a7b962460d7cce8b03b3c6dbb84be3a4b8aef033738a6221c13ece525a

  • C:\Users\Admin\AppData\Local\Temp\Cab390C.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar391D.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar39EF.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b