Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:25

General

  • Target

    91f1af2dae70e0b08af487c1cf5e32c5_JaffaCakes118.html

  • Size

    138KB

  • MD5

    91f1af2dae70e0b08af487c1cf5e32c5

  • SHA1

    2a7e38f6f69bb6be77d1d4dd7ccc3f86dc15102d

  • SHA256

    8e6c1cc4dc02a13dad32efa429f30e9f6c6726765007bcbc41256e1b7dadafae

  • SHA512

    f3ede4b0d68dab6aefab6024ab60ae78bd3852aa404ebcdf17c49843b3eb528ed2ffa652b0da1dc1054f48a271c4890ac22f4ee319fdd991d24ef2515023e922

  • SSDEEP

    1536:9HHBwuEgvFlTRaoSYPCTQVESjxBVUSbV7SVVCSoVz02wFwpI+w4w/2nwBdXt9wHY:NtTZPCYxBnwBdXjvKFDKEeFh

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91f1af2dae70e0b08af487c1cf5e32c5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2440
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2440 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2912

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    1eede452280c62e10b8c917938dce273

    SHA1

    56119230a395e429281b8e1da2eb734803a741a9

    SHA256

    534c58c11886cedcf019c16aa3e252ea1f3ca2934233727afd30f8420a8a7ee3

    SHA512

    d55c8b55c39c54ab8f1542760f2e48202ae9877d0409836da010dd205c6cd9220490da3cc20fdf66a7dc0450dd6c3cf412fdd5cea47cf54eadc0a0b149f558e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    03078cc777d6ebff7114d1d6e68fd79f

    SHA1

    0bd31b6867300256883c2edde87656cbf84a7756

    SHA256

    0c37b612a415fa0408813bd6d0e689b031250d23620156538a3b03fe03ea3e3a

    SHA512

    25432508fc8592824c8288d3fc70663e9d6e14e9832574b1634eb828dd59f9715c77846e95037e07fae54824b1fc5f0e0e9081957b6fc971cf846299658e7fbc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    03f047cb01db674f15b2c2feffc390f9

    SHA1

    88f2de73e5782b348c91662b20de0410f83fbfaf

    SHA256

    3a19a83d4a63f35e22b0bee1c8bdb94eeff9abfe4c19d76a436b027b19102351

    SHA512

    46be8766e2e3d204beca273445983981b106d5838c13e172c3ae05a3f368f6ae4ec64812c6d13fb1efa54f0f013da0f6a6ff246a347c53a70b35b9e945ff9523

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c59a10dae8f25e479882d648a061702

    SHA1

    6ec792d4a774dfd19fde9b76feab41cc2e30647d

    SHA256

    09a923f0d707a2a85bd918d1140047a6943306855fa8c2c4b6936e5558cc7ad3

    SHA512

    8b1f259326fa59ece3782afb760aa85d6775bd7c045089c3c3ba4510b8ba468a3af52117ae35f8d6bdff968b22c13bbbeb5859a3449143b6d31d9b95e55cd6f8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eab1be11a0777987e7dc182afde8363e

    SHA1

    cda5c1f9f2ebe8945e42915963e03afd83be0d13

    SHA256

    a6d958b3a5367a36c5abccc355f737d2b0bc9e802a8a5bbc578d5613557bbd42

    SHA512

    0b0655d22a7644544eb068ed260e16ed99d2b24bbd730668d3ef27b88c08b3587842abab674abd8b91e705ca1cbd5cb1c127f2332fecef6d35c4c5ec5bc3e693

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ee8d17e3d550593b605ce5cef3e5956d

    SHA1

    6af5180fb0a8324dde733e3497b9beed87b0e935

    SHA256

    5a707c74d2111c61ed0169ec174ae378d7205ee6d24458464047cffcb9f15e3d

    SHA512

    6562c73c00d290b52eb0859a67579e96105e79411a7ef1900c54b97f4c5c6aa821b3600b5b1ddd12e930a89524c5a40e38c51b5493e60a2827e2f4563211b3d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1075685fb4793024ed9fa5fe8351624e

    SHA1

    19696fe8b4b179e51a988feb15c3247d084ecaa3

    SHA256

    0fdd7c43b0d435eb78e23b0859c45986b5eb1dc092124a4bc3c7dc359c74b8ca

    SHA512

    0f032463c3dbb359cda4af8d44f769f2f0271371f04dbe8b8b196423031077a52a2bced905fa0e4c91ccf1f05d7608bd0e55f55ebd84b4d038b05149399ee9a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    773dea95a5cb2ef8e49a75c72bbfdaf5

    SHA1

    1c3d88860a4f4d00fdfc13d3cd5e42f09d2515b1

    SHA256

    24b0cc86e79d513ebfa6ac0d4ad2e804be787feb623dfe0f897bfcb48ec982d2

    SHA512

    08b2b65a6fdb008f86f72bcf1d2bb548b81e1efe99f1ebcdbbb2d6c92ededa6d86f865e8642e80dd2cd526edbc370375f2cfd5975923a290544f6ab5ea377744

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c86c6800a0fc859f68dbd0397ec4c3d

    SHA1

    bfe62ac29ad22facde87ce3a6f9c7221f7f667fb

    SHA256

    46e317092301981d8c7360df3e9b85407b218ac1fc72a3dc412a5b1da5399a43

    SHA512

    57eabe31f4654d84d10b1b8d34baffeab52fdef83616a500e3970a4c635f62f5660173b926b3baee6a82b34d3eb1064170beff8d4a6c9466048d69b36d841205

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc39dc6149541919c8033e7c8e2a765a

    SHA1

    e104b90db6a8870a74dde90168c7fb4e79471101

    SHA256

    32a9c281d33d42c63ffb2849864619c4210b235a066b996c7162d0426d733a93

    SHA512

    7257cc2c0d299ed11b4f89ac4995838cc1e44a425278d000d9e8184a558f36d1fd5bbe708c0876e3b9b3a5ea0dac581b5a0e2f919a14317145db3b3523704b92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3f0a4a258b711f030e401fb968b6c060

    SHA1

    67c3b93a8a9bc8b0af67a65b59feebe0b232cefb

    SHA256

    9f7ad33afcfe8fd0061716151ea980c7b9ef58174e04863f523210d9c82f877f

    SHA512

    54a91da7bb1d5d46c6d056973f759e1120c46e5c43795bf29d0bef89605103eee9e100e630a76bded85ee2c87fb829f4f6f979be7c2f7a033835cebaacbf1ae0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f10a1ed307dc79e98bc730be8bc4cd2f

    SHA1

    30ac116295ef6d37d76090a6d4e1ce9e9d92bc28

    SHA256

    67dacac1943bcd7638ae25efc7d52d7c9ea7a260415de5690409340c5fc1129d

    SHA512

    7dc58dc3cb144a0777be9d0bf11ec418222ffe9ffcb8a0361d771c36ea1f67ce6f773becbd6b1604a57c3014e939a87b94c54dae1cbb92ca296ef88ab1bbf079

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    89006f7d0e2001a57db7d71c063f5e4f

    SHA1

    a10a0d9b787eca9607594e492e3f663bf8c6f774

    SHA256

    faa6fb586d1a8b564c72c3bdd360fa86c8ae459862a3410aa7303158979ce795

    SHA512

    1ca065ed5eec25022245f61628c91458b3b9adbf7140e4fb6dbdc373e062a4bcbfc5290304d96c8e9d08b4d292207a654afeabc4c16c874bfb18b15927c18a57

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    52447c2bed325ec02167a6fcfcf236bf

    SHA1

    979b9459c641f48bcd00be8b5e8bb5bdece279aa

    SHA256

    3cd1d5451aafd6d5ae9752f197ac9d72d601de86fb675f7b402d345b49034151

    SHA512

    ef26ce016edab63d7d78a42f1d0fcae1cf9adbad7bb9d123408baa50085f12f1c5ffeb3a6260c3c1dcf1e429f94e51e198db97f62f728f731bef40fadc08ce7e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0b79707a4e3be0d24562793158f5c1e0

    SHA1

    36c52aaa54517b330be3f13054fe363f2fe0c9ec

    SHA256

    40024e1da6ac978049908086955f63781395e9ceb9aacc3a968bc135008e9346

    SHA512

    6646336409dd90f739f3fd3c6b7f5d9153bafee2a52362e1ae749bf16791e0c87c99df6ac7556901d636739a77b445cb78efbc2a9202e38df406eaafc1e516d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e55cc9eb3f8d4461f8670c15f48c6933

    SHA1

    b492c3165b542e47efb93a0b1afad953ed2bfbf7

    SHA256

    daee19b830673a32f48d1ba531ff3ba5e5f57c121a300c8f5a56aa6354e723fa

    SHA512

    5be1609aea5f4fbcd4d4d893049e9ed35c44a5b01545b46c301cde4e7b24b2e467a1f86000bbcbee011b5860a48f1b0623107f406bc0ac995775ab251c2a1bb8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6346436b219c2e72603d418bb9dea19d

    SHA1

    1bd68f5ec0f242b236d610c6813227e19b21eaea

    SHA256

    a47854a23ae80368a75078cdcc998d74f82eff336c6f5cdec5eb864ef69443b1

    SHA512

    7205be49497c97fa6bba7958ac720537081fcfbcfde9b06ecdb4d907cbb08a6b8115a8933b54191ec9a4adad33da6d5e07cd8fb7a6000a7654af0f4a7b0a6f22

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8f1235077db20c6781ea1989a3049f61

    SHA1

    1cb213508344b9d8b9cd49fa286b877407b3a5dd

    SHA256

    18bf5388a5a4df0737f7aee4412280df2776448af9b14abc21780205dcd7c4e9

    SHA512

    60c0f94a3057ce2bdea305ff3ceed6c3ebb798d8c20d60aa9cbb89db613db41b06e489dc04020e380bcd46fa15b2b4334747d333a7d3b2ec4d23246a6e523481

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    59ed3b88cd00dd6eac6e66137dd39e52

    SHA1

    02a31a5d8d896629fe1db3238b9738d5d3f0cb79

    SHA256

    832790759b5f764fc52a400cfd98a6f39b8a518202298e9f1a330166c32a68cd

    SHA512

    6a66aaac887b00262851a1e079f1c4828fc72501bd54ca372c757000d83c149acdadb0c93adad8e2f744a3dcffc2ed427dabe17c113ca1f5934767f75ab0e1b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a1102ff87534ab43cd27f48f5ed51545

    SHA1

    b7eca664c10fa2373882d20fac5ff7baa706ea0f

    SHA256

    075185d27136903c3370ee280e59cfdc892a830a19aa2b07c51f929643bceb05

    SHA512

    51d51cbab63a7405b8909abaa1877c6d094eb63a07389b8b2b0b88c7305ad44a967b422ab3ac6343e41732531aa3d6ca6fc1d86ae35553bf281d7a97d7e3a4d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8083d90b3e65989afacaaf480bf26afa

    SHA1

    97dfe5d8fd4ec899a979386055885916de6e715e

    SHA256

    19e85b8917d4b2dee19c9b2b41ae6dff23d4af5b1a96bb9a7b79f06943abdf48

    SHA512

    40c40f1aeba1068897ff5e624da8ae3ad91e181e792eedce4def3dd873882ad5498ed5da00601a10a276b19772b51cb66dcffba17b76d26acb82640c38a041af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    132dda0bad2c5706c33ab3f63f6c8747

    SHA1

    e1ca5d8715fa699f14438ec159ed048bea53872d

    SHA256

    b804398b942b4cf46c67f90adedc056c6d9b5b938e9d0658ecda8160d0bc6256

    SHA512

    160ece03165697cd4954d047017d1f92783d0878fb44ee66f21a3f7bacb9b29119fb16ebf3a1755cfa6127ef76ef4cbf832a243ef4f78f0e9960f77c5e3be0fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fc042b6ee363e81cee8033328d91abb7

    SHA1

    69c6bdd797c3822d87ef680f86fff4ae6d14aa33

    SHA256

    34ad1bfb817434c9274593ab348e15d91d99eb0e63e25a4a0413b9cfe3cdfefc

    SHA512

    2b7e719f0dbbf7d0edeb8b2c09e927935b7eb66f7317f1b72c0c86b4a11fda6bcf7abc33157715b63bb85ceb0cd891e35f0096f17ce42b882dabfc716e08e522

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    81da3345cf98c03a047fda846a98ec0e

    SHA1

    7eba98fc2d5c4f5d7e764f3035e493c727349361

    SHA256

    b97d5db4537702c1ca022ae01012caee0d134967d0f42f720b1d1f894a05165f

    SHA512

    a53473c4e422c6476cd779c8f11daad787c12578c5fb06ab0991d270377baeb23fbe76cd5125d41fa2d6ddb427df1e0c19556ec841358ddefac89d231b363ce8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    561073a23372b69e83d50267c238e3e0

    SHA1

    99494fe8a71b7088042f437d9e8ab3d5f1cdc546

    SHA256

    0954a02a1fe0cbb3b55c969c032d28f5c2bef91ed530bf10ac7ee8b10dd88d39

    SHA512

    2e824accf6e345feb0b7087e5675aaaf6c45755a38788956ad70031480d0bd915dc1ab1ed418a828fdbaa64d54ff8c8c26eb2714681df43810d82eb872552080

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    4066c4d5a52d4405c979143906dda528

    SHA1

    02ac27a5b45dd5d9514782bd87a7787320cb8f7c

    SHA256

    45bcf70cb70963bf88b47d3f72f9e6fe32baa25e9a2c43672e6f1341bb30fc65

    SHA512

    f40a66b61d6e4baab8d126a37ac450819212fea100e403d54a0c4604e617f6ccee84535f9644688c7bf091d748452c5f22c0d43bca29c4b69e4d8cab976336a3

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\js_composer[1].htm

    Filesize

    162B

    MD5

    4f8e702cc244ec5d4de32740c0ecbd97

    SHA1

    3adb1f02d5b6054de0046e367c1d687b6cdf7aff

    SHA256

    9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

    SHA512

    21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f

  • C:\Users\Admin\AppData\Local\Temp\Cab1643.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab1750.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1642.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar1766.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b