Analysis

  • max time kernel
    132s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:24

General

  • Target

    91f143cba158788e1c0d34b8b8d627b2_JaffaCakes118.html

  • Size

    226KB

  • MD5

    91f143cba158788e1c0d34b8b8d627b2

  • SHA1

    159e8cb397993694e5f79ed31414b6d71a998b0d

  • SHA256

    156a77007bc2d49f12d8812eebe37dc3782a26a1aa8b39307061ab1b05fb40cc

  • SHA512

    6ebfe845dca170cddc64b8e29986d35e68de369a8972c5629c4af8d1fb5842f164702b25fa57b5220f67aa4d79b8b21c82c570daf67519d9ebbbd9a4136e679c

  • SSDEEP

    3072:UTyfkMY+BES09JXAnyrZalI+YuyfkMY+BES09JXAnyrZalI+YQ:9sMYod+X3oI+YLsMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91f143cba158788e1c0d34b8b8d627b2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2208
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2208 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2132

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cc0009a5156be88b0f47c18c2112b32a

    SHA1

    fcb2b4c8c6bc1d7490f79f4f2962a76a3b4b7deb

    SHA256

    0e97a75943d7f0c88b2fdc3c398c2ea3122abf4bb98141299092d68eea144e54

    SHA512

    a4ec1b673ad12e5d77c69b86dc6ae2067e63f5d603b2b5a3c2c6b215035166cb602e3f03c77310dc3b3481a38830f526f1f3bfa20271c19d8adf4d84dcc097e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ce8fb3faea3d5e6994ab0fdd0bf6c4ec

    SHA1

    be267dc2fd1efcdbe3ba7740651e4a158c77c4a3

    SHA256

    f726e81b5de0bd520049f4b9e00e88f1dcfee32568f7d1eb394fafb5376ca6e3

    SHA512

    6bc3adc87fa06485934a5c82a5ec3b21ba781c55f8b2109b678a111ed6ff771993a183bce8338fc4f66c8f5d6f74fbaf7d5bd5c4d276e197f6d2f76ef84a7194

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7c6467bfb40f8aaef6b9d10e518a431c

    SHA1

    cc445ca9b4e807fe9bba405d67917de9ea368db2

    SHA256

    f4f50d0f0150baf35368b654490ccb7354e54a98035f27bafbc32e9e6858048d

    SHA512

    1962477c6752589fbbe7dbc8bfe96ce6313c2acc0f9832ac3b2833cf8dc11060be768d0d28335c907d72a7fe392da1c5e381b10ebdb765f459f7196370ae71fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ac34e71b8f0107ee17ce4cafde01c46d

    SHA1

    d87471d73e2cab16c11d17497ab8c65c7fe9f527

    SHA256

    af8b86f9e7e7f656844d262e9b82cea0990e6d54e323d5ef9de8933156532da3

    SHA512

    880db3baa350cb9729ee5f0221a020a3c676d8f36fcc082620ea9e5a90340113e2279d308439f4107baca76e188cc1b5958406bf12b650bdeaeb6485f90d2d7b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e78d0937400a1ae5649c45e5d5d2b0bf

    SHA1

    d4da119712edbab61fd8d82fc834dee47c00d0bd

    SHA256

    8927fccefb2cc122f8aec5c4ac579cfa3218fac1869b07d2741a9a5da5117157

    SHA512

    c1f4eaaa9cb88fd2a1e46293e71179e9c522c921db1e11e82fd9e0eef509c98a2deb831f0912b8b42082f2711e6aa25bac25d0c190e84cc2f9805611d7527685

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c97d3e20f695ca9dd0b541f077638ff

    SHA1

    e63a75ca26229ad2239d3ac7c6a97e4516c2cfe5

    SHA256

    ae37e318a2a0d1a86128a28e4dcfe7dbd11d2eb268f1b228d8671dbc117a1e39

    SHA512

    c2ed759cb6043007703622eaca01bb8a7225e7b156696d69147a8754df67d74473877ae42b9ac02504aeae5990586dca7f417432d106f60aeb64099d5a2da6f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a37a0c424b59129cfe1fe9c907887561

    SHA1

    ff4f8c685db0bc292a71b7a7f76d07ab9403ae62

    SHA256

    915512b153c7a2b1687168842982d81177e473313c52a0ca5a1fd6eb28372bd3

    SHA512

    3e17b3a55c744b834b71ca05712fec7cb24c49b6ad7d4023f56fd84d41617d438e58b5f1f4faced8aaa8a9bdc02be6eedce079794cb20c45341f04e6e47e4513

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e609e9af4568e2ef54ebe75a790f38f

    SHA1

    2e969cd05408fb9f10fd0b35710ddd2f0a580434

    SHA256

    a3cf1c38ffc3abe90e72ab49844d393ba0ac34120505d53ad56f2f852112deff

    SHA512

    8e52a1bd05b5b28112132699af3f19d7650ded4ddd50bb54ddfa653bf7ed1d893074f2df842ee2380c9aba901986a0d37e69f37de935130d6724045077bb76dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd482a6e13027c13a4414583ef13457e

    SHA1

    c20201f664e110be5b1117abe58d906dc3bd6c8d

    SHA256

    95e74a2158b42711f2b30186d207e0d0b1e13f79a2490151171b4579be6943f3

    SHA512

    04c2a6ac61f954ee4d57665d7cc97a5a505a38833c55b7d538d896c71d9cdf5862f14c8003b6a7d192f3c3ef97ceecbdc205c1e557b1f014d42da45034a81be6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    325330f15a87837594716cb89828f349

    SHA1

    e16b53025b42683b41b4d5a206f50c732e05e0cf

    SHA256

    1249a8632ae39aeb07794e891edd1e5b5cff2ff7a56d4c9388829765957efa43

    SHA512

    5c2c3d07c42f9171dc4d198b1d2c20af2a42304f91dc6106abe06f33fc40e6b6a6e0718be8ae29dee56a2215ff82566046484b43f50fd6ccd32eee4ea207ba58

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    41a60b68c2ffbcfa425c5facbe825926

    SHA1

    fd9fe6fbba96621f7468dbb4f3ee7c6f4db16616

    SHA256

    34605625e58c65c097e3e04eceec8663f079854aaec38304f741ffa7c2d1552f

    SHA512

    02754b3a8db66a2a636593e361c4b9fdec3d6e2accb76f4d21e0a5ae5ea6fd6a476d22785e51c2f6097c9a00687ac9779e4be285c4e76b368eb0e7f48df5b061

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    243950417d6254ba671f40f3e0403cf7

    SHA1

    f302b63bb0553a4d39db146bfbc413f04f142a16

    SHA256

    b5f0e44e184d9e68ce31d2dc995ddfbd57cb14f9db378bbdcbd8bc2e5682304d

    SHA512

    bc7afa7f64f58bf88865788b0ad7229aa45648d08888be96abf38304b244df3e51e7203025ecbd900ed43b89df7e375611010739ee126bc070e4de7a0025ec44

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e3ff2d8d98e4fc1b02d137b0d303df44

    SHA1

    c6c84851406b66ff4c8aeed7b227e934a432f01c

    SHA256

    4ad54d6628e060b4130001c754fc454065823da201b7f6a4b806d63990f15dc3

    SHA512

    7f7652d8bc6157ad48e2a9f18cc94c907cefa8e6461f345e4e8e077260947d34157c014f416d0a861a44ebb25cadeaacd744f66bf949ce276c591ec49860234b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b9a6c9d98c36ce3fcc3c27d69b68115

    SHA1

    53774232d38495f89b2a332c5ce98367243d2cc3

    SHA256

    4b36c2b5b19ae1dc8a518d363d2394e76621758d2ccb0b65eafbc0c77cf08a11

    SHA512

    00be3a48cbf8f6df5b02bdd6955ccb317a20323f18b9f00ab3ea0e7fdf81b587acdce49475702dd29ade404ec116b185759326b913426c0ac5a0a14ceeb336cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3f718c7856d2917dcdaae274f623d558

    SHA1

    b1c79cafedda1ae74e62bfd7215af7eec83788f1

    SHA256

    1013f617cb2c47a55c67352a741f930958c0d68be75625c5e8152a1eb8464054

    SHA512

    9fd654559ef004295f137ef62ffb5efde89a0b6ad7baa300f36bccada33715cfa3ed0c025b3450be7314a429ff521018e01399a082f9453e203d3ca392bc6162

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c7f8f40d14eeb7839e4b97669caa2567

    SHA1

    dace9f0621721b2c2475538ea11056964e59a36f

    SHA256

    777dafed67bef2deb47bd86226049f8643fe2931d81a2a6933f44cfdd0984cbe

    SHA512

    aaf10b544544cfd2da0920189be9d2dd3846d918188b093a23baf432b1024bf2d6ad21540e06c9b494a06a3e34af3b89aa1b1c5b02e52b1c92b79b156e3890b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ef1efb570a5c1fb7a5831ab4dcbf18dc

    SHA1

    a3aea4b23d0a2ce1ad465eb8d7c324313f74192a

    SHA256

    734efd152ab4adca3bcd10e654b38cef82ede52a4e70a941acc3b297774428be

    SHA512

    b852ff5b57d11f7baded9c2079ec183be1871ce8f098ce5e0feb77cf5244db663668b3f94e31fb6fa22292bb7734836f54b320058b70fdfd5fa4aa61b693d88e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a663b54d42b6197b33e45f5dc9797b3b

    SHA1

    c6c7b930685763ae5e716d77c01d10ad379e90ca

    SHA256

    5916bd71155e332ec43d204dc13f98cc9c774c1be1a9e7e4762918558750c0d7

    SHA512

    bdcb6c1f0e129bc7b8eac689aed738e8abc4750ab1e0011ab4f3402739ef8d7b3148e497e2370a680f8f315fad078bafd7f3c00048995b47e510e19a83a379fb

  • C:\Users\Admin\AppData\Local\Temp\Cab35A4.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Cab3615.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar3628.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b