Analysis

  • max time kernel
    141s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:28

General

  • Target

    91f4179b7c90775e5f3bed77e7dabe17_JaffaCakes118.html

  • Size

    12KB

  • MD5

    91f4179b7c90775e5f3bed77e7dabe17

  • SHA1

    a31b7636b9ded84b413ee14102969c4d7ff43e84

  • SHA256

    0e190f73b816be34c765a6a85ed495b68ba17d6f526d1cd5695b155546ff3820

  • SHA512

    da7712595fa748642bfbec9ed5fdfa863960fbca6ee4e0fd7640c41b409536e208f0fcb28d233433ce748b884fecd589429d130502270f671fb06f372dd43c76

  • SSDEEP

    384:HS6dZC7kCwpzx76fba8IIm2+OsJtMYWmjC2oaUzM8aFKvx:hdY7kCwpzAfbJII3+/JtMJm22oaUzM8P

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91f4179b7c90775e5f3bed77e7dabe17_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2928
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2928 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2640

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8c7746d46880b45d6d54d987a1ac60f3

    SHA1

    e7c98e49199f22c76a0e6e00841bf5cbede6d3eb

    SHA256

    1593303779c9572887e37182854dff5788a99408eff2bc6da04d3d709e4ac0c1

    SHA512

    8f095f02e1d6da9a91df116567c3fb7001582abef7fa6a93774665090a927883daf6201237ba7832261031dd40da081ec8b38daec0384cf60a54ff202de9fb49

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d5c8bebef177a40cb074619ed2d18ef9

    SHA1

    5d8301f555f0b87002bc59670668d8a0ba8a3258

    SHA256

    b8ce690dfa4709105c92e2787a56e39c5012a4f4aaae7e9f7deda16fe06630bf

    SHA512

    c04215af1cf14b22e8f4308d461ca1508670225f0f5a9cad4103278bc56c741574a8d662084c2f6089f9ef95ec54218d3080107bca4e6eadd45d8359b9fa83e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f13c99c30f842b4073b37cccc8e618f

    SHA1

    6d0c5374f6a5e718edf641bb6867be9267bd1da6

    SHA256

    7b61d724c5fe48820544b85972cbc59ce5ab08c9f5b26212565f2183b9bf9629

    SHA512

    10a4f1d6ad725273db953b16204cb91cab9f9c172cc52d5fb4e8c526c75aee9ad30c1e03eff977747f46d3189f6e841be67c6af56a5bac67604140d558877aac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    417b6a7c8636f2858c4724e600125fa9

    SHA1

    110226f2a60c52e67ecbe5882a6e4201bb0cceac

    SHA256

    cd18731f995d2217fb19d0cc4fdf97aa626e34ab0e2e98a39fc4bbd58e3e48ae

    SHA512

    8527145ca25e3349d8c2999bc9c5bb78c4fd668bc818f54ce2d54bd9423eb56935e5c6a7c373ffd4782314d3dd42e5d676567fa0b1aeb6e22f1a4aac888394ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ee9463544f7692985bb59914fc72c99f

    SHA1

    fff3565565a4ff7c2988baa46bf8f17ee22b19d4

    SHA256

    c1fc27639f1d35b9776adc15d386352e8539446b54aba0bd398865f375d8c7d7

    SHA512

    5f3d17b738680a2d50546058d90f56b0520a2aa170afd68fa5c4729f3b3c2d0d96ebbf2d874f2397883c9c64129a60606c39b65b777c465651cd70bc6089b6cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e223c8b15d33ab547cb96867d7167581

    SHA1

    bc354bc951427eb8e19882a24abdb23856048b70

    SHA256

    5bf58db3b0c47d6b1d90a84e8df1b0ae1ad43646ecc80898908616c8eed6a516

    SHA512

    2c02b88032886d2e3e227765f986be308f40977124c406eca66d6cb7f742dd731a6443b0752b327f61f42482489e87abd360410b13408bdb043c67b978d0ea31

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    745039a235183b4380b37009603a28de

    SHA1

    f780bf5799f212996a8698489e5977dba597596a

    SHA256

    8ce22e0e0c716bc9662548f48e78d741e2ff3a86541e71443828956369f793c9

    SHA512

    7ee7d96d15dba6ba6c0bdf742b57e8eb8e268ff9671340c262963924c4b271f2a210f8d8362e1537e10a59d4094b488d2684b8290fb8739ced4b045c9e02793a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5ddf0c2f5850eb7429e46d9cabdf93f0

    SHA1

    b2b3b5296e65d66cdc8a22cf2b88c3d357e3f14d

    SHA256

    c276828be68843652a12d8aae3cb91eb2ae3b6a1fb6e12452b14101aaf344793

    SHA512

    a8c6099ffa2e51e942e7dfe58e9bd72d09f89355ce3db0f54d78034957b57d5170fcc3d1045a8416158c5093d4adde34f47aeb8e0a8fd0ccb38ff270f8b86b3c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d56a611e3877026ee63a1ac63405fdc

    SHA1

    74c72d158bc317d9fd3fe4a8f7bab4216b8425a5

    SHA256

    de75ad829c76502ad5087c44ba6bdee12420f105baa9e19cc6b76e888db62af6

    SHA512

    d89b74b4a9f8b3c2421f10153e31ad639d1bc27ac0fcf86a6b21f23de67e72016c2c9398bb96dc5c699a83d4906b0a5fa0e47a8aca69acf552da988ae55ed691

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    62292d1ebbd00cdced4eec3c3d92024e

    SHA1

    90ee889152d34142dc2f24fe14c18d88285dfe42

    SHA256

    bf89124b69af0f4777fa7c3fc5e11cfc3c20a976979ec61934f4593c1f899c0a

    SHA512

    92b73f7070a921d6f3a51f8156b6a51e99409d373f290e0e8d294d13c7e1ab22d9328e70b94908ec77570576c7fa1ea9b2b2c8ac26c1322fe0c04e9e318517ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c5776f7e9f3071c3992ee9ef30e91ea

    SHA1

    66b1e5f49a202a04188bff2fa2adcccd7bcd267c

    SHA256

    82eaa0b7a2365b16c2c1f094d446e3b25a3f6197c8a5f367da6943bd6463cf3e

    SHA512

    62aa5fe7e08a16ca9bd29533f0c99af1b6ed9dcc89a8263c19f85b0954fbf7edbc4524a4053ba7a8debdba543923cbfd341ab0d0e484eab4ad48007849064fa2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fcc2a19c433da0786d8b3391284adb17

    SHA1

    ae2ed1f76950323e033c6c862bc0437ba218812b

    SHA256

    39eedc041d1bf0991d2f587816fecc29f04cf71e2834cad5b0591615cbc89b76

    SHA512

    5c0b29a8ac245e550b8cbb2c090423b9a5e446a98372b6831f12aa2da920fe8c544fa146dbcacbed28471060f9a36c189043caf63d11c03b553c4139eb344b8a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b2c52d1757a748e4e0206537485683a

    SHA1

    2712b9d9c9f3c74fb3d7f4b49d4d6d0998b74dd9

    SHA256

    1b73e1e6223491fcd7fab68525b22f7fb1d1ccecf558e1c559620a6a25c3e426

    SHA512

    3569168d67eaf0c097b6d1330022a33a8883cb94e60a745be771f7b4b765c2bd9af695062efc36976066ab1d29f4a7f79da5653830402ebbb8ec06fec4ae3a57

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    16d88dcb3ba316c79b42d4a7fd49b8d4

    SHA1

    28746b3a0c23e314cd06fab202a7ae5de15cda28

    SHA256

    d5224d686a912fcb2818310e7115e2dd2f4463e203c228cb9161045c8713a46d

    SHA512

    c0aa8f5b91c4ed20911635ff9b58ebc28a8aaf136597c06eb5bb3667b041de01d5901d3e8f62922b107f86d90804b83381a82b7238f0c9115b66c0743426721c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9255857f9e364b722fe3f4fff3271da

    SHA1

    596c0e6c73bd120fa45fa5d9148e4d8d68619d46

    SHA256

    60ddbb29baa6eb0c62c1c79c6ab5e270c5c21bfa92273e082c161ba5038e7e6b

    SHA512

    7ca38f5bc589a2f9154faef04ff24be54bf5934ee3ba50c1e30e893ba5fb17f018bb1f9caccde1477782589c9f071357a91b5220dbb66cd9922b92060b439a96

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a2fc33f37703f0b881d71d2e85c9897c

    SHA1

    9e3800fe4b3eb2cb90e12b8992897bdc84bb3ec1

    SHA256

    f81629f621967add6a4477e8d4d664775d4f0c35c2c76fdc2a16807dacc15d68

    SHA512

    e87580e37a0961bed6556d49fa8c2071370296020310ad6d385fb75f7577d9ad0c126139859c5dd660fad4d2b234aa0874ccb33c8a3ee39bd30a2d3d7d70074d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f6ded08c56c79268969d90a9a4e768b

    SHA1

    4769d96f230bf483be72594ab93ada3c38e121c4

    SHA256

    594158abf615e4db05ccda4eb25e26240d773163a0c07264e6bc393e129277f6

    SHA512

    8ff8d869a84f38b9ed22cd9dd08a71f4266d36a1c28177d82d05d665f3e36b74564d1889fe353c02986b987379a3ac627490af05d7576c54f771362e82c80ae3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed19af55cd5fd3a1b35d0551361dec68

    SHA1

    3c721871533bad647b3584ae51a70a3adc3fcea8

    SHA256

    45f8e5e496534dd1d871f5c1f34a92327c82e53dbc165d5a4726383d9a0ec2f0

    SHA512

    9b6592ad0e205aecdc39b0ff1bc435faa5dff0df7ec27e56d82836928a6a11f13909e08710fbe1c0193c94c4dc16d11e0fc19f37781f0fd13c607be4df7ce6ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    264d1e4035ea57956a26c0a97d48e944

    SHA1

    94e4af8b875e5291084dbbcf29be8921a7501a3f

    SHA256

    1df8886a2b8b87c17bb3f5c696cb61633457d0aae9cd3d39cc1fba25e4e6c936

    SHA512

    820274725a8057c956117338e396c92e372a473019fa38864b1a5b0198acb66e5321f5ce491e1ebd891f415113ba8a3c445d013916d7e7bdcadeea7c17a26c27

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fcea704c55dee8b2de3a1098c3722256

    SHA1

    ca953ac00d227dcc8b779df70df376f78f93ef5a

    SHA256

    caf55abaecf02cfd41c42b1e81059d5e862cb630d73e37c8bd3333ddfe28fc52

    SHA512

    68b3b05e75cd8e19a5f359020ed6d445e2a4f41369f42df9009fbef9faa4077cdeaddca3237bd052eb9f735485f3baa27d5b7c0c42a7006b0888e043b2c12ad1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ca3cf6b9331564030254c623b01d35d

    SHA1

    087d2dc4b94b67c645f5001b7ce01087163f0561

    SHA256

    b409659b3e01bb84d48709d619f1a621a1de3a16a3c9f9556a60a0de297c8b65

    SHA512

    925649e9a77ae3c4c96ed50fdabfb5cfd4a476f09ddc81672fcb608186589871844ec2a36b5222ba94901db2f3945d0db3bd219fcdc5a220f8b8c07cdb1cedbb

  • C:\Users\Admin\AppData\Local\Temp\Cab2713.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar2814.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b