Analysis

  • max time kernel
    141s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:42

General

  • Target

    91fdfbb3788608dcb91833edb5f9fe39_JaffaCakes118.html

  • Size

    139KB

  • MD5

    91fdfbb3788608dcb91833edb5f9fe39

  • SHA1

    8b65b5d1d1697f3e35626acb2c49e05c858661b0

  • SHA256

    88cf7cbdeed284e86ed4fb9baa6117f2b044f027babd624e5d4cc28371260f74

  • SHA512

    fd0b54779532a81af581df7f5a87c470292c48405a08d046690af3b3b1b93d99c700d76071891bff5d3e2bbf926968a0a7417b434a5f712e263228f6e16c90ea

  • SSDEEP

    1536:Szvki/lVOlAImyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJruH:Sz9lDImyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91fdfbb3788608dcb91833edb5f9fe39_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1632
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1632 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2984

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    728287722af24d3703aebc53357b18f4

    SHA1

    8222cb53828963be41a5822f9d04ca39110d6106

    SHA256

    a1482b8f46c60857a733d85b136488fb195989997936a65344dfed520ab517a9

    SHA512

    9c5b5724f2837fe0c9e4c8d8b6fb99287e18d9e873dbf14370434fb746bdc32a4506e22b38d4e7c1a0af916c24ccc426527e9d732d50d3cc15b7f7f9b5e0b343

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a080f1ce5ed543361b55cb9a9b1711b5

    SHA1

    3cc24f6b0fef748e2be14ce6ae0ca62b7d5308c6

    SHA256

    f809b9c44ed9e7f70259c9ed606e8efdbe2d09635a8e2b295b85c163ef20d1b9

    SHA512

    1dfe0f104a0030f6f98b224bc2ac4446ea5a9c3fa0fa9f41b78f91de9051ce3eb155b78e1b36f7b825a0af5fe1849dac0303a22bb8d21fa6171f351e6b9e4d50

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba77b01689453828b0a74ace972547e1

    SHA1

    63ff049f3c66926829381fd1f9c3ade71f8bb60b

    SHA256

    05fbaaabe0eff6ec58c804b46b65dcf7c4667ebf4d59b521cd196985028f5764

    SHA512

    9538e6dde6719c39e7d7070d8d9409abdf604265ab345afd152681bb8ab49307a88baf315b0545877bf9e2e7a222dd5fbc7696fecb2a030935b4d39b268e1775

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    93802f434f256cee5d548d6e0afc248f

    SHA1

    02e777ca83adc63295995fd5e961c7b773f13068

    SHA256

    b9858cd715faee6a1b6191a1106a74e9198709e1a6f3ffea974632d182e08ec4

    SHA512

    955df89fb08b601fb772712b12ee13bd0daf117c605b330c2857db435e66bcc29ecaf8d2a48f43f125876d2ff6176f4a669969d7bb43224fde3a56a82c29a809

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f61282192f1fef5a2cb7566bb1cefc5f

    SHA1

    fb35706d2662dcb9afa51bc2078199fec8905f6a

    SHA256

    9a9ae9326aa44b1a109e15f4c511a5247ab07d6c5924f18bfa63ad34c5ac79d2

    SHA512

    1b34a82a509492d3f714175bbd40862b643bfd6c989374d95f3cda9fca3c853784126658524a6575aef3b6b91cae5563ab692c3669ac1aa9eb9f68259c3e703d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    813bc73bde139b3bf4d8b3b9bc71caa3

    SHA1

    89c1602fe159962a1a44bf5a4767db27c9088f3d

    SHA256

    3c7282e714b9e466e6384ba7e556105649652a3136ab93d86f2067b8e515ed6a

    SHA512

    4916fd8d96b5e0804a30e9583622e3d8664d3a3894aa4ce70181c873c2a56d150a7c58fd014ee62480a13e779475e840b07ed61105612af980279db757c6f320

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    be0e0f2445ff0a2bddcdfc138c377915

    SHA1

    9fd24b845d854d6c261f027e981c311e42d2d2e7

    SHA256

    ebf9b2d98731d069bb22dea235b0ca3592b77c5266d49a63b01bc7e38142667d

    SHA512

    9bb3d12ee4a9ffc91827ed01c9880fd9250890b3b7612aed135b078b557747d7efefa5117a8ac2c59c651db536a5177849ca148d08c79d1753ea96cb68599eec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    64c591ee3e5256f0747bf1eb17d0fd47

    SHA1

    f22ed56fccb1068fe14313dac4da7163b599a482

    SHA256

    ea69d15ce82c68e52af76521684e920ea5b80dd63d08a5da2174d4a1003e98e1

    SHA512

    b6d2d15dd2b96242a67645843171d8a5966785f1591a6523d1ec7a27926e7a39a8de91ec0571ba076aa5f318801476233ed0713c49c5e6871ced44a6bb8117e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    58f6db387d08623708a7bdff046c6956

    SHA1

    67d453b14db818335da82d30d400a5d84172f8a3

    SHA256

    d6f21f4dac183258321ad699cb33433bf2b09289b2cc1758dbb320b06888d060

    SHA512

    ed07877e060e9030c9864beaa75575c4734f1875a8f76a620459f8bd83fe7fe1a931b66b48ae0a149ca439edc3d589b4e3122906a7d8d89f335d7e8456ed54eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    abd8a9224e4d4f097a49db33c9714d59

    SHA1

    119acb063b284e963688e7b2b14fac88554ae81b

    SHA256

    7e496d18f51b72c278d95b70903ab0fcdad43e5965db74298a3550c2eeb1471f

    SHA512

    81a28bf27be300c3444cfd42cef734ae20d3989d3bc610fe161dc538490a158e152d3ecc0e78995385137ac1dadfc7b89a2731d83f1111a900c095c7c2cb8897

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c1f5c5ab5b9a538d42eed6451fcba7c3

    SHA1

    ec94986cc8ceb3074c8241b7a46fc27bc89e68cb

    SHA256

    d246f6a814c7c7a70cf041bf06afc4f512a4c29c12f3110b9392e3cd21387782

    SHA512

    484429d0bb4a0811900bec9c43e9e41c7338fe61f32392563d9b568c480f8707ca78c4271c10d1297f905afa267076165ebd60669efe5ef715f0c4f9dd41d8cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3dc1af718d7b22a0b93e5dc4fd1c0a94

    SHA1

    151b5f46f0986e85247de988d32492d7eaf72026

    SHA256

    02bc53ed81124c6fe349bd2a5eebaafbf02db29db733e8d6fc0dc51514101424

    SHA512

    0049807d6fd33e13ac90902ef255861aeeb23b95dfafd24a206e16b9fc887ead33acc34ffb693e966d45640db02a2bd8d485a5e701fe3012de9284897e34549d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d6b598fd15c4abe5d2fa69e3baae9ec8

    SHA1

    8f98ecb5fc4152acf130efe3815deebdf52d8762

    SHA256

    1c7e22c63ea1205f2e32edde5051339344930f6c61bcb7978f4ed78e9caddb22

    SHA512

    18ac107b549278af6e4aded64477ea30346334b1c3c0571ec84cac987afe268ec6704d856de822fdf3a24c639a10b2aa7d8b8426ab7e87ae13acada411beecdd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ca804e5015eb32fdd4f6315071dc23f

    SHA1

    f70b08721c0eaa0eacf6f349899677ce47923fb4

    SHA256

    fa03c6f658069d1c5c9b47aec4bda295df95d004b4ee24868afec3c9ec314403

    SHA512

    b39a58ad4502737706db8e89c18b1dea668584dfa53597eb916905ece3270cd19ae0417622917a76f83e239da34bb5a65cf78e26c4b639b87c9a9ea09477e59e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    02d1640499b38b257807ed07fea24082

    SHA1

    58d99ca3202e602ed74b65622579bbeb20eda0a7

    SHA256

    ab1fe62b565998212298bb326a1e0051ddab4a66257ccd37e33eb419ba1283ed

    SHA512

    45763ee4a504644c48fd0cb842e352b0b8d4cf50ef4f4f545fd507f377d0b47fcbeabd3c5804a9dada6a754f6efa77a5f90ed2d8820864a679b9492162fff796

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a6558da47d07592b95af25c026ad25d4

    SHA1

    47d210958d84fca56ad6b4644e52992dda0db444

    SHA256

    da2a3aca82d611b27d02b3d8db69dfff104afe74372afb03084af728b5046f20

    SHA512

    b4c71ff016c623ea896e2a3e170415323ddd816f4649094aed73f03a9398c70b4db70d893a1151bd0dbc66e833fd093bb64b4f06760e46c309df7b89eaf77d5a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ee8ecc9c119c373582b44354f2dd3570

    SHA1

    ab95f5c181bca52127d648841d0d237239150655

    SHA256

    2246f9b522348a60d4ef2c705120db4659496bbe9d784454e041555029c54d4a

    SHA512

    1dedba8cd22481f9075c5d281819516e595e5eced80fdffdf6a6db66532ee3329f9d5397e08fddec788ec88a0ce2a72dd697e262be48583254e4969b4e32eaa6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    070e3b30c3ba90eebdfcd622799e0f48

    SHA1

    ee58306ea754a7d4f6518771388295b6958a417d

    SHA256

    4e3e4dcc75ab7b80c2b4aead473c624284174dfeddb8291854a808019d0cac1d

    SHA512

    2c431e62de9441c00b736dd0b4fd40359543459241537c9823f9c2784a2401a2c910d56be94522c2320efa6d9dc36733fe1158183554f3d3c70fc18d0b4c1a15

  • C:\Users\Admin\AppData\Local\Temp\CabEB2.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\TarF65.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b