Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    02-05-2024 14:12

General

  • Target

    0eb86370fcf661a8e1252fee1c1d68c7_JaffaCakes118.html

  • Size

    19KB

  • MD5

    0eb86370fcf661a8e1252fee1c1d68c7

  • SHA1

    95e561ad653ba80fab7ad1f6d1908f39e9de2954

  • SHA256

    aefd8475e1597532349310e08290221e0bdfe2affd555c69a4039289d1cc09cd

  • SHA512

    5bb6172abc5f9d35990e9cd8130f3a6b0c1eef823f9275a3a42cdbec318bea76aab568c2d516bfe506fd67d8d33812aea89f08dddc1bef364e47e2f83c91f5de

  • SSDEEP

    384:wSgeilu46UFtSu+542t1yZrP/TH5UmShb+y:2u46UFou+C2t1yZ7/NUnb+y

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0eb86370fcf661a8e1252fee1c1d68c7_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1256
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1256 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1696

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ac9e1b930af64aa0d9baf5785662330d

    SHA1

    68418082a7b70742ec241bc63d93e53b8227973e

    SHA256

    0b7ed8a0a766b0ec4d7e9688771524bec66b16d3fb83d3477177a2c8623d9136

    SHA512

    e838a01d142a049531170a07fa4810b24aa12a09a44ab37b481cfe3465ce40449562771afa0bbc79f85f3729f1b1d5da6be2900cead5dda996a89a4621eb4df0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1e3a1d1743f743eef2cfc5773f4947c7

    SHA1

    698061a23331d03ce421a8188b1c2324eb57371d

    SHA256

    2aec476d9747d6175d8d5b93dc02a048704669393ee2305f36380d374735d681

    SHA512

    12434e1a55b2ef07bc4406f9fbf67bee254e9237d57bd1c870526cc3f40a289c6bdc510d0719da9f8f2a59a32076d941d4ef59c6f3d298ad83973fc7738e19a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    504539579c23a7a23f6820df0a407584

    SHA1

    74f9792fd93b6cfbc42d472430181168d1b25243

    SHA256

    69012945998626e7ec7b3505a9b36327066552b31d781ee87748bfcc974d753c

    SHA512

    876d6dbc6a654fcf52541f5a7145f6a96b9c89a3d9a1959f90cbd33947decadd700fe518aadf2b7b11ff3f9f2ddbf9797a9523897bf4d91ab721321bce40397c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8a661ff9598cca51ac44b2b0a5951c38

    SHA1

    6bf05634f304eac989136ca15dbc501c84c463bf

    SHA256

    2914e3f0a4a0757e39e6465d8e2ce3e6ac99901f527139f3aba823417c7223e5

    SHA512

    ae038e55cc4185fdfefc139341bc3ab1cb8499feecf269c4879b3adc991b0aeb5317520e2a62e6258973d891dac284b4633a23831009e5b564c5f3232032a334

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1b1ada2e5f91f0e64d2a5842c7c6b644

    SHA1

    d75933cb285facf0b1d5787d3707dae7c744235c

    SHA256

    c645ae90b41e453890218cdaf741fc239b110f2cbbae71932745027ccf5c2f7d

    SHA512

    d4282c8acf2b935bc5e2c91f6385734854d3351f404cec876f85b1c875f637973ca4d193672cf7671556f5d2f16deb76790cc56ef6b6db43550a7161dbd126ef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    37213ad05fac2e7c2c2fce650876a123

    SHA1

    a28296e2ace0bf4f09ec4e5e98b61bd51bc13c20

    SHA256

    54a7aa3d4fc4d8c6dfa540d4283574183dd749eb3656c9217921f60874f49e8f

    SHA512

    42122b4fce9330233ba62e32e0aad4469296792fece5d683e1531f05d60417af1f34fcb0da2379ecad14708506f5b366c97b6ca06997b4afcf3ed6d9ee95ced6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c3a4533ea673ec32335bea2578bbd9da

    SHA1

    bc34065235975d5be8ea2637ee0bec2f18ce10ed

    SHA256

    cebc344c026468c43d14c954e1859f2ad496f79ba26190639fa9c3a5194c51a5

    SHA512

    867584085637dea32c649da65121527691ec2eaf566f684763382ecf5d974ed524c9a4ab47e9c629845c070fa82bb0c9b6a1db47d27b1483768791915ad696be

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2664e239fb1db9071ee608c992458959

    SHA1

    6561ed6bd10c40559bcfcf76159150312baae8fd

    SHA256

    6df53e8323352300d1a556a86297778c5908aa29b73748c62e0518169a1bd440

    SHA512

    ebc09a1271475175c331a4615d2272286e05ba45ec0048ed66ad2a72d84826630ad0af6e0a52e4dc79dc284bcf13b0b1e650ce1cc7a520bd054c952cb261fa3b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    877155e09c197365057c1e083b942332

    SHA1

    9a0a1461026e5d8391eb575c1114a18dc5f42f88

    SHA256

    bc99f921e4f1948c95946fa94262caec560df48fbfc693467a6105c642f481b8

    SHA512

    9eb4d8be99a105b102cbfbc7ba7c175a5f6a183f24b3665bf88aba60f0dcd13baad2a3d2f06606e6c6498b228ca843d644402a55fd27a99f76f65342778708ed

  • C:\Users\Admin\AppData\Local\Temp\Cab8643.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar8724.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a