Analysis

  • max time kernel
    148s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    08/05/2024, 23:14

General

  • Target

    2729fc35d01fb70994780077990e3003_JaffaCakes118.html

  • Size

    18KB

  • MD5

    2729fc35d01fb70994780077990e3003

  • SHA1

    d07aa195723b633c34b36fbc1bc476c5a0361f2a

  • SHA256

    d6b211bc002b967b92cae2d0b6847bc64d903efe992fbbc56e991949aeb1c71b

  • SHA512

    6279e5c743b4dec0acd95bea29779e700da7731a492f475fe04d5b9e8f81154c5659de9a3b4dd571c8d0a0bfa58e2f26d586781542f353a9682ca30229ee00db

  • SSDEEP

    192:SIM3t0I5fo9cOQivXQWxZxdkVSoAIN41zUnjBhvB82qDB8:SIMd0I5nO9HNsvvKxDB8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2729fc35d01fb70994780077990e3003_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2180
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2180 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2148

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d6bcc26e45e2e2615e207841102132f0

    SHA1

    7944696921389ca3f0c9d8edc9fa9d2aa13be756

    SHA256

    1f8feeaa7465d097ab819a632f0529ef098d3fd9760bb0f99de17c19a844c7f3

    SHA512

    a735043495aa8466e95e458e7b83c8087ea11c67346dae3b0ebd2d0633e8607b1e1597699baa0503207748ecf88582c927f60540674d6394cb1226f053f3a912

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7972344b91247ef8e80d215bb3505155

    SHA1

    292346186003146a3e660a1bf70b298c9bc831b3

    SHA256

    38c6905dd508f47410abcb137219c15bb04fa909b799642b3bebe3607c402941

    SHA512

    203d03bd6a3859c82b9492a79c94e93970f42f4747bcbbe2563edf8ff78520ef7daf59807e2c8c098bd3b465280fe04924853b8dce8b2c2dd405c4b256868f50

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dba900919f0541a41716365e24db9bfa

    SHA1

    e9b2ae9ca7628aedd25f5d40763de01d19f96e00

    SHA256

    ed4322e700d3c84b8f00181633f08587102cf815cac99a83175dbdc550970884

    SHA512

    f597dbe1aaa2d9de65929c5b528f306fa12135e38598c9f5417569879deb6b9d962419bc807317b744a6ede4384c619b0c9ac33f69f485911770a4ca0c6b0796

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    934644cd8809c173f31cc35e7650cc03

    SHA1

    4db7d3eba38699cabbac8012b48b991b94e52552

    SHA256

    3ceeee702c1bc0a8106e5fa3c1bfd008c0fccd38ff55c6a24812354426d617c6

    SHA512

    1bc08c33f06a228b7711acdfe8642dd9bca50db2432671b1e06154360fcf4a6e70ec90a82bc950ce64244c190e7fba61b0fd86faa9f5e06d36d263a38b226eac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0236ca174a53b92af1d549f3051bd4ad

    SHA1

    9012c500bbf41cdd2468293abadbeb4c114a1315

    SHA256

    be37f19d7c0866314fc50698aa8269efac2178307ed3c572ebac66d018b15a80

    SHA512

    9d8f106c2709ecffcf2a71feb77354ec054b4b4d2e1e90c52ecbd66764f2782ee4c66e2f2f44abe16fb98dd617e5ad6c371ead8a271639b3d030410a22077b44

  • C:\Users\Admin\AppData\Local\Temp\CabCFE.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\TarD10.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a