Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    16-05-2024 04:51

General

  • Target

    497a7d5dfde1358d92a31bf01f277bac_JaffaCakes118.html

  • Size

    38KB

  • MD5

    497a7d5dfde1358d92a31bf01f277bac

  • SHA1

    c3df5749679b2ac4b2a8d9cd023f5f604e7a20f1

  • SHA256

    d72756e9fa0c25cc3d6af886fe5a59a3c712badabfbf6f7be4f22d75d0f7080f

  • SHA512

    d2ca480e3affda21493bb88960261ed447b2556304b7a1eacd8092b547a43f980e70a6072fc89ef64a9882201f69764b01edba09d569cc1a15a3f0b0375fe7a0

  • SSDEEP

    768:gFobf1bVunb2vbyHCLE/F9bQDEPYwvoGe201JU4JxYAX2Vct4P:gFoZpunSmHCLETcDEPYwvYEWZG+KP

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\497a7d5dfde1358d92a31bf01f277bac_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2196
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2196 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2512

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    11f9c0dbc2cef6c2507d6f10a998ab9d

    SHA1

    245d81663cb9af3f53a62e73421ef7884d32d7c4

    SHA256

    62ec9d2a329519cd41137347a87e538ca7303b7ceae8f6086430e88c06cedd1d

    SHA512

    1f134ec796bcc8a1e2bbb058d81753e3acbdc2a64af36034bf0db0618c89325a9748c0743dd488f6a4e880c0b0ff54fb9eda437f197d1f45f42fdfe03a1f9939

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b7fee895dfdb04ab75748bff057ab5a7

    SHA1

    3dbc74fac1914b2e5e33f1814a048433b59935da

    SHA256

    25ff4cdbfe053c5385ccbbae30c9269b77831540f6d58d60927221c329cefdf5

    SHA512

    f2a7301c1ad1f4061614c2bbc0bda5c2840aeceede4bb6318ebf89a81d61fc119fe1a723ad153cd1410e07c647d5547afda58970bfb1cb8187acffe19b624a92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    699a814661088420242d460367b038ca

    SHA1

    954980af35cc490b9699aead93e5922e9f4fcb84

    SHA256

    7c094a0a47c40af67ba7281a04ab5ac78621bf79b09b13974de225e7526749c1

    SHA512

    7c34cd7ffa2c4d3f90814443d3c51ac3322cd6a4447a07adbe94eac3b1728b90aefe7b4730df174d92587e7d2c7d5a20587a8400857577421ae7bcaf1bbb0df9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4b93f915e406208f4fea5743cb9d3f60

    SHA1

    0a98ecb14a248e3473887e89364f945cc1f4ed82

    SHA256

    82be5e9ddba3b4d4e6bddc0256fc91d421e310886a816e7d36f9c8ea17b0e9db

    SHA512

    8746b0ea5034684a125ad727ad63955b83edf625b8cd085ef7c9bc54e51e50870c5af78f9bf2e84f023c3a2297bdb6956bc37ef4180738d4d33c0ac55e2b27c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2f37109238f5018ded46154cbfb9ccb2

    SHA1

    33f406ec5a89da196eb3bd1357f659c1e3240857

    SHA256

    91f333897a46cb226b7a05a8cbc0f9a287f513ed9dce64cb32e2dba9e6520b78

    SHA512

    3a0f77350ac3c5b1afa521844a37ff7f7e1144f215c13d9a503242914b7fc08f705d8fff63190f823927bd641146318657185510e5bc2c060c08814518e871e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    91d9a3bca0f159c92632fa9a6588cd2d

    SHA1

    d29d4f568725daab78aaa3430418dadf7210f0ed

    SHA256

    35fffbeb9f00fa38c15e1caa2744f61c0c83b010bf9add70ad05a02cec46beec

    SHA512

    4213bc3a5d86207c56e51782eba700e3d244396888b6e90370fc17f815f6ba6137d1b90598085d9b8774492bd5d3e60b7560d8f0329afda14ffdf1addb58d450

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e1275edb7eac5977249f660b778dc3d4

    SHA1

    489c4938526b933a6c771a471028488f56abf07b

    SHA256

    74e7a42f84637d5bf6d0b2dc7f84c6e722523e8d389333072b5cdf4d5c916e5c

    SHA512

    6ce030c35d05fab3dc3b943165d348342980ad9967c506006186d135455cfad7115124b01fe5a9484b8317408803fbf228ca77df65658996bc596a176e39a0bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b5a57209cf5631c5342539650b2dc6db

    SHA1

    1da7530ed3b0e76ebcaddbab5ed72fa206a88f36

    SHA256

    437348a5a980adf0b973dcc5e0bb8c202a80d26323ea63f8a45823d689321cb9

    SHA512

    0b02cacd5238f0b153f3c47ade9f79b860f70993910628e52b88c6cd5d54fddb9e4fd75d88000ae5b1836de40ea169a02d9621192eb56111af772ae9a2516747

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    38b424c44ef9dfeeb78d502978b2661e

    SHA1

    1cd628407030ea6fc7bd9951cb508836f0b4fcf6

    SHA256

    c4094757a8fe5d5b98092dc16b67b0ebbc1342a5099728ae64b1077541180ef5

    SHA512

    71d504d513c96102f889015616b7e4226c25cf21abd76ad7bd306e742404e4b55fad2f2146e5381560aefced83bb10f8ca036d56bf336c7670fc11cb36aec678

  • C:\Users\Admin\AppData\Local\Temp\Cab1E3C.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar1F1E.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a