Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    25/05/2024, 01:10

General

  • Target

    7063d128be6e71612281dda14949bc7e_JaffaCakes118.html

  • Size

    22KB

  • MD5

    7063d128be6e71612281dda14949bc7e

  • SHA1

    d8e0ec764a109bbd3cb4d20cb0e3846ef0d452f6

  • SHA256

    90d0dc3f9a0493a22a1926d07dbf2bfc2b82076f08a3071a29c29754c320765d

  • SHA512

    86c037ded5b36113be71b02cee83bbedecb2242e4742e064605ab08e957d3adc6a0cdf9859d0cb7dd8ca505512a081659f8e4a502ba004ee75d9a5e9be02b996

  • SSDEEP

    192:uWHqb5ngOnQjxn5Q/unQiedNnNnQOkEntKonQTbnZnQ+CnQtZwMB9qnYnQ7tn6nu:1Q/S61

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7063d128be6e71612281dda14949bc7e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2392
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2392 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2604

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          5ea1a01c3f6dd36d5ff586ffb3da5c7e

          SHA1

          ccdc1102d45c52984d38bcef690e63a81b906f09

          SHA256

          b1ad19108e9e5ad6a3e67a709e83f5233735a0d6f76327d8d97784bc51125422

          SHA512

          405ffccc1f4207ccad4b5f6e23547fa530166a5a79e08b02190cf2825a26de9efb3544b1857ea88c07a6f2248b6e349bb3e9454aadd380bc0d62ddbfd0113473

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4d709a5a07b32d8370629dda29cf5927

          SHA1

          aedcad220d25853a7ff49620bdc7a49dfb97d4aa

          SHA256

          3482e5850d08ad88ce0e9116d058ce765be80fe0ba804d326049a951c69fd187

          SHA512

          bd422e2a808b5a40c82dc568904e05134fe8673cc993a87819196f822fbef484cb92b5943b7f7d23769056806179746e5bcdb4b4db520b6a96445cfef130f896

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a66717c12251c7edcb72d4011fa5301a

          SHA1

          5fc13d6472507045b03287583c5945e6857ad6cc

          SHA256

          5154f64f93dfe497425f54fb13b3b7b09d9ec87993a0aa32be6d7804b00aad31

          SHA512

          2e9cdf732c3c48c2bcff2df93e4b85593fba4d2a27aefb8813145de2668b0ae89a52fc32c0f601f4f634f128ca80d5238870162844bd4295db70b3153b617d6d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          143f7d5b595c999495b7d62bc7b4998d

          SHA1

          62619d52c1a69cb0c49e3611c516bd123c058f2e

          SHA256

          25844740c0f1b1b9f947723ecf2eba8b104b07421e8cf2cf1e4cdc2e9c15a000

          SHA512

          a7ada301b879e71aa1141246ea340e5ab87e8bb137e3ac51a5b97d8a053cda2c6e0e4d7a761a76066596e0ce9ae08394c65f882a8cb2fe3c8abbe22d0eaa0e21

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c7e0f68d58aed51095bd4a1d0a79b49d

          SHA1

          41d7d31c7084b2087ae759d41dc09fa2b80c5f42

          SHA256

          4e00361936a260498c2937f32d734dbd7f4ba2b564ee8bf888953618e133db38

          SHA512

          0e50ef14a1afc232546bfa70c5c2458c5212e8a2d8255e3510445793c0ab692c822d9237625c4e99341b9f54b7780f8533063d3c15f4a93bd1442f8ced0c6165

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e4f960470ea5503e32785479e2afc854

          SHA1

          c6f3ac3944102109729217e5ca5cc77e0a55fb57

          SHA256

          9f868562dae429bc161d79154afab43712b48f773b3e94d3d06e1870fd3f4aad

          SHA512

          5c4c78dffdd0c91a1e5e957f25fe0ab3a08bd68208663f238b346f26996fc4472f2128f93d02dc06c794ab83cd88aa1e415f0494fe4eca498dbe856444663ced

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          4952bf5336e0a42774bcb6cc3c4502c1

          SHA1

          529021ed479dfe7eb5065a47648ddda000071879

          SHA256

          67cd571eca3091e606f2bfbd85cea10ece24481a3a713d33a90a0c205a0e3e23

          SHA512

          74d86eced80f3bbee7af99e3323ba3f51161040fca1bad0dfe55348108146d3b402901cef1f91962d7daaf5822bd8388b47344726aacee9c81938771d16d944f

        • C:\Users\Admin\AppData\Local\Temp\Cab1151.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar1164.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a