Analysis

  • max time kernel
    134s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    25/05/2024, 01:10

General

  • Target

    7063dd810582d6f66e885d2cf9b6c276_JaffaCakes118.html

  • Size

    32KB

  • MD5

    7063dd810582d6f66e885d2cf9b6c276

  • SHA1

    50114e13483fd009331858d4c8ae0de1e177f515

  • SHA256

    4d0d7a1816edb5ec2d4dfd7d167db96502eb38752fe0dd3c1aceca7fd090b333

  • SHA512

    96ff9c3e9b7d134b122924f0f4828ae794fb835a4e56ce7217d225b2e4e518e89dbf25f7f2d1514671d7b41bdafbc4600f8c6f11d02a1f8cabdc549b52e75e6a

  • SSDEEP

    768:scykgTgE9RlXy6T6+L2JW0/ILfOUlGUk6XoFpHlMtfJK3g:schgTgE9RlXZTN2JWeILfZk6XoFpHlMr

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7063dd810582d6f66e885d2cf9b6c276_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1692
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1692 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2456

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          ce6abd63df92cb2515b81b119a004c94

          SHA1

          c9c0d2247e6694667ceb136d63ea5431c5785503

          SHA256

          3c7eed3a37a1d9cd3630957d74b449090ae48725c826eb90c8bca0fe2a62bee8

          SHA512

          d34efb6e2e3b67e4d29697ac9f13ac6665f6fdee2f276d884d85fc6363340798cd63d9c95fbdaffe47261a035f03271855c08f79556bb2dba7e76b16948e7244

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          869f3ae7528ef3505f9e91938ca3c478

          SHA1

          9e37031b16aadfbb52f1aa911748d278935c6937

          SHA256

          18734dcdf5fad8e025773b4d9a424fa345f3d0649014588bbfcedab588f3e058

          SHA512

          1362e18acb567d02390b1ac63d8c39de3c53853fd13b31d443146921f2a8ecdbd4fbc71695779c6ec968a12b4541b0d4fe4da3fa451a4a8e689fe1e38394a9b4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e67f950433b37a5fa6cf2e8d66b96361

          SHA1

          0acc9deb41618a995780cba6af806b8735db4b77

          SHA256

          4342bc0031151b85ca112bba414e460146b83abb9442c63b6886fdacccf174fc

          SHA512

          6e2939111323238532d50965caa1a103fb04f8bef306684af5b04416cc5bffd390693320879cd814100ce292a8901bc18a9784bb8c4f985428177e493975ccfc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          b614d770a3394dffcd0725778a6426fd

          SHA1

          fed673c0b49da050f111941a14a197f0f8a0cb41

          SHA256

          99f682dcf93b9b649cfca1905cee26e1eef05e5768e92deaf4aa36b2f6811ef4

          SHA512

          2577c10cb6516dbb1bbec0ef6ac022ad722cb1bff27518889c405066df9aa3304e8c43a6362a46637897a730e3699933819efbfc07e7bc8e7354272a51d0fb91

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fc41432d4cc1231b49de935e18514f1c

          SHA1

          cebafa37397546b8fd7db690faf9c2c38d16814b

          SHA256

          cd5c8587c5d98108737879fd60336ebd7356da07937ff5138cc049cd6f1e7577

          SHA512

          13ebd39ed46c1f5de734fb99c6427c9c359a088b32c1b605c72dbcfe69e5b7c250d0487da036c6094416141b1783147bd3bf7a04c128e595023216ce8fb44b1d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          c0864515501bc4dcd2e15460af14de55

          SHA1

          32cdf2816965913b547d93688527307b40e14f9c

          SHA256

          9f35194e4d2ebee7ecfde09ca5a3b026dabd6c958539949de2ff6a4998e5406b

          SHA512

          053f179fbd421a0b75c88881ae69e79ae5e0c531e994337c73bf77ce3fb8a88496ec56488e6260a4c7ccbac1e4b237ed6553af4308ff73b7cca35a3399857724

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          61f9a5f645e9ee0e9b6f43ee29f8472a

          SHA1

          aa3e847b83c2234eb1f2c267aef0a92cad0c1ec8

          SHA256

          584fb7cbe1111410c8178802e169f05434cb1782e0636d778724294e2385f187

          SHA512

          7863025832cc80f77634f3e29821b26c2aea7efc0e157f2e670abecf7d1ca6e99cf02a2cddf3df7b5ca49ba90d260113904ffd1cef5a098db08147ccd4febb15

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8d6fe76d0ea14d530f77563b0c3e204a

          SHA1

          e4cbd49edbbf4bb3281d0e57667128ebe685f5ac

          SHA256

          9557a8655ff7094a07b511f0aa16f7d5b70c90b9f713d7426135b35d9f6143cb

          SHA512

          85ead947cce44cefbb60d875384ca0d34f12d30c8718abbf2f90db19c6fefc0d88664bb2b8738860cfabc766acaa1708b9cf5a712e638e8bada6db5751dd4524

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          481cf8e2bf10591e84d6bd9910001030

          SHA1

          445119ed86f7dc90b5e7fb97c97f1f245482728a

          SHA256

          6cc85d5c7a5f53004905bdff52e243c7cf78e3959101fe32717ad0c999d89b66

          SHA512

          afda717d29f886d3c46e1613d7d7e495dbfd2861c1f9085844d027fd186601df7da93be733b1f7c7ba7358d850f84da0c320c106464d7d101f8db1a78db85f58

        • C:\Users\Admin\AppData\Local\Temp\Cab206D.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar20CF.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a