Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    26-05-2024 04:18

General

  • Target

    744d2d95e4b7b238b142fa3bcc9f91ce_JaffaCakes118.html

  • Size

    23KB

  • MD5

    744d2d95e4b7b238b142fa3bcc9f91ce

  • SHA1

    75991e8a6661e1384a26d6fd39bd46f5119c3bf8

  • SHA256

    577c51c7149c37c9be4a4aec097af5ab0679ea9ae7c6429e978ca384fb9245ac

  • SHA512

    bb3ae2449d2dd39fc340c510cb28852a6e271d392453d7e6ef22a6e041d8d50e2ec690408e84d2adfea46e50842e21e97a193b9c4e41efb42d3ef2dca8bf08ae

  • SSDEEP

    192:uWfkb5n62nQjxn5Q/RnQiekNnPnQOkEntrjHnQTbnxnQKCnQtewMBEqnYnQ7tn+C:LQ/xReC

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\744d2d95e4b7b238b142fa3bcc9f91ce_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2416
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2416 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2596

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7ad88d9b0d72d50e63d78cc9d26ad825

    SHA1

    56c806d541ce4a5637a79b4e50ab77ffdaec8e9c

    SHA256

    41304570c295f1bc84dcac65d29c6129c3b048d1d40d5e9e51fadb90ea0eece5

    SHA512

    67fd778b6b8a12dba38a585149190cf6b251d2eac10e509277c8c4c9fce4c0337724b846b9f3feff135cf400ba987f364da317c012a07f6781dbf9dc66671352

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d8b816c9287341b0c09313b283fc427a

    SHA1

    6594afaffae7e612c0917f22aef1fee54a4248a5

    SHA256

    9a9d67df0dc5b9b455e1fc01b87da0ce5c924d54595e3fee76831122dbafa04b

    SHA512

    8cd25fb49e26495f65e252b47c29da9870f37e3cf8b5a81b46e62066f771d8e3613e6d8869675bb57a4fb3266488cc3ffbadb4398e774c195a1c556310e45724

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ac69e77299019ebf9a54fae62a1525c3

    SHA1

    10c1d63e63b4c6afee59b4c5fc779f1e302f44b5

    SHA256

    e3e72961ac986f39a1861f7cd6b5f81c350c5f7a6b8a7fd4c899a1d609dddee6

    SHA512

    07c7b2386fd5b6f31e8efff33e9ca3e1ef1038f9328c22baf215c11eaa4631112576af2686c312ecb4684f6f69e25558883806be62c6b86a2915a3198c5942d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    160f5ce8381ef80308c885b43c760103

    SHA1

    3903534080721250d92492d3ea3552f36e2b1400

    SHA256

    6b126d04cc701202097bc17ecb1647644a7ec779d5b3f0b4abd6484505854db7

    SHA512

    76f7f9bb9879fa663642095a5672c15cc3790b0225ae7eac0c8c844846a34789dbf89287323a4fc6c28b7eb30768e9c3def34c156f840661439ab4a5803d42eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c64d3ca42f49236b0d874382dcec0df5

    SHA1

    7c3bf2b0c92e108f1275d4ad0a632f4aba0da053

    SHA256

    6fe2e60a6b8df26fe166f11a4cf072c836a6ace81142decda3782384a125a3c0

    SHA512

    775ee2c7089c0f44262af4844318fdb1864519ec24e4b9c438fdba5dc66eae65d2528449e6b6b939c808bdd4fb835474c25720b79f532daf4b6f02c9f8dd7f89

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8da4b2a8898f3799d38b41d6a0157302

    SHA1

    cbf7eb15e010c209ab4a8613f2664c5ed83a20d1

    SHA256

    36279ba215101ee6508a4fbc62d2cf6a5b85738bf0b2a96941cbc2d747c9baa9

    SHA512

    65a2fae67bdce447560478f0fc8756a41ba2a2767678e29bcaedcc5319b92702ae37a0ed0246ed9a77620c68a2f1c62eda033d8ee36119538a710bbf629afd08

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    84d5f03d2fc8c1eacdfb7922a79c4578

    SHA1

    778f775ac2909a8866826662d9abfbac5d6bb77c

    SHA256

    2b0e1705b9b9fdd461b32b5375a1e9c97b6359cff448741c856cb6a15d26c30d

    SHA512

    f37041d54d276ce3874285f2f7e187181ce5e72defeeec0853732a71d47df3a1a89a3ba487a1de8b1694a4a6098e3b438aef9ec5b8b9aadea0791a2e1866d24c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6d572d5de0a6357ef64637dc1d262f7c

    SHA1

    372e0ffdf1b7ff0e80535c06f51e6eb8a7ebd154

    SHA256

    20fc1522b6a5a9b9fa91ba12eaf2e43212e0a4efb766d7663a6969c93f9ac66f

    SHA512

    be161cdaf2c3cc67b2f5905377c003cdefe1583591c14fbf1a64d31f2c82611b20eac2789018f507e867db34af2fe753bb2e8cc6883845512541e7bb0e8e75b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0ecd85f13c670a11d9af0eb1d17c680b

    SHA1

    f852a3c378868abfcbebe91234d4108aad8e4625

    SHA256

    b8932be0ee77af0a85baace0368276f529256d9af8eb5a40c292381ba89c2091

    SHA512

    8a4f44534b6ac02893ed18c41c113272714fd7aa847350ea62efa8025c1b799eaa2d7cc7f4b2a68b4e9cb8e7a3f2ae05d3a77765f3c68a825aa49d89ea2d5ce8

  • C:\Users\Admin\AppData\Local\Temp\Cab1FE2.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar2042.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a