Analysis

  • max time kernel
    150s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27/05/2024, 12:11

General

  • Target

    791c08318e470c9a2591da580c33ec8a_JaffaCakes118.html

  • Size

    30KB

  • MD5

    791c08318e470c9a2591da580c33ec8a

  • SHA1

    626aa5464bc14211809e5e6d149ef3c75c265e78

  • SHA256

    db97d8380553fc66e423252b3de2c41ed0001217f0e522870410cf3bedf0a029

  • SHA512

    80d89ee295aac5b9f0d3c3522cb88ba1a4e25d968adc03fbd040a0c1fc94cd7c56e268fca6eeb40f14f2c3f39b61a23b4e1017d909752fabca22871595ab3aeb

  • SSDEEP

    192:uwn7b5nT2nQjxn5Q/rnQieqNnBenQOkEntB5nQTbn5nQmSvx0U1DTQJTWUZxyzJW:RQ/HxAx0U1KEbOCA

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\791c08318e470c9a2591da580c33ec8a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2956
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2956 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3000

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          252949e825efa7ae3e0d992b0d4f4af8

          SHA1

          ead61e19443c6ed15f4e18fcb4e6d6b942171b65

          SHA256

          cef84ff69cb073bac0888c93227a8f364061a8e43c2b76e8c0d1cc5b2624992d

          SHA512

          aad6f11e996569c1f4bc56b3cd892701668df3d78577a361f7e363928c7be547d88b98e2a1d6e1bc3ba3195f39d8bedbdf99e5778fe67fa4004a6479c2b99458

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          08976096605ccedf2f745fb7ed0121b5

          SHA1

          eb34a334fc68f84009fba298dbe16e79dc485d9b

          SHA256

          c221a1697bcfdefb5296391a83ab3b7a200b3dbf298f4a8ac78b56fe283554e0

          SHA512

          ab758e792399db1ba5a6c77f33934ff19f1799638ca14223f30acd87a88fba7b4e28c56d7aa6f872141610f2671287e6aced64af729546c17b033f2b098c0bfe

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7c0b9cd5e05f79237c2822627bfd491d

          SHA1

          15256b8c93611f83c8c56fa0772ebc1da2648bea

          SHA256

          299feae129fd19786587902efe98cb4f85402fa62c9d84ba34f342719dd9f1ab

          SHA512

          696b093447cb08d73dbd31e4f36a85bf4b745dae9281ee45baa6e69ba3c885a12f4d6622d164fa4d48e0fb24d18fcd7a2cbfc71014b9c9205d48848ac65aa84d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          15b9988b956ec614e25e37f59111b28d

          SHA1

          47c726f93df0b4e31c1d7da4f4be5269f2742258

          SHA256

          e38da86092b4c0bcb30a53edac388112c199b2f8a83738c815fc8e906a2efb51

          SHA512

          b8e6ddac5b157295abc56ad8e60c96c3285f98ddb790e197e3f3996f31e398c42ccf6693434efb4ace1b7aa35e2596a7e85ddd16b969040baa0e716c23b1e24b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          30ba4ae0042bab32661e82fd7fa66b18

          SHA1

          0cd05cbcebd97e59cdc115eee72988cc3016d930

          SHA256

          b88a5f53fda33bf237b2c77007b560e301c3464a4fc60eebbf37eb7d66bd871b

          SHA512

          286b820f45b1109f91d147f04327bed0d609c4bc7a82014b650828d1df4daeea007296ad7d5a68e3eff60479e3833e201b777e51c213c0239fe131b12b4b5c2a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a29803608d4cb710b90bc04d4b2f8857

          SHA1

          45cdfc61214d245deb45a336cb9aa7cf684ded09

          SHA256

          1bbafa515d32c538654610f04f6563ecebdb0943ebe0483138c4ce29319cec16

          SHA512

          a0cb51cf2c6b29e8f9503d6d0e62cb92f44f56b5d7442d78637d695ea05de55d68914ef04e64f8522a1d9bd4dee5aca93fc89bc2e7536604a3fe53eb2015d2c0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          fd002795a6a9b935bf511b447d477cd3

          SHA1

          d25d6af098310b3a0d5444b385964760f82dd2a5

          SHA256

          dffdd2b3a09fc60253f2aa9acb184c966d1e0f059555b52b0acbd4ac2e3a778d

          SHA512

          cee2b590b3aa6742ad32969b611063c40dbfcebd1d8e884da108fcf40dcbbf7cc2e1718644872855d1e880adf069b610a98547fc28418b101113504530ad41b2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          7db7ed0888b3c24e1c0e34b2d6e8ee6a

          SHA1

          182a3f0d566ba4c771a1b3ba9e068b11a2691d3b

          SHA256

          d11217df73e225f8eda7fb11332cb09b6e66bf3875c24b4a588dce8a42278f6b

          SHA512

          189c17aee00fb391cb87c081007e169004cddf80eeaf1e98a76624835add2548073e71d7f0090f98773b2b3a945b1fbd28845f07831bba815b0876ef285fcbf9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          3f0d77db923bedfdd7178285e5d586c6

          SHA1

          0fb65fea100744db857436e0ec4563daebaaf210

          SHA256

          822915d419fed5bc4c9649c26969a180e9ab75bd4d9c9224fdf175a22b2ad359

          SHA512

          41b1dd22ebf07a877d8aacdbee07f5427b186515dd3b00c6bc841776d2fdeaa917b2c782a253a8e99a194f0b7b8626a170ae95dddd8efc392163af83a36bdeaa

        • C:\Users\Admin\AppData\Local\Temp\Cab9C31.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Cab9D3D.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar9D72.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a