Analysis

  • max time kernel
    149s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    28-05-2024 21:34

General

  • Target

    7e7a94cd8abe6329334d3adc8eea336c_JaffaCakes118.html

  • Size

    29KB

  • MD5

    7e7a94cd8abe6329334d3adc8eea336c

  • SHA1

    0679f17080822f4b020ca102fed7dce80a258369

  • SHA256

    58f17b88c045ef9d6733c9a4c6139bcc3a96524518d280ec55a57b014f7ec737

  • SHA512

    e199e2d550913228876b03f743b879df1511cf1cd0eb56162070fe3ca311f02efe647b2e7afd7d6ea68d7975a30ee9800bcf48352e62fbc8bfe7d1f0e8e63be2

  • SSDEEP

    192:uWL3b5nwNnQjxn5Q/7nQie6NnEnQOkEnthFnQTbnBnQjMCvAvH+OhgamdMZR9BLv:BQ/mhM1xZ7BLP9QjfkiscNOf

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7e7a94cd8abe6329334d3adc8eea336c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2236
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2236 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2548

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4f1575cb7c84b4d2399d1b9546c3bc05

    SHA1

    3b71df531c0403ed618bfd4212a889cf0dc505bb

    SHA256

    a5eecd24fb902ab2e24616c50f556f89377e217255c12f88d821d9f38bdec40d

    SHA512

    0f7499d55e2d5761c6bb0e9a99367437c92e890141860e12556c0a092ade71853f3fd1c8115e455d1c41f00039b0e7bb3d05a07f134c48e007ba77c94d1c4974

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e458eff6c7fe698bdeb148c2b90ded82

    SHA1

    3e1edb531dc6f9d2375916247019b08fa56a77bd

    SHA256

    61a637f03f44035707f4c97b04d5a78aeeea223f6c90537469bce9e6369c7760

    SHA512

    04ddcae5c5ad8bae92af2b8b6b5d5004279660ced5aa4b25939af3e209ceb1ea7e5fd07f0ed83c3c9f6a9ca1148c6bc1a544ff1e8bf5bf39c6bf53f97a1153b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd6d8f9de6cf7ca47354aec491ecd705

    SHA1

    efe23969ba467ebd54162f2ae90f437f039162e4

    SHA256

    ee2b9168a3087212e536935b92dcb6ec1d5f278eb26c43ce83da6bc84a414b36

    SHA512

    bd02516b0508e7de875ed60ac020e41834eb3cf2de14c025457be58600d33b1bd6ca239318df5089755a9d0adab25cd7a4b21af9b5402a0494770c7c3ad2d709

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ea5d29247f25b852f006b1907155f3cb

    SHA1

    c955438451145141c143e25d404e9459e7da441d

    SHA256

    c6f0be7ea7f532f4ab8520adfdb4b7ad3b3175298940fa2619e07bf7ebf985a4

    SHA512

    680bb488ac1cc5efc6e83731faf6be204ae073c23b3fcec590e52eaa1c48c36fb19cee92cf627f0ed47e4d690b874e278f076e464b31e4ad957759d1fc51566d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7e644de0520c03d8eaee09c1e3eea680

    SHA1

    57dcfa815fa14bbb9a356e9ec434d63c41da3124

    SHA256

    411938f579bc385822507476a4f16cd6752403d4e5ca8ada54ff9e310db838d7

    SHA512

    1e3ae8431e172f5394ce54ed251fa8eddc069fba1e6f9528b8992dbd97cc40ad15d6313888d8c3ce99ef7bd69a9af0ac919879ecce792dc7dd124e3c1e471653

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0b3c8e90cbfedde9ab234fcf18d5bffb

    SHA1

    df187b9590ad1af50d4ca05c7f5a706e48e4c344

    SHA256

    6420467764bbf49940e7304f6f8371ca96dae1e2fbfe9863673114c94238454c

    SHA512

    5e31e94fd05f075fec8ca91d1c88d253cf6426ef6c0f0f483b89af8c03145b930652b96a8a118d49b102c0fb54813b015b7df3ca499db5be36736fa543d66c7b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    949f5e5704f4bfb953438e20ee80cc47

    SHA1

    ac70c4d4d791b39d715983ca9d1fb12084057d8e

    SHA256

    f15e096c62eb548fd257a40add1d3c7ee25947ece26fd8227de6169c37211bfe

    SHA512

    1f7738b93e4095c02c702d38cda486096139d7736a0f265cc7a9ca56c0b32a993c5a010e29c6189045a859df5bb55e26793583c9a347e0fb21b8c633671d4940

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    70695632aa521ba98b674ca006e0b47f

    SHA1

    65b4fca3b574ce059ff7402fdb65c3fa189bb348

    SHA256

    7d01852084e269ca64b94ffc838e4ce546e28532fc5a0badecba03a139b8ce63

    SHA512

    d1257d8aeae5ac4417773e3dd85dd65579ffe98522b580a247bfc67d1a35095107f67e5783ebfefa97b3fb85c11ce734ef6866bfb29f02ed5af5f80f6703085c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9e1107e9ed7261affbc22c55f362a858

    SHA1

    b82e4c81e6e61f18a7596a44f3c46fb534435686

    SHA256

    5be9f0edc90ca24844d0be75891896da422b5b685e2d6089ae556f07d9532307

    SHA512

    dbc6e10b08c44cd0e0cb2a8d677429123df745ecfce0ddd52e5300cec0760cae52b89287819454cb41f37d96ef7be48a217d1f3373b35ca8d84955e1795d9d77

  • C:\Users\Admin\AppData\Local\Temp\Cab688.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Cab707.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar71B.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b