Analysis

  • max time kernel
    149s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/05/2024, 20:24

General

  • Target

    7e48de9833c2ca8363328e37ca962041_JaffaCakes118.html

  • Size

    18KB

  • MD5

    7e48de9833c2ca8363328e37ca962041

  • SHA1

    d891bb4516e809cb53c2fc083fcf1dcf35066654

  • SHA256

    8907e3a773f49eefdd2f4e4788a4019bfa92aee4294afc578e2d5db86ade6f72

  • SHA512

    08e0cb2f1cb14896cb52c5b82de7672f4be1c69552320c5e8762582150e28531b481d712fa9cfd147e1468ba45c272be8de62530352a569d9ae62d050eb632f9

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAynf4pzUnjBhzV82qDB8:SIMd0I5nvH4CsvzuxDB8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7e48de9833c2ca8363328e37ca962041_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3008
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3008 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2200

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a6098c08eeb62df0f041884f488c8873

          SHA1

          2fbc8dd5b95eaf75d6bc6bf139bca8ddc42633b0

          SHA256

          3b0bf9d2fff1ce4c6cfbcfa57a4790d7855ff7a2764a464b181d4b87a2d53c5b

          SHA512

          48219f7d36212d347b0f385b2d01d23e99b26cdd8c693e527380ea49f4e38f6e7ef79cc060c4372fea65b031d50a7c31589c78d649fcc3ab2bcea14d21fcd023

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a9df29626c97feafdf27af229bd164da

          SHA1

          e27160ddd84e140fc5d36fa6914e43120b1ddd77

          SHA256

          3ae20b9e810027d10376621519de8c474e4d9c33e6adf9c757402211e8777541

          SHA512

          26a6742ca12c09d9973f1d27c3348ae0ba584e239a4e226601879d92c3174ef1ced9ff3d83b6802b22b7f73bd99351b07b7457ed6689d0f9bbe1682d1d1f01c6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          a3960b228f91b666ec01d5453669a47e

          SHA1

          ce483f66962918c964c27cd20b37cb4f9f0c54d7

          SHA256

          30eee0f14fd47391ee4e4b54c0fa1933b3f02d1c2f964c18e3bcb8eb995e1753

          SHA512

          0ed6c0fd6697ffc8522e416c6f98a973737443b74e4a1f283335bbd0352bd1dbfe23f6d45a002af73e421bf04282fbffc1b25ce7ea7af9f32e97c819b3bbd48a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          314443b9aff16629f6b1dbf5d1e3cdd7

          SHA1

          1a8c6dce8fdacbef7b62197673879ee25f372c2a

          SHA256

          ba255d0b94d483f9a7de5fa07c4955293e6fe061715bee76c1812963d28c3b7f

          SHA512

          6a7806738c30249cc9a30def3a8cb7e2296ce97cdf330381d7b011a19aa08cb1b9363d25f9171a559d509915179cd56e9ee8339b928dc99f8f86fb1f7542f991

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          e49f1b4aeee604abacc2d7812dbf6029

          SHA1

          a765c8f04595e88273ce669b7ccfc3692ad2fc06

          SHA256

          23fc02acd34ba2df1f283bc815afdd30bc9b54a6914e9b3a96f79da862130367

          SHA512

          86f021cab923766e13ad26f5dc002db5abda4fe95f6c5efc31157d04a8ac9cae0bb687de1a61ce4afc15f051c7db11d8caf613dfc6ecc1f989296cb497a4dde5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          22bacf8bb4b0fa143cbfacf81c2a10b6

          SHA1

          6b47b6541929efe0877342def37819beca9f04e1

          SHA256

          9d300e299f7127b071cac8ccb108e16b4eff4a02d5cdec8baee996b56613f475

          SHA512

          a374b95ba47f3e621ff84cfef535431e7279046767fa94e729e124723af66b59f5e4d56248205420918bdfc607e4f0e8e2a73babd1df7e897748c6bff9454da7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          af7bcc0ec40907ada422e16ffaf6333d

          SHA1

          727221c1fddee0e13db614521d885aeae5002c7a

          SHA256

          006d36e6a9a9e5c3fc24d91aa03740b4dae4b5b4f3c431cdcd217204e9de3705

          SHA512

          966c4abb698cc02e9b4c0ee6f368664a485c1b6e7ebdddbe91a8d4440d6171064e84f6abfbc90ef8552dcec5f14f0caba7f0a7452c7ed1bd8aea0e7c9c3cfb24

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          f12570dcb6216e29fb108cac33ad2b53

          SHA1

          2f6952c63fbd4436fb4b433b586d3be24e5fb9fe

          SHA256

          bf01d1d6a0a13b3779e9415cf58bfc312247fd5519dd8a697ba25139e2d9d478

          SHA512

          457abead4cc7396a4df45899f11dadffcc3a3b49f667d04c53e39430304b677bd8d1541e21725004ddffb2006d29e5f2c09b10aef3865c928ad5761749a5b0ae

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          1fcba83cf0dcf4591d456bdaaf2c0617

          SHA1

          09f2386bc531bcac633fc70c9692188f69f2004d

          SHA256

          973af2f58958629b05c992f3c25edf267b65ac765dbb8e1a956b3a2bb58ff5d3

          SHA512

          e0e7bbaabb6a429094a66d52101d5f47c263e6bb67671c46dbcb85016727d1f0f52e9f796b83121363f4f4feb63595fa39bb28fa7f6e0348c7cbe38343a67734

        • C:\Users\Admin\AppData\Local\Temp\Cab210A.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar220B.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a