Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29-05-2024 00:25

General

  • Target

    7eec98ecb88f78b25f01d3895035347c_JaffaCakes118.html

  • Size

    25KB

  • MD5

    7eec98ecb88f78b25f01d3895035347c

  • SHA1

    8d387a62ac4f2677f802542a4cf976c64cf6a48d

  • SHA256

    4c74674bb30cdd583d9125f2766696fd36142986dc76b8fde983d5276aec9e82

  • SHA512

    d6458984f1e386302e229d782ff18e91abec70a9c8109a822a46e3d7c27527b4f6708aafc92161e65531f2cb06ca9d235229fa10172657beaad1531de3413035

  • SSDEEP

    192:NsNoPeCmb5npnQjLntQ/qnQieYn9nQOkrntw3nQTbnUnQEYqCuA7pdEgwuXMEnFz:SNoj7Q/WKKWX

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7eec98ecb88f78b25f01d3895035347c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2192
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2192 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3040

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    df14d904046c27b69cb3b70513e8b7b6

    SHA1

    f3116f435c77ae9f0dd802437ddd70f77edb09e6

    SHA256

    5ce0434088f0daa274a042a4506e51c11d05d5707c7d1943b76b68cb648269c5

    SHA512

    7256ffd7db0f273f1642e65efd9ab875a0b89d61323d767e4b13f1788f9cc1e963078bf271667ea08a7174a7cd54a47bbb91109932d925916049dc73d40c7614

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2dcb5b53a6192dc8539bd61806f00c8

    SHA1

    5559e930a671da48c493e2b2d6d902ea7e605ead

    SHA256

    1a308bd983f361247c132150eadc7c70316915a5cabbe290ac3c5e938db44ffa

    SHA512

    89fe9c41f68b0c89743cdc29e61132a03b1b21bccea99fa5dfb0065b02bc0490ca73874492b9f43adce9bb65a9caf87f1079d0e820a311737c9cab111867455e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    65ddaa24e9fadf1380afbb3442d44473

    SHA1

    29ada75eaf29c901477808043b42db4e5ce587db

    SHA256

    e69643799dc249db45bf262347d7b38bde9f6f76ec6fa7543b8fdcfd38aad814

    SHA512

    78197e2b556e47abe07161109acf5eeebf0cfbf81f2521bd47b1dbe3540038e11fb69c887efcfd84f9b0c051c13f98345d257f6f6d3c70a75ad1bf817afd214e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd0882d8f965e8e3c6521ac4b681a4f2

    SHA1

    c214432e7240c693657ddb91399c5ff094cdc76f

    SHA256

    c90a7c7123c8266898f74e5dc20727157aa96d69911d7d6c6a559e6ecd2b26f2

    SHA512

    1215c30128f74fbe32a450caf7bd21656cf396d7ddf8d27871cd3cef4272e2517e3482cd4ef428004d57498b163d6376524517965af1bd7f204ceecb78d03837

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0cf6bf4b81afef22ecefc9ae0c2217d8

    SHA1

    c3ea63e605b87a3b7a0dc2b57225ef22e0bf168d

    SHA256

    a65342e8d5b9e87c8a61d162ee994537f7fc0161e52bdfd977551be20a184843

    SHA512

    36630c579773674397dbca7fdeaecd174c584eea0b67b5f358745d5e9d25d4f81ef515c10b5c96a6a3069b9c295badef6a695495a41968166d38ceae4fd95bbb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d7cd4509ef4b5966ead29b85ac868868

    SHA1

    ca2da7bf09268d4b42a4bac4bbbceb8fc661b8ae

    SHA256

    46d78c245eb498a5467c2ef28f40d6e3129110518b1630bbff64e553596c472f

    SHA512

    06cfc826570b7029d613ae56eaec9234e9b819cddaa9e6c530d8f56b3acfd2320b7f4f12b24ca138bda4e86881554cda0e26832f33f1be993dd3b57f359f35b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3e214141c136101a7c6a14058180a40a

    SHA1

    0f905588c10f95ad17abf8d1a2a85c4125dcf316

    SHA256

    b6bb5922126414794c090e762e3953e0ffc1012ecaadfe222f7d941f348ce280

    SHA512

    87f36cf6ecadc0f1ca2fefdf47c0fb71236f266d617f203cd49ca0a52b6ed94c17656d257adedfbe135b12d6703db7aeaec17f128e6de3c579dd4f9b01d3cd61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d7c9e46756c74a02db777bf945ef0feb

    SHA1

    bb92c21064232aaa011fa37f7dc8789f75a5d7b8

    SHA256

    dd236f81037a8c7716b03e3a4f620dc1a63242bdf0b82081769d230c0752ea43

    SHA512

    591d98eecd1e41c56a551fdd845a7fa74cf25dace19e0d1d4ccb7c3e443f8ce0b783597ef23dff60ee1b0e73dfeec6f6cc14cc79cc1067b85c28496de7dbac90

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e9a1b9ab5294f355ee73bf956c8fd4f

    SHA1

    badd7cac8ed8d00cd82acefafb428b600977aa4b

    SHA256

    70a2935a34f5ad97ba18bed0e16694b954c24ee49d5a435ebf2140fef7ba92ae

    SHA512

    83c672cc719d39528831adc5961548dbfcc2584c0f832de43bf156c45707c26895c29826a59f309fa5648d46cd5522a770da4157c15c8995a35699faefd125ac

  • C:\Users\Admin\AppData\Local\Temp\Cab2B37.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab2C14.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar2C38.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b