Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 15:11

General

  • Target

    812a05577ce8724be824cd4b50a9518d_JaffaCakes118.html

  • Size

    18KB

  • MD5

    812a05577ce8724be824cd4b50a9518d

  • SHA1

    b7972202d4b79ce12757610cf95743d94595753d

  • SHA256

    fc3a68c6c19ccc23c7cad2908fbc0420bda22bc252c93d404c7e91191099f253

  • SHA512

    b75fca0b73e3518f800a918d4c690b08b3b6afb16316538aee1fac5914d20b0bd319d010d3e78a3653786ae6a72975330da2c3f6238ee4153c054bd0662a9d06

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAIP4FzUnjBh3p82qDB8:SIMd0I5nvHFsv3CxDB8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\812a05577ce8724be824cd4b50a9518d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2180
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2180 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2936

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          632f7f3d98a93cc465fa8dc6b99dd6a5

          SHA1

          1bb137bcbbc2b2cf78dc9521465a7bee25e371f9

          SHA256

          51d95680f5498b9dad76ba1c16bd20fabfaca428027ca4859e05a9edb77a7362

          SHA512

          7400a39425100f62e2b69fabf72586462c24ba50ce030a6e3c155aa30204f5d435f3bab540855db2bc4e2e2c1eca34b3ece79fec92000a7cdfbd2270cad37640

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3eb5a0fd2e947032ac7f87181567cb2f

          SHA1

          01533219ca1129b9d24b7747032ab47d9ea5b6af

          SHA256

          45dae67c3d5ae6be23510e13a82484a20222a3b8a820d1c13051278143c8cf9d

          SHA512

          6443c88c44531a36478b19d410b7b5ece1299ff6dc577eda0a240e8d511b267f0c6c7e58606fc7fbfe57a8678823a591bb463deda2d83a250309f4f812c28fa0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          197b77750782c18d65e1e8cfb4961b2c

          SHA1

          a50bdb91ca95830f8b558a9da007f00d151ace19

          SHA256

          f135c142ab1a7d47c070dc51b80a0b7aff45eea530870bace9d426bb57e58357

          SHA512

          a93d0fa589802e7f1a3a363eb69e82fef3c743a2857965271e82c3676d5f492c61fde0695abed887e73dc655438615f480deaa25d1bff17269676b87c99229de

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f22f67c74068bb58bce7c04e58ab3c70

          SHA1

          578be550a8fa86fd380ef9750ccf243c44a43f02

          SHA256

          6746cf29f8615a71e275fe19cd18d39a01f08f867b2b84cc52bb7fe6d41ecc52

          SHA512

          d9945438cb29b49f2af4b4d7b87ed81a128f4aaae4a9733784565a929bda175ec8ed7e12ef9c54aed5ed4fde17908fcb38b9133ec7c72c6fa74976ef4550ae26

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6a878d32e543368eb3f24b5cbe54745f

          SHA1

          7e092365ad0e5185d9e0c9a00fcb5d1ad0c150cb

          SHA256

          cbf4a277c9dc0c51e9d352f254e9901b7d30b49d680a1f9c59733189eeb9f31c

          SHA512

          07bfb9d886914756bbd0430bb49938cd5c3ad78ecd0d3cafe972551a273b22b7b3341c4d74988447331a2a8c90244f5003bb16d86193d967cb1da3055aa78e46

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          da4d7e48dc9db348b002d0579484fec1

          SHA1

          445d7255f0ea7f3e302f3e00e9dd81ed40d16bc1

          SHA256

          e3d86f06a4f1ff07435e1e16c462a63e9d39858f1bf9112812a0a66b24b01a38

          SHA512

          89031fc38b8deadd843fac85f88749e847739954c0d241976818fcf640510e8d25fe88d07e2eb2c5fb363b059dc57b04d8c4244af9970dc6598638094816d78c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ece0d9ea2fc89b9e3a30e8df0bfa6de6

          SHA1

          a52e7aa6390e0ea16c7d9eea1b3d868c2c4f5274

          SHA256

          a2c88a58e3ce87b73807ef12a8a91c25bc4cbdc132746a9f830e79759d45e5ac

          SHA512

          2a552482268d3704afa0532f5139024cafe790f2bf13a3b1acfb19cabca68b43619642badbfb3f8a8dff5d2a7e166a7d13e005d21a3f7568f817d02b3b7442ec

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ccf12af6a9330179f730ba2403d8be0b

          SHA1

          fc07536473820443aa694a8f589dca28128a1588

          SHA256

          36607fee98932705896ff9bac112aa8cc75fa8715f3e940ba482198b48309530

          SHA512

          6748b64446725179672d760f51bcd9811887d87cadb689dc1ddbc1fcde85893cad93491c8ff10ca354de8eca9d5377da31289f326c2e04ffdad0fadc38b6a8b4

        • C:\Users\Admin\AppData\Local\Temp\Cab1852.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar18E7.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b