Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    30/05/2024, 13:56

General

  • Target

    846235759568fefbc68a0ae641246449_JaffaCakes118.html

  • Size

    30KB

  • MD5

    846235759568fefbc68a0ae641246449

  • SHA1

    277e6d2fb8d44ab44ecce4d12ab8b74f4544cd34

  • SHA256

    c9465d6f962296fa0ed95c3652a8f46c8de92273f3f58d87f51bf0dd9786bb6c

  • SHA512

    dccfdebccdb181b390cdecef7b9ea0a414a4868b0c5cba16477749dd83762d7831732b4e96f9172cd25d0b6523a58a13431e1aec8124e74b92247c5c02618f07

  • SSDEEP

    192:uWPDb5n9q/7nQjxn5Q/VnQie4NnonQOkEntbLnQTbnxnQQXC/Ab9ErkcwqHA4ZqX:pQ/hSv5ZqXEo

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\846235759568fefbc68a0ae641246449_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2964
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2964 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2432

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9a030a2b3f47b25876eabb603bd2caa2

    SHA1

    fe190831912974c90441539ac25ffe277206cffe

    SHA256

    1093637306aad2e5342b90ca11684b8b45f267e4b354b3621b69e1efdda21578

    SHA512

    387c459c09ce659c0752e3d9a46e33100c5e03d8690c6f25ba36f78d7eb66239d10d1e66305a3b8ca62c2a5d726a785d86c0253fdb1d1635806a0ee8e459590f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b0e02f7c357e054de31176274af51d15

    SHA1

    9ab4c270c7c9f2e38773e9359c0552d77bcd456a

    SHA256

    13f1d6fc8108965edb4f8d0da0086bb70e914fe63c3641c4df5077980ecedc44

    SHA512

    e036abb2e9f4bc43dc5aeadb32fe8608b624a83f6056667ee75b926d2e75b852fd067da99db02754835a0c24f3c644fa27fd21c373e2fa2b864d0e7947253da4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b29a8ac59b00b19839459dce6ed97d7d

    SHA1

    58682c4862d8a09d4fc4b43896c4aea477de324b

    SHA256

    ad3207b9a5b0df2f83e29e91054df1f0b37143279b08e95f4f3937feffe21361

    SHA512

    927dcc7bc57a2b87899c930b3b1375e63bbc0d999a4aeaafcd18743455208efec808075b12c88720d6bb83b7a74ffb8545557b1cf77d5e6aa8dd5ef5cfb3c27a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6676fb73ed0ba2be03055fed0b46fb7d

    SHA1

    acf493a0fadd4469ae1792108ac4152294ba6f52

    SHA256

    b94495b36db12e2792f445ca3a002f658b5ae5d7bb4b4378947af27ff42c30a4

    SHA512

    f38d5fd82492b98eef451ffa8f781bebbb7c5b04c2f315dbbeddf55729f20e899b668f158dfcfff31f426694c45a25eb514ca18d3f1d98f39ed060efd3cd4554

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3f04d800740c1dd015322180c2f1f88

    SHA1

    8c2add1b5fef3ab4ee93d5cf1093f09ba10d1135

    SHA256

    3e14f7c4c2cdc153431bb56a761d140794d15d6c9df1ca86b4eafc02bf31352d

    SHA512

    717c58558bf2245c47cccf1876e5a40bf390f878403a256677bf9ee90908eba2301b3714bbd1149695cc17a30e4b912ff2ecfb7c1bbd039a26ae909fb0c01e43

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36555b71c7865454b74cbb7d27a4eb07

    SHA1

    5b53002049e995e26a152b8ac66df88241630afe

    SHA256

    6266aca265d1d97e6b77ad9cc9126266e5fc8689099d2d9ec95f5453bb281cd3

    SHA512

    7bd011a80ae40304728b5509c564a43e4380d3a498086a594fcdb06f2dc1643ff12a36633d7f56c14ef18b4b0d93142a54b6ecb23e62f4f76455e9b6066387cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    555e930c23aca452e3bbf3fda16d23fa

    SHA1

    fa71e1843c65baaf9edce0747c99610c70da408e

    SHA256

    6259e7645e246a41ce63edd3e592c88b5211e118c7d08b4df50f602687da8e78

    SHA512

    288d914b973e35687e154006775786f945dedb8bec8265727968acc92f763dc39fd51a7ef7a5c0cc20ec4297489a1922be9a5ea42e4852623736e625b12a0b3e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fe2bfa12dabeb5dee609cea2628a1007

    SHA1

    543e9abd6d573b52b606f09ef086683886b0a928

    SHA256

    3cccfee4f3927ff01bbf22a130cbaa6a622f811107ce19aa96823adc6890bf0b

    SHA512

    4890e226823733862ffbac8b14600715a558307cc467a052133b59d12ab5b52fd2876e69b9d8c2bbcc97334d6ff65b7f884713b237e405aea255af2b58b4bfef

  • C:\Users\Admin\AppData\Local\Temp\Cab2223.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar22B6.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b