Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    30/05/2024, 14:07

General

  • Target

    846a5f44bb368b9e25871fff47d76c52_JaffaCakes118.html

  • Size

    34KB

  • MD5

    846a5f44bb368b9e25871fff47d76c52

  • SHA1

    4d6cd307fb33d3fccc15652b748250a9e7d73d82

  • SHA256

    b5dc4708bf3f208b73ec4771fe84787572404692ff3b368f2de9c6246e363d2b

  • SHA512

    7212ddbe667d27b4ddb3ac79aefde8895a7350a9898289bad2161dd08bfd28d7281d343e98d6ef80526b4f45242f3c5de75421c1481844c223c16d113844f40c

  • SSDEEP

    192:uWTnb5nSd8PnQjxn5Q/snQie3NnCnQOkEntMmnQTbnFnQ6XCrAWpW+knaZUcFqNo:mQ/Nq3sQpY4tHp/dz6LNFOP

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\846a5f44bb368b9e25871fff47d76c52_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2556
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2556 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2312

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    05b73971dd14e9856dfd551b22693a75

    SHA1

    a75275effa3bfb7901da3af9046338b13a182971

    SHA256

    5889566ed483d8b9cfd220a09bdcabbe5174e7937395665823fb59bd7feeb51c

    SHA512

    90eb874da2e799898a082c721e350f0d0b75aa522dd01d98116eadc641a1d97fb0d8c8205c84bd636681d74358bd47b060de64855a145da57876f1346b0b1085

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eccfa27005284ea0d5bbd943997a42a9

    SHA1

    63e403607551d926927832ad4c62b56699278e2e

    SHA256

    57adf2c672c0814a3011f85eb57e557d4e5c48249636a5e34c188ae8feb80a05

    SHA512

    ce7b7c4b98b7c76b9f4306d46246f5fd4e39523aa8820a0cd843a371a26db20b91fa2b66830593c9f722063261785543cf2c945d952977433d3c2fd995bd8a51

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8bedee1e557b90ec6caea2e5c72ed01d

    SHA1

    a26340b90bd2bdd860e50f5cd791f3f0633e4b08

    SHA256

    f8d3062e8366218fa0f6b37938fdf5354c634fed9e262fc28ac724c6cbdd8da6

    SHA512

    f4842b6b0e84959b93b252cfda37549993808bec6c9d11d2b7815cdb6f0d3259f8be10caadc342878077850ea57659f8ee9de47fb5a3bc2123653379b50b64d8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dab792b7de334a9d512fbe3e5d882317

    SHA1

    c0a9948f1bbeb2e8f493eabab6765fdbcb628a74

    SHA256

    823fbb7ce53c360f630ba37254515e3df751b2e0d86d1b89c430287763d674b0

    SHA512

    63d290ed9637c5b8a344a0324b7a8c95efb04c352db0a5d54449ae17004e96d686c3e699c091fd6ebf7967b19f03009767051e5755e016253fc0782e1cb2c75b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    44d1605d7e265917fa58893f54f2c3f7

    SHA1

    3c39a83df3fe6029d367e2ada7b9d33ac4aecbed

    SHA256

    92fa7fd38c52fb30ef914096bb2999ab3c4a07209cc3ed2abfed4e360cb4deed

    SHA512

    84e2bbc813b98920ef289c16a141b066be7e66a1eb0c1ef759c486dde801cfcc46995261c72f313d9487842d4fa35876938d3365adba808848108131c263f99b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b4817607bdf63cfcf3ab72d568ce3f5b

    SHA1

    3077ac3eb99555ae9aefa338e72610a83d6aaa23

    SHA256

    462aa5ae0df9797b44cd3195ff9907164678ef984a4bc05314eedcef86ca56e4

    SHA512

    cef7f74944ad3c76606c790869e9f7e368968a3a6a80a0197fa85706696e77edcc7bb83b40d4a2e6768b077b726be6e87ad4aab560cae02dd96ff32e9f72ec6c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cfa1ded07d0afd34e75f8e66db4a5572

    SHA1

    8bd97c041210cd21315851e6cb76acf2c0a89a00

    SHA256

    77baf12a03d141b83909424c07729d71a029db3581f936a58f669bc582700168

    SHA512

    6fd6ec1ae4d8cea6698a13692a2dae402a66886fb249db732ebcf16f55a2fdc63ca59d5a60217b9bb6d5c390670bd2e3836a023530c946272755b1634009078a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aac4c54e8653241c581fd8d157e3436d

    SHA1

    fe8813c109adc5c7ac0992a034b4c500834e2f83

    SHA256

    fc597eed4044928da54fd29140118d173218db509756ae64be20e3128785817f

    SHA512

    84016d6e07443b0d67b8f8a852608ca45091e56c96f1c35ce16ae1f1e830ab9db67f6c2ced04e9dc2821d85f0e9192a39402eb632797424a63b145f1ad1c5550

  • C:\Users\Admin\AppData\Local\Temp\Cab2780.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar2813.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b