Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    30/05/2024, 14:15

General

  • Target

    846fc613b3bd00417b817b54a1b79a7f_JaffaCakes118.html

  • Size

    23KB

  • MD5

    846fc613b3bd00417b817b54a1b79a7f

  • SHA1

    cffb0ea7b01a20cd3a66b8e74df24d62c99e93df

  • SHA256

    899fe53cd4363ae37a2ef6d6b32baccf2225761a23bd80479e4cf9702b685066

  • SHA512

    1a57556221ffaafa0fab2dd46f0d52b4e78cbf59c6c42cd6260b4998c5217047fab117a3c1a622d5670aa67d319bcee66a10fcc0c90c632a216634c62a75da00

  • SSDEEP

    192:uwTmb5nfKnQjxn5Q/2nQieVNn2PQnQOkEntasnQTbnFnQ6v06J4RnQNjMB1qnYn3:gQ/UPvv06kzQQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\846fc613b3bd00417b817b54a1b79a7f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1712
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1712 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2600

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    41ce428f7010860724c77fd7fb551922

    SHA1

    e280c6660d8fbe498e3e6b7a1f2b00b1a91e7e55

    SHA256

    bcc13424374365ebfd4d31f9cd8808913294feb9169fe5cf5f358fdfc109a895

    SHA512

    f06f3f8f64a84a77f516e05adbdeb48fd91c3ed4f459fbc2a95625aef291cbd5771620d7de1a1fade73c49f1c0aafa9cae5b212b35c1a9aa9a4e4403626e7d7a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cb833ebb95a6416cf8a81747b94602cb

    SHA1

    75fc42d3ffd454965bf6410a4c7d0d3a6d3f427d

    SHA256

    3e9d845da6bac43745b2729e3d50d881e19f44645a0ac70a6f27d68a78707817

    SHA512

    592f279323a2d31b49e5286782d878de4c4236c90f73faf85dbd5658dbec21cb682b70b00f60b197e0f2c08c64b61f40fc91a6932e52df4303fa7d024bc0e165

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    18fcba8160bfa327591c20c2ffd00a99

    SHA1

    0a656f0bb2c9242e94a1b75651cb4a1ddf48dec1

    SHA256

    56cbfde623b99f2db2499e19d3fba79f100a9632bfd5bb6ad10e4ca054a359e3

    SHA512

    23e5cc939a8cdd5a5a6d6295a53bc4b861d7b7215003e37ae29317610d4d3765d033fd50e7cd041dd4053ac63172333bd8512488cd3cfc747c93b6432fedda81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    405bb6f737850f2339d9591e625c82a0

    SHA1

    91b64d2d4decfa11fa3bca5065b7b9e3b5f1e501

    SHA256

    99172e8110643a133d6958df69d2930fe8b2da9a580358592e472600363cb3e2

    SHA512

    d271a0e0b42f781c5fc7d3a2d7656130a6280e12fb22f12687eb0e6e833d66bc0cd76ba24e4da69af5c589dd8ee425be25928d590f18fe67d172c79dd9986148

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    05f000910331639d02ebcd1c4d899549

    SHA1

    7dcd43a060c17e72c475e3f5eb3e1c1ad5bdda61

    SHA256

    d466bfa5b20d1ceb777ef6fac5c24ae52717f38fa0dea18d47785223ea3f74a2

    SHA512

    1e6a6ead5a701bb3cfbd63dc37ed954272d6836f58f0eb1d7be9f5488dd75540143bbb5a8713cd16e4302daa38a1ad3fcef1c2808f2ef29c670ace1fd3b171f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9536cad5cc34f4de6e18eb13de9b2f04

    SHA1

    36d2a886b9e8a8ac447f951ae629b66cb670f42f

    SHA256

    b8b5ecb0ecd606509d8dfe3eab92b9eb973f044f451abbf013d9f4269180a9e3

    SHA512

    f8a3fd8aa6b4d7a5d69eb8a736a0b000c696352999c11ac5b886683c810fd9bed6d011946c9f1d31371abfa1cc3bc7fae0d4d7d8f1de69dc49ffc23b1441958f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0cdf9a048738376a1bd477749c84fe78

    SHA1

    2a4eab720dc5ad4e480aec5d991df15fad9b317d

    SHA256

    67bc58153ed89d5c1a93c57793a185347f8461981fed3708c39b6285023f7c59

    SHA512

    bdec088145b312625fcbbf449722d8ee9f4ce43323510401e7b3b24098b36b4e6427e30ea1b8eda42786984376de6c463139e019135bad97fbbc2ae77fc0f495

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1b000edee08f9879a61e2a15f8de0598

    SHA1

    af8009a083742768d77d379a51c9554a731f3eba

    SHA256

    21cedd5e45485167e21d39f77b378872c80c403a106e4ec67f5e166f4e0e82e1

    SHA512

    f497cba0660cddd920992ca153dd6376d2b725a9d9ce141864646d4e1da5ae9b1f4cb78cf229ce1ba8414a25bba1eb9d59c0ee1e47e029c48f4c5ff082722abe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4cfb79e561466e78c758bf6e2561d685

    SHA1

    7b25edd040a9c1cf371c9910583046a509fa54c4

    SHA256

    dcd07d152065e308b8a800635dc0fee5e06968be0f74e68e9b268e1182096d7c

    SHA512

    0e512918f5a3b24ff4a8b05829bc7f9b637263c93484b86bb332ad905edd61ceb8e440ec5241c48a4ed74f7effeb114bd78a86cf83f639d430b808714c59b098

  • C:\Users\Admin\AppData\Local\Temp\Cab2637.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Cab26C6.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar26DB.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b