Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    30/05/2024, 14:14

General

  • Target

    846f30366541ebd05dc5a1990945a1fb_JaffaCakes118.html

  • Size

    20KB

  • MD5

    846f30366541ebd05dc5a1990945a1fb

  • SHA1

    586e7c0366d63e02641497f4da75a9f96afe3eba

  • SHA256

    4810562bdb0427b6542eae244a924dbf01249ccea3e859072b05b609c938604d

  • SHA512

    8a4adc3351af2fbc53488b6df172d95b5e8fb0090c8628cfe554b9895ff0e5e3b2f452c9dfb900632e4f00b8e3ada5e7fce56e0e9ef4b78f4b08e98d8529456b

  • SSDEEP

    192:SIM3t0I5fo9cOQivXQWxZxdkVSoAIO4YzUnjBhUu82qDB8:SIMd0I5nO9H7svUdxDB8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\846f30366541ebd05dc5a1990945a1fb_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1276
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1276 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2200

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    07ef0e1bcd5cc68136d8684eb0dda23f

    SHA1

    d48b075af4bdd18d8830e2f576f61b5ed4deb9d4

    SHA256

    c6cf6c9b9824bb9e428d161b2b3e141ffe7f78d7a85f9b4f75f3afec0115533a

    SHA512

    c1d798876676e4b98cd99c725cff4d27a39cf746be77ed244567f0e7205fe02b58fae507b858717645314e28ff008f9710453dbebca02a6d29ea69f0ca3f2ba7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    884475f1c84066e2098083971b280094

    SHA1

    12e179ec3c87fe512afcc81a4468c3ff9651ca04

    SHA256

    ba13a8c1f0a0d819a119544dd3c363205da9a17267dca08091957050f170d9b6

    SHA512

    ddf92a94735ba2809c2b674c023d3bad5733af2888bd95b9c97f2f64975a850232122bd979b7210621b9e595ea8d848f26dde53f7e0d812c6fd12b727fe74e75

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8212b6341bd3565e59dd2d50dcf43283

    SHA1

    057ce3977c69a48f40751036b34ba028934c9259

    SHA256

    a61a18c7aa03d0a83d7fdb5763bb728fe6f0f4a045c3ae10b6c492d0032558ba

    SHA512

    40587bbdd0ec26a091a8ea09d7c4326e922fe689b0dbfe7573ed5a1093ce11b8d0a85386980f20138f6d697715acfb048749f202567550e320c5d305e580f860

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7e08206cea2249bced184104f0e5893d

    SHA1

    d1168d17eb66de3fc80604665edfaee8762b8189

    SHA256

    df97255a1911e1ec8b6a001e6225f542889ccf64a2c3f7a1b53da6bc11f65acb

    SHA512

    a11d24b431e1777e6529006361faa4dbeb198b68607e98b9e831444b23a38775815f0c328edfd021497e34274dd16bf2381751393fda6246b53425d6b75a7d93

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ec73bb7b2d85b90bcd8991b19371b06

    SHA1

    76b7517a018193fa0fa14060d5b88a91dba01379

    SHA256

    f36456b7f99136a70d06f172a3de0d98f6868b8b16ac5d6b578f43ee5dd6809c

    SHA512

    88f0919854f405be60bb2b01bd97ca06a1fc93a4b3f1274073a7d809a7508ef68a3a1ca8b5916cf2376d7ba89d96e03a416ff73039a2f36baa5101d1a4b301b4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3e50b55a2629a182ae9ff20dc1940242

    SHA1

    ee349526118a0af77173ff890d5dc54900047f99

    SHA256

    fa2a6d0615815277226b1013fcb95e2aebf0b894559cdd15a7ea9d0bcc26e2d0

    SHA512

    ef3daff86f7822480c5fc9ca9f67f7d09e55d88a9f33295aab1a4e341744d58238bf45799dc22bd2133888013f7185dc066ea88568d25937d0a4c4349ed05f2e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5f0a15ad40e206bc1521e6b64f77299

    SHA1

    6017a028e5f785b9d251bd15b0d15094458445b1

    SHA256

    73b12bdfc90ddbae4df4d3a8be0bafa968dd392eadf61ce64b55b22cbf2f29c7

    SHA512

    06788b0272a16324cdc6add7540d7a8f3c5d6cfc7153f2e5428fab297d2864c858d9c8f28e9075e532cf64b21585e9311939a76d2c25f59a41a0894bb5d7e183

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4145a8f4f8e10fd1a199c88f0d94ba1c

    SHA1

    e3c8bd2ceeb0b2a6bc2e60d94827c2af4658df0f

    SHA256

    bce26ea938d183982a886475cbadca152924d82426e13fb0eddcf90e07938b63

    SHA512

    35dcab9d7d1b319879271f4303e69b6d510c33d301b7dc7cdf333325b2d4b0c240ff68153355eaf0763bf96349d4e5d0cd9273ee2bd418600f2c1c0f3871e69a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    147383133263004f646948fb95549fc0

    SHA1

    22c6e6be17e86e54942464ece73aeb4ff0ae4372

    SHA256

    1759b1e9016a1f49104117c4f012c3f9e1025d66035517def48302e3ccc5b898

    SHA512

    d6f3781d24041f51f787a4111ea1d985ee1c7d0372035253cf5ef21308bd07cdf4a413790eea6d86195aa59bca7454d427a0d90c9657b3a15952b8beaeec930b

  • C:\Users\Admin\AppData\Local\Temp\Cab1343.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar1435.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b