Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:08

General

  • Target

    911043424632f443dec6f44b5043d22b_JaffaCakes118.html

  • Size

    11KB

  • MD5

    911043424632f443dec6f44b5043d22b

  • SHA1

    b4a2cc8d2a018fda3b2ff902e8000b161a87b083

  • SHA256

    b24d0f0845119b8cbff2706941efe9fca7abbde78704330ca5fa3fa98ae6fa9d

  • SHA512

    e504a5683bae4fca112feb508273f04f8f63fa6a3cf4637ad4863d76cf050575361185c84db80bbcd62eb946b3d02efa5dab5e497a14f158db4e9bfe93e62127

  • SSDEEP

    192:icw6tEdvd0Jb8v2U65cNBMCn3cqs2OfUn5ZIsPnPQhMx5Kx5SvU7DQ1YXVK:icwwN0BM23cqs2OfUn5OSnPeG5Kx5Svj

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\911043424632f443dec6f44b5043d22b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1700
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1700 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2204

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751

    Filesize

    717B

    MD5

    822467b728b7a66b081c91795373789a

    SHA1

    d8f2f02e1eef62485a9feffd59ce837511749865

    SHA256

    af2343382b88335eea72251ad84949e244ff54b6995063e24459a7216e9576b9

    SHA512

    bacea07d92c32078ca6a0161549b4e18edab745dd44947e5f181d28cc24468e07769d6835816cdfb944fd3d0099bde5e21b48f4966824c5c16c1801712303eb6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6D6296A5AFA455307176976F531B31D4

    Filesize

    503B

    MD5

    3a0bef22f52367a540fc87c2f64a819f

    SHA1

    c620d5e32400883ef0315cceecce71a7f036f5f9

    SHA256

    cfd5b949b53fa973152777c6cbe2638a1215e0f0f706c9271b6d69095e137900

    SHA512

    c7468854c103354bb753438b74e160fd9d9b9980000cc354bb5f1897f77f791a9d46d3870f642e4c498760f02163f2e7b03514dd310d2531e27e769ff5f421b4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751

    Filesize

    192B

    MD5

    ad79d92de5488b7c99db9c491d28889f

    SHA1

    adec9a6920309164e650d0758f1db21f9dbc0373

    SHA256

    b87f97aa7c6f2480370de42b943c0c28651e198bfc7af4040d59c4c6f4aefd2e

    SHA512

    7f4fbb3e9210e55542772338b26bc3dfb41b3f3e9f2f9e8472ae77f10ff5500563a5a4dc30ff685ca5b8d61f852545b8f15a52f53bbe8fabbfddb41b51f7e15d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1482f7f578b29214aba9860a5d5d3599

    SHA1

    80bc8609f123a38bdbfc7333da373122d0d8fa68

    SHA256

    218533d6b5d32e6180ee9e36100b4cbefca68ac4fc9488a0de3732575cba28cb

    SHA512

    c000ae7a713a98003805dbfa60443a3beb308556265e2ce3f5a6324104c7dd390d55ef95f8109e1adaf7bd5bb531866e2037a4db5f165cd09f750f740f4ad688

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    899370fa2d434fe87d5eeae1b2435108

    SHA1

    a79e984b19887c034c0fc3bc90a63b673f31f355

    SHA256

    6844f63a41999415b5f1f155dadafc8a375cff23152850e9f899c2cd2ea5c743

    SHA512

    7cd35f75df5f94e88712b1a5cb35bdaef54e7cb778f40202042ecb6d31b6de945fe79d944bd4e775a93bd2221f887700515041de48a5c7654e393d63bd477847

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    183c2fcd18df3f4b247979167c644418

    SHA1

    83ace39d146d22973f7b62824c60a7d8056e6062

    SHA256

    763f9a4ae9fb03b6a2b32b4abe4717930ef3cae91633e0fae2fcc06cfed8e51e

    SHA512

    488ff48fd9521a026091237480b891cd187f9ae868742b2c9a37a09d56779030c522e8e11b772bd534b7bf3f69a60072545bd6671e534c226f315b18c6f7400a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    897235b882301722f94af32b6e550240

    SHA1

    a5f554bedd5e4e14fc6b29e813af55891e11e9d9

    SHA256

    0adbfa4992820f9ff812a3dbc51e128c3849f3eda45f7dd79ed3a1743863ab65

    SHA512

    cfb48c6d20937cfcfa2fada718602657e96c998743e26a89704d1595f5d09ed2950f7cff8bb7f13e7be3e652097fa09eb3c1bf52f6fc63b3a200a339a25d6169

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c2e48eecff71a9c75b6af94ba4b928fb

    SHA1

    9a1be082c5690c705e5a158e6d01aa0127920aab

    SHA256

    bd07eb5f8f88304fda0ab17175cc559d981332e8ad17d5766a283f3ad9976df9

    SHA512

    87c63aa2d27544b43ba7763900baec4d6d36cffaefab9e7b274b4c9f767f79b57ac2bebba5240daba7b045ce9e1714407210b5cdb210e5b41bd7701a7d31be7d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    09d9abb0e9febf48f36720f1f29d4393

    SHA1

    139959a96a9309fec04b2be7846315cdf461d45e

    SHA256

    0b76b2c775ebd0f5eff989e0c850f88f183652f38d7bfbe9137ab5a6f9f6680e

    SHA512

    59410cee0dfa2eb972f0d51706705756a84fe18b9fe172570d92b84c19bce28252460e68f436f76a6d8e2160fe5b852b5943e5dee7724d8c6e27786288f915a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2912087ccb5ade1b402216939ade785d

    SHA1

    9194582b7c72b11ac3bc47bc91ae95198ebcf465

    SHA256

    4a315ec564590407565475c0241f8acb4097783393b27c500fd33af3a7aea67d

    SHA512

    097dea30373eb16db0c1540e341cac2e4dbec432c7a971e39d790ad7a7ba5acf1f6437c29c29ae0480564730f09fba7e466f00790785dff6f7245acbd718d893

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e55463abe1e30b724b8ef45083c26063

    SHA1

    4f6a8dd8fcf603abdff494a1538aaa6f7a9a8f15

    SHA256

    fdcf2aebdc18b4870c4e2e936e1cc85fb2daf2e3ae8bfe28cb4dd238d7da914f

    SHA512

    f90a417a721c0f7d94a19ccd2390cc0aa03c56d30505343d85809b04eeafe551a52cd9a81d801422b2d12329aa6d050342cb311c8510c2d430303ef8fdaeca55

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a2adc17a27a6e213344811a58e082908

    SHA1

    5f6ecdf0f7cbbd50ec684a4c3e91ee5a469e4fd5

    SHA256

    956a115020f3b4c475d67b9279ce6a62cf3c167704f7c6e66bdaa4e028551587

    SHA512

    def8268345b47634a4584fbe239e341a45a36f4a72ac660ba7704cf1df8e4924425d5df0dba86b2d8ca9e6fcfc0aa0cb3daff33676326f4a96c2cc8fa4f59c00

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7134b54f601c8dd76fec2bd05d0233db

    SHA1

    6773076572cd05a5b0271e9737891915027a222f

    SHA256

    698f8bcc160c045a62e525f649d9af6b8f5ed10effe43e81808abb6a99ec4430

    SHA512

    bde784f8ed5e1140de7cb1a306230c7574bdcc8bb0622f2be176f73ad3ff2021dc1aceae842e700278abda9b2e1b046a5bfef8f6c12fa1c09cfe007d36257b17

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    336368205fc544bf686ec1571f427aa4

    SHA1

    89ce4ce5b7a10570001cad03c823258b99386d71

    SHA256

    9a05aceff19b62d6d1bfcce4eb7c677bbb185a757ac081b4edf0e828c6301203

    SHA512

    9c36130a1b155fd6d21b2e2c22dda786e86266863a17a0744874dca8d37e96a63d955951160366bb61f8a8996ce1a2b7c0d02a9310240d86dea5d315a351ff44

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    458118ec337fd035b43d911781f78d10

    SHA1

    158178bb3bfc42fe664ec916f6a7e3fa3f6a9c7d

    SHA256

    e5884b5f073e09ed454b22ff5cf3914297b53960793b10d08bdcd0521e5edf09

    SHA512

    d1087c19a0c92d93ea91b51dca3784105d018dccedd32c6b4451ae3a1bfadd92d0f40b5b6c791a6f119b21dcd6a72174ce438a5242262edfe506fe4c3567a237

  • C:\Users\Admin\AppData\Local\Temp\Cab2FAA.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar306C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b