Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 07:46

General

  • Target

    90ff67f3a3baf55309b4570029b664d0_JaffaCakes118.html

  • Size

    23KB

  • MD5

    90ff67f3a3baf55309b4570029b664d0

  • SHA1

    8b65e5381c16d5a1442bdebf3d187cd41ba22694

  • SHA256

    d217b314367708d68027ce31676f61f28ab033254d4e1c326932d4b099cf8a4d

  • SHA512

    739c9fbb9cf9b73f7dd72b86811ea01445358cd78c38ff755531930608bbe64242083c1fe9975480cf98d4770d199d5624704c67acc569b27076247f338c14da

  • SSDEEP

    384:DV1YKHcYPUtRp9IncCFEw7Q/C4Zbp86fLKZ2crWo4SQU3I634yJq:DV1YKHcYPUtRp9IncCFEwf4Zbp86fLKc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\90ff67f3a3baf55309b4570029b664d0_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2932
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2932 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:316

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1da9b7b0ca5bd67a5e7b0ce6ba5beb1d

    SHA1

    af7e14607d43b433f81419a37117462c6f20c1df

    SHA256

    3710e831075ec6d8dd8b770c8e9e1bd23f8a1b4bc584e4725d95b6ca8b0db31d

    SHA512

    d3567c56f61d79e43c9d477e1e3f3aca85ddb0f6114afcad347157372580b9ca742e26bc718267b8d236922698639e2f43b6999ae991e1f2efcd74e40cf0c3b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c6e4f2f7b5ea3e10eaebeb19fc22c68e

    SHA1

    e37a91e5154b8428f2feb5a08defdf8d08204f9d

    SHA256

    ba25b5b844788d4f17b2b3799132a086e7e1c3fe6276406d61309f0ba8552e87

    SHA512

    06d23ec4919d7b189871290c347a455f5a255ec6beb2887d5318fdd6bc9cf2d03e273b4f51b9f103ddadcd2dc2137daa244f69aef43c8db3d87f80d2e8ca9be2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d95750b47d743eda92c42f9d10489c9

    SHA1

    dd8a6cbdaf09694619f648d1cb43096d230757cd

    SHA256

    a1ac7858c98e09b17660a6aba9780e031bcac036f8d2c11a39ff9d1a1c37b8c7

    SHA512

    aa70f6c7f9a9d9e13c90142a66657c4c2ced48061f9a5a18be5a299b638cde54d7d57162e4b8ded67352b55d2bbb03d614f75ae21c1d581d612da49e4e2a846e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5afbae9c6de904d9b57899a165655298

    SHA1

    eecb6656082777eba934cceba41c4a0b5bbcdd0a

    SHA256

    d11ac7dbf520a511f83d04997c0b6f535e0040f5ca87237a96103024af5a97fb

    SHA512

    d3bb183c10dd9f7540b202a2fbc1609e6bd7d918bf39346dc16f674e6a098ab99379b768cc5abafece4deff69f9109ee01f61983f74a6be964712f0bbcc222e3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5ea2da7f96e16bf501881e5b23349a1c

    SHA1

    83eb77d79391edd8b8f69ffc20e9cb7414b93427

    SHA256

    83dd7418cc41a2a8652c48f1b08b79220650ab5716b97f22b0aa4295351171a6

    SHA512

    86156e0057e19986569c301673148ec9c903cf40de417e5f674cad302ffc59ca0438e6380608d20a006e813e020f1744a3ca508d5e0ccae2609e287b9fbb828f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    329ea2caac11f2f49302d5c793663611

    SHA1

    4c96aec944e96f4cfe887450c6a531105f0dd8e2

    SHA256

    0b435c34700d4683782d351b51f2434fbdd1ec4283a6fa39a5a1a12af8924ca0

    SHA512

    e98408fe7fd4c1d31851432d712ab007089818496ea52e937f3682a8957d51d317bb361be90d2b89685a00e12e9be13d43558aa5fc236db4aa573ee23343e7f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b085c240163b9bc5f8d2decad3304cc

    SHA1

    0c1a2b6f2a07cd0ecb4db76bc5ee89a0f1ced096

    SHA256

    140ed107ce4a93624715b782201c813d6b1c87354e45079d9269a044da81000b

    SHA512

    8dfb0d5ecd488b891c6ea351908e79307f464499fc17c6fa3424abf28d8e679fda915b712f7a3f36833b6e63d8da868a209e2ad8411d21e5ee9bd6fe1cb12fa7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fb7000a6fa89cc7ba10926ada94293ca

    SHA1

    22f05b79fcf9dc07c4fbd7a2c6e4ac9d6baa62ec

    SHA256

    74f3d3c7e39453b92074244b7f2c71a26cca599f26ee35c03d0a0dc7fd1aaa5e

    SHA512

    67b7d2025b1f393c399900fae27372de48b85bf6c797430a3d0363124c0469fc9b9a396197e565bc8a81a51ff779f1cb06ea0537e81ea187adc2f895186d42b8

  • C:\Users\Admin\AppData\Local\Temp\Cab1AE1.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar1B76.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b