Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 07:45

General

  • Target

    90fee0823b3622a8e97993e50695a67d_JaffaCakes118.html

  • Size

    20KB

  • MD5

    90fee0823b3622a8e97993e50695a67d

  • SHA1

    411eba883cc76482db7481e4d0b54a6131a62d8e

  • SHA256

    7c786998dea9d5ddcf250a24c9b0aba1355c6211031664923fc12945c3d03169

  • SHA512

    e9ec9d6f7434afaa9181bd3f1e3458ba407d280849d876c98ce18e4fdba2592aaa5cbdf6176a40baeb30777a6cd82801c917f2bd1767e1d8f37041c00c33e105

  • SSDEEP

    384:SxAcV0irovqCUdRKaqtGwnmVkRRa12/IBR0SAsx:Sx7VfsvqCbXtfmVt0SAsx

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\90fee0823b3622a8e97993e50695a67d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1768
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1768 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2172

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e19c41e0ad05313caeb1cf2986fe6e5e

    SHA1

    f79e128ba6f1190bcd29fc4bc3f9d2f9c7df0074

    SHA256

    8431a7e19ec7815ca612d22285d0bb6f1978524c89b447e67137b298d35233aa

    SHA512

    81ae96b1b9738d4e81ebd19f573a5ef0895448489966d47de314cd2202bd93a83d09f793133a4f459d4bba2030be5c69120f8d956f805148a490cfec57869084

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ad4940f17c924a3122f95babe1352ed

    SHA1

    00646c5ac9f2c13068e6875cb660d93bda4c44be

    SHA256

    42c36df04ca8ca4d05d2e0dd4f0d63028dfc98c03fd7520462989fcd3257a83f

    SHA512

    00f63de26679cb1076b487168af1eb791d94666d55eb3fd812af2eda5776efd8b87db5768b13f905736b60a79f964ef0c8cfd157e24cb12e6ea8001899101394

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9504fba15ec4a06c635ede89cc76d25a

    SHA1

    d32e341885a89b05fae224e89867efea5fff4491

    SHA256

    8c1b6d6e6daa0fb698208d46d874afe9488b92a5075a0b9692585fb7d1e8425c

    SHA512

    034b286a3133346f188710b463d303dbf351e23755654c3aa1bc684d4297375ca07024073640ea02ea0ea9a2a5d4a28e0a11bbc3881bb9de2ba0dd5f13268e0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3b47bca9bd3768b7fb8d0e6d7e76b995

    SHA1

    9f4f619befde197468f8fd34b231795d1554a7c6

    SHA256

    6922a8ecc8e77f81b596fb7a44edb0c3ca2a3c6fd73e9a90fdc63844b0cc40c5

    SHA512

    2f26381a8d2447fb26056924e939667edca37fb58768b7281ad6e000c8951c47d1a7e7fa07f0b3b3e277152cd28091ee0c7e63970d00143aa179515e4307279a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0018d804ce5a2573cb30f286e6174db2

    SHA1

    4165a4a37bfca8f30082fcd5898daa1cce8abeac

    SHA256

    bce5f9c1529b550e00190441d2c0f66816fd487ce2f3bdd482195a26ac7c0a5e

    SHA512

    3babc6011c4e5209537ff7f38df12ee3dccdba23eb5d906649ae4d64d63f86f72bcb6e693b5c7049d90f960c1fb59e218a51cae5c43a67ca6603ccc0fbe5728b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    023a601c551a8046df86167ca6d90c5d

    SHA1

    30c899205dab0ae6641e1c6bf4a5bb0c65e36668

    SHA256

    564de85267a89e42372f6bab3d430a9e0d1c8680597b37c6c5d2c4d01a82a5a2

    SHA512

    248b7e3a9bb228befd834410bed52283f3fecd65ab4411894a99428d21a066b299a3341f15faad00cc646d1b33bd0f4e32b07233ab8954461a0640e5ec0279f0

  • C:\Users\Admin\AppData\Local\Temp\Cab16FB.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar1780.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b