Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 07:55

General

  • Target

    91069deac8cc7cd31491ecec781fbb36_JaffaCakes118.html

  • Size

    23KB

  • MD5

    91069deac8cc7cd31491ecec781fbb36

  • SHA1

    616df0c53f26ac5fc439d1750aa5adc00367cc61

  • SHA256

    1d035ecb968f3215b175c7a1b48032b73e560c9853c70b6eac91aadd2a94c512

  • SHA512

    37521eeffbd82cd50ed6c21d282ead61a797f33307d96d2bb43dca42d9165b2a23729fbfc95d7cb61539960f60c41655178ddc3da604a63ea1cc00a2bb7ba7fb

  • SSDEEP

    192:uw7ub5nr6nQjxn5Q/6nQiexNnQnQOkEnt+InQTbnlnQKdjNvMBRqnYnQ7tngYqn5:UQ/Jq3L

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91069deac8cc7cd31491ecec781fbb36_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1928
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1928 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2120

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    81333400d0f8abfe67f5c0a1642ae068

    SHA1

    aa5f69349bede4a773a7c9c573ce1188e6763c36

    SHA256

    64157853f7d4b2fd5858ca514890aa1ee77b2711ab92b0f4fe446ccb4fedf5dc

    SHA512

    a85cd64a2a0377dbd6cb2326689d090110b498f0fcd4b0903cd661f32f583f87d115c29311c303cb03841398cccdabf3c25ab3e89ad3e5f9a08095f9cec4fc39

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ddb057854dbda0422b85aa422d1c079f

    SHA1

    0bbe983a85298811975a24d26a31239817541fee

    SHA256

    d306c88996805c57b52f5a51e13a40a2c32d52c871db6f9e2222015a40c79652

    SHA512

    449b7989194983fbb51e51783ff7ca6e91f331f6a57743108fea42e248a7cb6174a9d8e9135eca0f1cab835b5748365e73efa9c3ff4a56a3c10568bf663af426

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7e220a42b196b6019985faf66844df9d

    SHA1

    ab2ff5f9c9c4143cec76c5a27cf8281506ac298e

    SHA256

    de8eb2612b027ed07796ad54bcf632615e4c30ddee334c10c6a419143459bc48

    SHA512

    f69f5496fd42c36b6ad6ab3b227363b6f8722b9abfe8cb7c3102ae722a6974fc7f774089250d79f64098b9dff0eab58ef0716f18b719daa41f2326aafa8c6927

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    572413985bb8cdb472c44302f2c73eb3

    SHA1

    9589b85cd0d1cb2966defa653f31c7e4b4946809

    SHA256

    758e759115e5d0970e62c11effcc6b703a47dba7905362219e86c4d1a6fc7106

    SHA512

    37c6444eef9389b509385371f6f7124a359baf0f9d00f47aa7be012c997bc084ca19cca3a16dc2b3ae3364c07eeb3fb8a3fae43393398d44e5cede622201799f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f7d37ec0dfbff9dc189547a75d7a1222

    SHA1

    6b05656e12e88a6e64c17697238ff48f5ffd42bb

    SHA256

    875b02ff623a3378c9a86c8585a06a0ec96ebc51da9ebd4fa4a7b205c8fb2dd8

    SHA512

    a80eedabf4a25eca41fc5b9243702cf081555af698d92666f17d6f8fc6b4c27d842037141e656deecbc4ed2c42db3fe584c3fa9deae3b7273441dae61e2a98ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    165167dffa59bf76c8702774ae1b4933

    SHA1

    2a79e92034db24bdbf7d268145cadf81fbca3df0

    SHA256

    78fbbff362274644aeba6c7b9e8438216de4fdca4aba07fdab4aa631026cc4b0

    SHA512

    79213d49877f701e30f6735777c9540bb909c5dc1b9e6a549802b53ad77ca148d83db93f8570ee14d21c3964adece3f64e99383731859637a11fdce1abcef192

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cbb57391899586e8cd1898fa9fa698fb

    SHA1

    f1542acf3144e31e462b53a7900da506ce4566fb

    SHA256

    56dc535b6634445bc6a6e76ec8614d2bedd73b1473b350c9b64b7573c65e5010

    SHA512

    d56f3637050f169f73c5276f7176f08d3a985b7597ffea68b19cdc19b848297fa890da1a132afa58e461b68bfd28271109a0e8e6a5e0feb04c7f82e33316be3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    094668f4bc63ce24d119ceddaa84b977

    SHA1

    ace567e893ef814400e6f20eefd69fb59bb6df8b

    SHA256

    7d4231504bc4da3704fb98d26e9d81f8a6f0f7e56d8d58e8eef12461aa266dfb

    SHA512

    765fee018d5e4e1143cdc4d3e0568197baad1a22ac8df102f94f7edefb0e5e744b22ebbb900e510836e8914dfd5645fafea7d4cd06719bb6dde4f0fed0ee1589

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec7a3e9a16d755c751f8c1c8ef8d4b3b

    SHA1

    a7abb60058192c011a7b6a47eaa1213fef8862eb

    SHA256

    fe59753f1fc8a7e75c4ad39d52a62f595447f5aaf9d562f5e0ac6f40cacb5958

    SHA512

    e0ed9687e2e922c6f27cf7a2aeaab2f87dd8e9f669d641b94ab8a7a9e955daa4e1f00be42f433df7929fda2da02749f2a7f88003931e54f48d32a5e7d9b72eec

  • C:\Users\Admin\AppData\Local\Temp\Cab1882.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar1906.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b