Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 07:56

General

  • Target

    9106db443a70e1c3f161d847f9afe714_JaffaCakes118.html

  • Size

    23KB

  • MD5

    9106db443a70e1c3f161d847f9afe714

  • SHA1

    b8c6168f636d602c65807bad7c4a68e6b2687a79

  • SHA256

    29db3786fbe047385499b1a65fd2c1b21f39448c116c5c0467669059ba418b0b

  • SHA512

    7a9581c7f91a21a92ae9a34d881b404239354941cb5f529efb8c13c97e17bdbc2175721a43009637a07a75ddb0c97406bed806c9c0c8a9094ab29cf149bd8363

  • SSDEEP

    384:nE+DHAfhG/E+oA5yN9cjHAQ/s5W88n1EWrwQnqpOYgjBrQLbydf/Z:nE+DHAfhG/E+oA5yN9cjH+5W88n1EWrH

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9106db443a70e1c3f161d847f9afe714_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1676
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1676 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2268

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e17e5c902737f52766d8223844e3cd09

    SHA1

    c463dfa7cf278f664cb67c63fea8d58be0802ca2

    SHA256

    8c4f24c21954fc6e011dfc88aa8cd41c468bc3a30815618ca798df92b3038660

    SHA512

    d1c394959b4d310c6106bdeead46eb1faf52bc037dd6f0a6de37b3dc04c4bb070620804c3f71cc6d1dddbb0ce0526adcd2bbb43cb2c96ee8d43db80f6222f43b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f5458696458980b71daf812e65f70e4

    SHA1

    db2a6ee85cf42c356087fb385f8c348419b82a23

    SHA256

    3e3f4f0d76293f9e95a782c6c216afee4deeb1f6a5ddf7f46da4f5442cea4e99

    SHA512

    c6753ace8b15035490325468b77a39762db96adcc7c4f3f1f33ac11d2b0680b8b3d5e6f9fd9c185557c77804266c848d433ac9b086ecdcfc9ca8aee58378931d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c4c211c6cfdb0680e5cfbd665067fbdf

    SHA1

    325558f5b6f2182f38aed969cc92322cfac83bff

    SHA256

    6aca1e1f4e1752905704cd7ef6fe13a32b72f812a7df9bbc56419102875ddc7c

    SHA512

    10f91dbfa4bc4b4b07360723bb85a1731c44b178f167af78604d824c83b5c4a2a61cc7768a491e050b7685c1ecc65b9fc96113ebe1a0867bfe1e2f007b60a033

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    86c7fc9c1dd6a88a7469f299653b4d02

    SHA1

    a1b8869f6b1a4f3c53c5b153d4d3ea065771f88c

    SHA256

    e34ee8ea4c2e581ad11148f7c0b22a4ab931bfc1e9e30572a6b59943770bb8c0

    SHA512

    3647e55d99aab5e4eba3f04a3aa6aaf1016ed16c05eecd0d0a60bc3ed85bd514ee0459039be158ed2cf7680cffa90199a27aa25467c675180fe7a5ed827913c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d1ebe485a961b65b971f256673bc06fa

    SHA1

    642f30343e3f1d765964cc296fd5a4fb49d8f616

    SHA256

    2401512bf6d7ef477dea2a962e719d7510ab78ea317095f00f708361ead5dbff

    SHA512

    825f5bbf648cb10108fa76e9f85e66e04be719204e863fe1bbec53d41047b2e0546cdc3ce767a1d9d8abfba0bb9ec3082dfb65c490ca08b6fd6b918383a4afba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c5732652fd146fc96aa91336c8df7381

    SHA1

    adfa2f85346327d37513d43251e43fce4d8099fb

    SHA256

    d6fe6b626cac32496cea2d0d547bc33feb35ab93614947e976fec5356a4c822f

    SHA512

    24e21b1fa751f9c094c43c453c72ae14a0ac30bcb966b370d208fb131dfff2a9b27c58561663a15a57873c6b9d3e422c3fe7b4115203f95978539a6b8409e53c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    30409d2834ba4dae3fb070767c5b7fc9

    SHA1

    340898c0446b3cb848d38e88df8a8c2ae0bdcbe6

    SHA256

    88d790dd553707e78b4bb91fe1ad08bf550444fdbf9d7eb7743547b21e0f3dc0

    SHA512

    d60d358b3f426f5348429a694fbcc3b4d300814a62251c4e96db448904a2858ef188ef9a481df9dba9b90654a8bac1943c01632723c588c66e821abe85c9d995

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0d62ba61900fc92436763bb7c850d661

    SHA1

    b5b55ef71688a3a9cb9fb1cb27e967ba48f12b2f

    SHA256

    919e9c058ce733593cd37b7468b13f38883124b0db488764c99757c9155bc398

    SHA512

    d40bfe3dd43da05ff22b2d7fd4ea00df3f2d40f527fa81be652eb179a8e8a19afa37eb0ce537066167d1c3a5cf09c5e163d01442084f0b382e66aac3f4a1ad04

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f976d1ae182f793e7a4f3a7c050d1ad1

    SHA1

    f07644d65f30879c75b215c0fcae72922d1e02a3

    SHA256

    0261a78e995d41a6136977ab1adcb9d1d962a9090e9ca0c230c239e09e11d72d

    SHA512

    e259866a493e09b6f7b08ba7f0de09d2bb80c5b6e4c76a11d3631d1b9ce0d943be8538b6892951fb40172ded3ffd1128c951df87c58d215a686b4e1c4e9ca0af

  • C:\Users\Admin\AppData\Local\Temp\Cab1BCA.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar1C60.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b