Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 07:58

General

  • Target

    91080b28bf2463a41ed21ad71eae3d09_JaffaCakes118.html

  • Size

    28KB

  • MD5

    91080b28bf2463a41ed21ad71eae3d09

  • SHA1

    d934c64196e4bd1c4722bed715099eb706b14414

  • SHA256

    ff66553f4c11db90320a774585242a462f05d5dfb2d259168f07a97ede79e8fd

  • SHA512

    e295f587dc3c28168bc2b805292bfefce32e2ac3284981c2c255b536f0af393d9557ef7d5e53a9265ad64b91636b0c52ac7e2aad713753b83ff1443089f59171

  • SSDEEP

    192:uw/8b5nHsF0nQjxn5Q/3nQieWNnXnQOkEntxJnQTbnVnQ9eY+m6/5gOVXQl7MB2s:vQ/pB2RgOgSr

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91080b28bf2463a41ed21ad71eae3d09_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2400
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2400 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2616

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    9cb47d8a3d7ead1f5626c0b4f820be58

    SHA1

    2da1688fd1a6b83754d941c5b85cda4de6e6a1a4

    SHA256

    a97bfb525f73f24d1e553ba7b353417751903f1be8ce632af897b3ceb242131e

    SHA512

    b745ed1a810c967dc77ab23ecabdf7b22dde5eb66a1b3984fb6f44101b9a0d7749e7cd6920d91c900fd94d6a87776c21ab40eb4a8bca98a427944fa164ce0b95

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    f46c865252f7a73fac2b039c2cf82035

    SHA1

    032a0ad16382a23c5690b8ba9cd41896d4a5a7ed

    SHA256

    f5741df1014e69bc7b552e01a579d59aacdeb81354cb9fcc9176fc51b9d47627

    SHA512

    979431b7f28a78cf1c6edf428dc3a275a5120995f3e84aace3274f24688dbd5fc03162cd2e6a5a204007ab3932a040e36907a303bfd1ec02695d9454925fa647

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    cc15c11dcc4ca2c8480ad582b83a079f

    SHA1

    cc5b2787187b11617a9df2feeb95b3606c3dd1b7

    SHA256

    a54d23d28b7438ffcc763ec0c8106815053daf6b0e893ba79146e8c9cdd57e44

    SHA512

    c9f2f7a1f947b8ea002cef71be888538f4c2567e629386e884a7dc831dd80937be689af2652834fda9f1550a3fe9e50e22b8997adb42b681a8014851fd160dc4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    bedcec9bcadc22984c9ce18eafefe995

    SHA1

    bec620f5eac3c2f8e816a20e309671af6af1da70

    SHA256

    8a0f602eb68709d47d6d4a5e1e51d53e842b493fa40821604cae8eebed23f7d6

    SHA512

    1903f09c70b0c1a8e8469b4c088e26b72d47874cde6d3fde187a9951f2910ba1f1257d2dd45922e509bc449f0b5758fe8b142cd27b879157122c6527546eb61c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    b09ef88dee0b64356c791cf077fc8975

    SHA1

    0337cf5e1b93c1b4464a6a943940fa691cb78fe8

    SHA256

    abb90908de700a9742d6394ee6ebdba0d45faa295425707863a1b19eda9c5dcf

    SHA512

    640444bd0d0342a2ea6ed342862f9e981725748dd22c8cd01724d327978c3081f94cf26ae4a4965fcb13428699db54e8a6a81b970966e9a5238816655cbbfc7d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    addb5a4c2eaabb25155432baa2ee077d

    SHA1

    205c90cf2f98e2d0cc5455669742c2ee5ec87b73

    SHA256

    4515ac2989dfb2ef48c381f05aaa15616f2a088777092b4ea201a1054f7ca11b

    SHA512

    fb77524989e2fab1eacdc2478758e085d38dba42b6377a04aa04dd236fa7f89c726a81b261e1c9db390cd812e77bab6a5d817d0ffeca33d4ec3b1f5a1d337427

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    464144f5d4927860faee942e11e83f4c

    SHA1

    45c7986d2014968f83566dbe64a609470b778a0c

    SHA256

    5456ec4537f19611857a4f10cdc7b377e6bfa166bd5e2ebb391e25ee31f36842

    SHA512

    143fd895511389b6d675225f17d06d75b011a7681f8b05b3cf2db69d2f2c8efba4ec0d0717402ce509225e32db97219f541c7edc082b68599f6bcf502ba2384e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    2cb755aa91874dd810a65838bbe33fb7

    SHA1

    aab3831816f61c12d8af90a688ad807e88ad4d06

    SHA256

    e2be72437f36410346629c87236c87b651d7a04eb1de63d7eeb6c153f4e67411

    SHA512

    ef1cfe86542a8bb919100acaf3208346d6ade976c4b82bf40a91001e0e69c0c3f4bbf1b0712189dbbccb6222c242384381e80267d27b7431f71142b1f1ce1b7f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    726675ffbb40b251e4830a08d242e42a

    SHA1

    368a05370bf757982a1bf25c55747460dcf76406

    SHA256

    abf8b2c9668ee3db2031d454ccc31c08df63552b1c5fd3d635ae2a18b709fa36

    SHA512

    ded714c6b52acef9310ffd265335e958474acfda501d4422961121a08d80d560625cbf4970916ce8db47d898ea16d5479b602dd034cae3b90484d454713afdd4

  • C:\Users\Admin\AppData\Local\Temp\Cab26D4.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Cab2762.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar2777.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b