Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:00

General

  • Target

    91095363e9285ad38544796df3745683_JaffaCakes118.html

  • Size

    28KB

  • MD5

    91095363e9285ad38544796df3745683

  • SHA1

    7846d7c0b976e01cc4160a2d54ed3ab1c51c3214

  • SHA256

    7eb2cac0b0755d8726d4ef2d1c1dca0b38dd0241745dbfa2e68bd7e10ec248a9

  • SHA512

    cf328266412d7740b53a8d1c23f61eeb63dcc84758e54790e1f711f773765565a71f1f9e9cb0f145314d2bc390c79807b7a25b65e658bd4e815526bb31434a8d

  • SSDEEP

    192:uwcJnw9S906Bb5nnT/4uV/O4fhEk3XjBnQjxn5Q/BFnQiedkNnbpKnQOkEntL5me:bQ/EV6EsGkSB

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91095363e9285ad38544796df3745683_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2188
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2188 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2580

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    2701c0c392e600b47b3c9139dd40c28d

    SHA1

    e417a84bbdae04118c611b3e661ff5e788576cd2

    SHA256

    fb3143e15bbb10c6c9b4fe28ab136bddad565d6ac32cd9f3f5c4d674aee5e53c

    SHA512

    ad862cb3b85943dbc75585cd81520fb3bd8b0b0e2b67931a5fc3479763f1df6a6e4f0b760632d1064d6b24e9db56926d046472fc508c37781961c3fb94bd97b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    dd0d57863964ddde0b3a7facd6b6c946

    SHA1

    59b26cd6d4575c4060250137cf49af771bd733b4

    SHA256

    4e7fcaa4d5a6101c574f803fd35fbce9bfa7c45dee59c3eeb91c137170f4556f

    SHA512

    3dd39329b9f272ad4257dec1d2c46780f168bcbb229e3a2d589816a5577a6a3506cb4664a2f174cf99c0ad5fe17a1c5d9e0f21a2c5fe988496fa16af78c29136

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    78fb85693271111a29fb5229f297375f

    SHA1

    ea0d311d1ad793ed5d2a993099f73e57fb8a2d82

    SHA256

    f65fa26da51496260744531585ce9cc549a34a91887a46a1c87e56d16455121a

    SHA512

    181dc9f67451a3777ff7e4e0e6ffba7d29e434ce2b2b75c93eb89344b70abdbcc513be41fc96602aa129990d8035a61e3ad4c234b8b419ef9c7c8e3f69b12110

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    0598d25ef33ef388e899fd33c01b0047

    SHA1

    073695be9b420a29331a4c68165e26809f260e8a

    SHA256

    956e5727883cf4257a2d7e6d9565eb808459c5ffad4161384d6275e1368ec3f7

    SHA512

    5286752c59fd80738ce3882fe816b807b7dcc5a3b885e587533307e264a3a370e76319ff81ff9281dd047f4b9390f3db7771045f89ce76383f49aa7c720719cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    fbd90feb9ea1b6b1900db1e95b472409

    SHA1

    9337adcbc79ecf886216361b7b3f46c0a74e6a02

    SHA256

    39d5c2e4ee843d13d0bf7df930192aacd9148f2c5c3287cb791db38ed5bcb48e

    SHA512

    727e626c4ea16d4378a4e181e704633763967b93a7efd08f45a3e284d87f46d9ac7f510c2685dcf556be0a0aec30f8d803d6fb9746a5166e736c9d3a249664d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    7a3d9967da90197986575414d590a69f

    SHA1

    a2dda5152e9a02326f331a4748ba0b043ecc459d

    SHA256

    65b18c863937bd483c485bd00f67d4856e6baee7b0cef1d3c3f30d6fe69069ad

    SHA512

    1546b974b1e5373930be09ac998c3e11ce8676e3ad1a1372a12831d7b1939d8273d5a96aee8866725c7f630418ecf994bf4b93429ec1d1842ad2de2b49db894e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    d146f655eb84d828aa9d6d9429eda80f

    SHA1

    5a684f950ea1035c416144885843a096904c25b6

    SHA256

    c22ea08ddb36da0e2de004d5fce9e573900130ce84755654624e5895f1f83c60

    SHA512

    4fabdb7066fa80388678a6044c0fe9b2685ee6a05da9cd943febb8c928dd2277da885ac21d26b24d84a5f74d3ba2d2cfb2614ccb217f2ea1d562880863317551

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    0d7b7081ffb522dc820dbaf1785dc9fd

    SHA1

    1f7e09f8594d00089227e2061e8c50c00df282d7

    SHA256

    532480b85b78fe4518de56e7136443769cb9d6721854a6d9a398a605ece8a138

    SHA512

    5a05565a4cb3ea86af4c87a8a5c95a52f27a4c3dadcdc8a85b86be11f9c64eae7134616f713e5112691c660faa15d6411b7ac55e51b9dcec93bcdbf3049190dc

  • C:\Users\Admin\AppData\Local\Temp\Cab147C.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar14F1.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b