Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:00

General

  • Target

    910962a904592bd9517c46f0700b8c69_JaffaCakes118.html

  • Size

    27KB

  • MD5

    910962a904592bd9517c46f0700b8c69

  • SHA1

    0d237721425b3fae3d9515cf9c987539dbcdc8ba

  • SHA256

    0cda18b00cdb031868d0c4899ff0853b0ca2c167295d820452d203bf70cba6f5

  • SHA512

    01ea6013cc128b7038a31b21e55ddb0300cb6727230e81f2a12afaf66a99a6852c151ec5548e65c93a093cad197249298e8d6f36344992139061b68e6afaca9c

  • SSDEEP

    192:uwPgb5nUenQjxn5Q/bnQieKNntnQOkEntZ5nQTbnxnQ9ecGm601qIQl7MBqqnYnW:NQ/fZuiqbSEHw

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\910962a904592bd9517c46f0700b8c69_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1656
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1656 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2884

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    680eabcee700705d2b09b95efc6d481e

    SHA1

    46df137ef787578178f67539a83d036fee016fcf

    SHA256

    96dbe1fefe25d8c33702530a768d048ab1dc77e8f684415407ff03ef0a010fc0

    SHA512

    1b2e5bca4888b29a85dad513ddfa99104fd3639a70cfaf5e4bdd237a02b171d3174afacc52bcf4429bd9ba622009f3ac32f81266cfea02c786afd34b1c9a430c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b9dda7d4087fc15f454d9c2fb1e81803

    SHA1

    4ddc63b90ecd76bad47fd1793d3e9799347155d5

    SHA256

    78f218505cbd40c7981b3a0e40fb63b8e17292862412f8733a924e44d757f144

    SHA512

    d3c0d882ba9ebaceb2bf707103136c69f402aedad5d85ad630bf747870f1bf71e6a7761750d0d02c5dd1408132d0478e95abcd88963eabafefea89ccd3b0ca7a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    84d9edb5a612ea966939c62c0892d3d5

    SHA1

    fbe47844b09fdfb3fce1f426620c31f14096aaea

    SHA256

    09464d952a4521ea5d0adc4bd03b96ce64efe7ea37fce08adf65351d7973d376

    SHA512

    7e62b06c12356f63139a2c97f61f2e872bcc6a64d4c17e0e7de12bcb36c8147946f7b19956974c23677016b0ec3fa9d739d528f7a4dae807d01ad1b8551486d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7a52ba81bd393e476c00cbba7e4bf07d

    SHA1

    85731017e5a3b215f360d629e285a9325d907a8b

    SHA256

    9803e48459d5c28b24c78f61231b8747e3c6fe07349f5c5f4cdf40c924cfa822

    SHA512

    cba4d0ef2c368d21dc6d20d9e91be14b47102effb6ba70c0c9ec4286b88af5c0be4564137b19884d5696abf81eedd78211f7dc932fbe630c6eb4f168378755e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a9609c2acfced22c237704cc4854a9ef

    SHA1

    6f558a60c98132724d0e094e5286eab73e72a4d6

    SHA256

    2608673097bb846a12e49989bc2e9d5e2c277463afde0a0f6829b18884b78b86

    SHA512

    32bb1b049da3a0a597c618642a0cdf302373a81aa22fd713e44d84245eb2ca4f6693d10fe62af6a418d0464ccceca1206dc8d223d93efeda6d10c69aec9b1aa0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    79dee85ec270cf1d15c835f02d4aa9f9

    SHA1

    a6e24705173a2470334084acb7079bdfd9568d4a

    SHA256

    d5051a8bdcfaa7e2fa8c79d77964f84a8ddcf817b5d65cd62031733b0b6ea403

    SHA512

    26e385baa93ab799d9feb112e3ad13bc68dcf593688cfab39628f14de4c3345d2c388483ce6e832eb1be78d154a0227521a9f6f9410c5271baa8c30cdb337ae8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a01d0e0837ce6aab189c49e53b952f9

    SHA1

    0169e5bb6c974eaff1ccf9c68ca022df794ee7e8

    SHA256

    fb2130f0ca2e645dfc9722e84531d4baee3a9479d3869f58acb78c170cbad0f2

    SHA512

    7021f8df1311756bdd72adc61de74b3770367c4c12272a068b6465a39df4fe06b0990f1054ddfde1f35e060de51864137c991daf799a764afb2f5fd072afd1ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    406e17f6c39ee757cab56c4ee90b57b5

    SHA1

    19e502f7f16860e0d36d8600e9b445d2d3ebd49e

    SHA256

    6577b1ecd0bec59ddfa5848a5c1b0cbbd4cb252d2d47c38de9efb2dbe294be85

    SHA512

    8d046bc7047fa88e75a5afaf0319a1c29a28f9e857e27f459316934dd586b379b8a9b9395e8341c48b592f7635448e03565e41f07773921e55f817c16bc2b93e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    29777c5cc456a547c44e0d1cf24a1753

    SHA1

    5ae7f3cd3826c2fb3ec021bce93fc3640e22b78e

    SHA256

    5a479bca970508bae7c0df0de0657df5ef6986f942508a1d3f1e5a729cc4861c

    SHA512

    ce6a4e6a61d86133c1438f1310b99a2b2cffdcb83b31d17032040ba0fc1b41d8747f38fa12815b83c022144029abd5f87afb9474d9aee5e2d19c52b21719a594

  • C:\Users\Admin\AppData\Local\Temp\Cab1BCA.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar1CCD.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b