Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:01

General

  • Target

    9109dcfe7c35b11dff72e5ce7a2a11e6_JaffaCakes118.html

  • Size

    23KB

  • MD5

    9109dcfe7c35b11dff72e5ce7a2a11e6

  • SHA1

    85dbaaa3d09ba1e1fa58767badaef889b068f47c

  • SHA256

    e97831d0258fbb066445aaf52a8f14e5c17121b0f48eca6e48b6f53aa093c64f

  • SHA512

    567e6d8cba45d3dd5d9611e53cae83b3367caacc8f03cac4c1f4c4adf4ad3e7282d14b4498a268581192c95725a721532cd3a87cf32c4055a95d124d2c95d227

  • SSDEEP

    192:uWjYb5nFWnQjxn5Q/gnQieDNn2nQOkEnts+nQTbnxnQlCnQt7wMBjqnYnQ7tn4Y5:4Q/2lxi

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9109dcfe7c35b11dff72e5ce7a2a11e6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1240
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1240 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2168

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e0c7e9a92ded1e06d35e23d30316e758

    SHA1

    48460b35760473f7247cc654b734cba028a6e1df

    SHA256

    9ae8648b5cfd6a15d8f47109bae066e2508a0b54b3cad20e8dae2b69c4e0fc10

    SHA512

    ed382442766ce43638275487fedf5179508fdc4d801266594cdd151a09929260eba3fb997b584ff48ba52ce761cf35aba73041c3d466e4fc45a841c9b6d0b941

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ad1ced9d0d93d0877ea7629a8ada297f

    SHA1

    cc291801d497328a673e1c3979c5cb8f123d6a85

    SHA256

    383736dcf3349a1aaaec4b336efd75ca6f0caf1d4e6a87c3106979e79ba5bbca

    SHA512

    1de0d334ca30a2c944518256281bb48b4a85f44af148b28ed139f6ee8a9e57a7cf141d4ad037840bc6c4d2664a2e72be8fa8c8020293bf4e2a95bbda6ef5e99a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0dc222e2378beeac2576b409f0be0ba8

    SHA1

    aa06678e661c31f7550a69f8a09836788e4051d4

    SHA256

    cfd08072d1588057b543d6f2c405a8566ebaa22b90236c3847550dba58a93f0d

    SHA512

    2ecda216e87c0ed53a27e1c5ab0777752bcf8cfaed241d93434d54c85c0a5f88e1842dc79037cc26b5f409a79090e77e61498a7a336cb5a93bd65f105d9477c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b0681e1ba7ba5fbaab12401be3a0269e

    SHA1

    6a3443a200e818f23e5c0cbe888b83043b24ebfe

    SHA256

    86c1fb706aa05600b60d4273c8387083174e41cdf4d365561cc809e85b1b61d7

    SHA512

    ebb0f6d5a9ddfea4aa2f082c94f884b1c0c79c0b9178cd7213c67ee6f2cf6ff9e9447e24b90d315e65fc1e58fc9ed7f7a889f37b02882693c783bc2f00c072d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7836b08a2e072f95e06cb2ce3f1e9343

    SHA1

    ca33da0196958d094abaf44d259474d0eef0e1f2

    SHA256

    b621bc0b7bb534045fb6ce71142aed4c0d429405f6d6d6e6c1b624055983ae83

    SHA512

    6458d8bac92c18e9e50cc2d98716ca3c9e8dd3ccd67227553ec3cfa3fa5a4447d8ce9b3108a471bfd413a8863fb545a21616541357f5657e6fb02145fb552eb1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2d487b5a351c8124cbb45424d1eb0c5d

    SHA1

    ade67e850655e40a8849cdda959c1243fdd1e7c1

    SHA256

    cd7cdda997022e04cc0d95407123df80ae7a68f6e2d782ac2941511215930d28

    SHA512

    6f2d87bee929e8f730b8fbbbc2dac31ba99b35d573110ee4d50bed10a49ed1841c369f075ff87d7990879843a1ead799b5cff0ed7c08d2cddd741b68739d4224

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8c03c31bcdfb2a90a8f098d316861bd0

    SHA1

    9b5eacc5f726776d9d565348d36bb736573b3d8e

    SHA256

    b12ccf008ed87d395c55f5c11d8760f8ef8b8f67ef2330c611662d3ff7a9388d

    SHA512

    9fde18c60ae9dd015076b7d3f9122c034da0a45376755f9d458c0c575a1835b4069161fb69a6e9dbaced20b599a2074ae333d13f7ee6a04326cb6eb2a4e4357e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d26d6ff663454058ca249b54f74c4db1

    SHA1

    ae47bcb67143cea738e3242c781ddc6a4c6a42b5

    SHA256

    c33a9958ccea7b60a7004f30496c8368a5c408d01cc2a012d9b49a18f044fdc9

    SHA512

    8e2f8923b9c32827133bf10f14aa50873986e55553bf46a0b79c3e347df3b53a4cb30e6ba0dadc24923a69783a411a8e6e25a9cf997caa9ceff2b8a9f1e4a00f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7b82f7f0d0521c54a5a0fa25edf93296

    SHA1

    f6a8c752f3f1d6db751212ed0e55b4e38c35ab9a

    SHA256

    3917d03a8e3ed24cd9370f8039b1efc43f865f932a58b9d6f04bcc3b21eadb66

    SHA512

    5906cad9ae394f5b3229b93889894d5925fa1be32a5bd7a06b91aa0eaa241fca178772503b7a853c164768938a8baf4f3cdcb084c3540b7caf42a4177ddeacb2

  • C:\Users\Admin\AppData\Local\Temp\Cab311E.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Cab3190.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar31A5.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b