Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:03

General

  • Target

    910bfd8450827dd5241007bf6d4b5e8e_JaffaCakes118.html

  • Size

    19KB

  • MD5

    910bfd8450827dd5241007bf6d4b5e8e

  • SHA1

    3805cf7d00e047874b0d0d6d19f7fcd9c84a28f4

  • SHA256

    f617c378e6ecb853d5a09da23f85ac76bb9769b77a20dd54d53f4a543c070ca8

  • SHA512

    ef0661b30f7a91bed2da454fa62418b8f4c0a83ac1f9fb396341c5636e597f01a7d5168376c4a16688d5efb77bee94d773a1d0c2c02b2472159f09541aaf1ae3

  • SSDEEP

    192:uwrIb5nJATnQjxn5Q/VnQieQNn2nQOkEntvTnQTbnRnQmSgHMBwqnYnQ5xNnlnQu:cQ//qSQkw

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\910bfd8450827dd5241007bf6d4b5e8e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1652
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1652 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2172

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e622a112ff2d0799fdffe1590345bc1

    SHA1

    cf8cfbd001b236d2ef7eb549db345b9618ad3743

    SHA256

    41c6a99d90c5e7b57d19a1e286f288f909c4b85cad014e3b44a95a96c0ce724a

    SHA512

    ca0e6b021a633e357b8404e7ed20738f676fbc85843b8bd439e60e2c2fd1f7ad40a154d31f079f176ec8b050f27ef7303c1d7f249b736b95cd2c87af80d01928

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4bf7ed388d3b3c09f04ccffa6d175332

    SHA1

    d28f49eceb9a18c171cd0b44c9bfd42bbc1581f2

    SHA256

    0fdcbae44ddf5bc6416038c98bb34bcc8c6f677ee6e673d2340a1ded8f27e206

    SHA512

    0ad83c666a8499a7a1c2f804f502c0582a2b7a60dd8894f1f1b3b16df08b64568de8b0cd16eb74c5823f6dfc6b8b417db80d558f90191177ed700fbd2d78c80f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b4059241b2d8a267054869edc5b2770

    SHA1

    308b8e02866beea85979f6569813cda0b7d1fa46

    SHA256

    02450142c976aebe40c33bc97a3fd81218a72b417f236330ffd86beeab2a3b4d

    SHA512

    e355d963fc5134f6b3525b16d9a44a23d7891b40a7b7f01bf6283c555342296c6a29d7939e305bcf5c28a496dc66b58142326ddd12bd243a708272f1971f822b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5c3820e20cd73c767a573c8f06048f0b

    SHA1

    1910b0f7a2ccf9f4a4fddb7dd167369c566d1159

    SHA256

    35d273084ee3a87984acd23dd5de5137a5f67a066f752d5dc699d11dfd881593

    SHA512

    ce2ab7dd4662873a5b446e9ea1a4adf3c70017c02ca19a5e8b530a11ec77f4c4d14ca285c6de6109e6ffe93b51d039cc47ba63e39e42ac8a164132b4cd10fc58

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c0b60d4224ce9ad07b1ef6400ba804c6

    SHA1

    352d0f18bc09e746846f06732a8553d928c41e04

    SHA256

    c9e5250356b1708e8a520a3e1fe6ac1709447ae490a9475a30c5813b1e4642b3

    SHA512

    d28b9cbf807ca71dead40b98af8c07c845aa1d53f78e5cba4329d4aa689b07405ac5b151386c77aecf2a88b00ee9f46bfd35fa27647c3985c53dff714f01d7d1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a054dbcdf18137a9132134f96931b12c

    SHA1

    ebac66bb4d6095aa2204fc27ef4d502c1f4d0b93

    SHA256

    a32cdecd8b0a0fe018c29c9dc3f23c50d979a7b092184c23e67e64a9df7b6f8c

    SHA512

    bcb590adeb58e3984c8c1f8ae7ac978314464158d23625b6e2e5933b80420af7ae96ef9e7956f5d06e7918c915fcb2f291d9d6943e8908d768287e6b0a1743c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c79c312a7f3f0d1c7298827f4c04fe3

    SHA1

    d64444ac9338a77edaa476cd05c2d65d44def82e

    SHA256

    3803f132e0a948340c55d621c7499ba0e5ff1e69ebb4b290edfcde8a3717f314

    SHA512

    4d1cd58ec9d81751435bbf78987f245ac2383bcce3e54c74c6da7facf795ecb7469cb803fb9ac7f278c66d71a5f7fea4daddcdd4e68092f627d78af731c6d534

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d2fe6e3d85ca3efaa385d60cde15428

    SHA1

    d2f60f5a0edbb8a2571d102a821d526956259c95

    SHA256

    9bad38eb7faa72ee8def1a861e73c52b38b3d9579c920d2a367191d6233ad4ea

    SHA512

    b2951dc61703f172154883799f35198999445d9e3bc4f6ad79e91eb1eeffc2113ce51fe3ad26b879a06e24d6b971bdfc7fa8e5aeec55c641120cdf1b229d0f73

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5715eb1379564acbc083aa961125bb28

    SHA1

    e691eaa8d1c72db3d22438f71dec2f29aa928042

    SHA256

    ef8e6edaae4806b7bafca94cdeaac9c645c8b32c7d3d2fcf1d17f7e984860728

    SHA512

    96024437e177168c130f2c29ffd4ee7af55aa6a57bde0a2a6a450b1a2b94200662defdd81d688ba95e59f3967fb4d43c2fc34133925a358cdf4d0f198113d6f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d9c38665f12c687f86a0d5508b48ca7b

    SHA1

    d66285a6325a047761102b4941c16c3283f0fb30

    SHA256

    0f6f8e88349dfb27fcbe0a1b7d41a21979894ceff4f2197637d0e4b0c008be1d

    SHA512

    8b990be6fe14df335748f674c3ed5870785cfaff2972606f6254f344cafeb4bbfc1185d144f43e2274df522761ed4432a3900a98a8575c4d6dd62021a73ab5eb

  • C:\Users\Admin\AppData\Local\Temp\Cab1E9A.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar2046.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b