Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:02

General

  • Target

    910b294de5e6c54f03894bc575b3556c_JaffaCakes118.html

  • Size

    22KB

  • MD5

    910b294de5e6c54f03894bc575b3556c

  • SHA1

    ed6cda6473cd216b227eaef2a93da5e408004e70

  • SHA256

    3ff50a800befd0b97479cd462904752f1d11e9a5af069a5ee49660552e23b8e1

  • SHA512

    0efce2bf95a0a68ddb5f98c6505f706ad68ac974c9ba9d29d7236d70056854a2dd42a5ba9f3a930281b3ce553219de8c047f5b842aeec8ceea4808470ede02bb

  • SSDEEP

    192:RsXoVsAb5nDnQjLntQ/UnQieCnonQOkrntWZnQTbnQnQwR4SnQNjMmnFnQ7XnDn7:WXoSjQ/VNV

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\910b294de5e6c54f03894bc575b3556c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2248
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2248 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3064

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3ffc96e12577dd276052cebf7f517487

    SHA1

    03593954a59873dc58db1b7c8c8a45389c0716ac

    SHA256

    d80239b6f59c9f957f6987a6d2b3417ab4c9e0fb1366fc53866e9d9d08ed62fc

    SHA512

    367d0b7972e26cd0eedbfb602a1fcce45035df8716f0ba2cbd61ee71eeb9dbb9802cba89359e538336656a74864937821057e8a2591c90ddf3b386b3739370f8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0e046c983c3bacf2a5db3baecb2a57ad

    SHA1

    94b433d83089a4f2aba70f2401cbe586060343da

    SHA256

    8b95519616377c0982f51469c4c78fb91a5c9c87e994362affc42f50858a76fb

    SHA512

    0cc8d2c1caa169253bcc563f066a841db843b3d28af827863d4a1a942977e243dd20f390de2b66b1906c2463a4e65dd31b99d003de0859a31354cd314701b60e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e019c0f97500ba7044f26b0dc25de6a2

    SHA1

    6f35631b6fad5e17c25898312af50cadc1b740a7

    SHA256

    9a89b6538ca19e4b28b8b399dd2da7a494fa8588194780251f5481b541964905

    SHA512

    09ac5517e931afec1f0944caf3a6ee28c357ceca7e17064aee76a2876140955087b516be87f16106fb1eb08ce8f80a76294e7841bf98ae0d8bdc505a6a8274bf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c6b98e49f51d081787e54ca2642c03d5

    SHA1

    b3ce0a41998c31009c17d977afa82b181dbd0f84

    SHA256

    66a1e12560b96631d8f4e988a53bacb2e68238ddce5a3240bc9ec85bfa48b6f1

    SHA512

    46ba2c1dadc28c788b62326715f92fed93de4b8d5db1ac40c9c292cc955e02ef574a4426f9a230ad15fc22f11d67a06c3fa7ae9e3fbb292697a36e18622b7e36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6306143577b044bd0bbf1bae31a04fea

    SHA1

    194a6d97b1b87ea43bc4e8bc821c5528c37b85c1

    SHA256

    77f2b3a71cb117acfa00bd1e5b442f4bb872b0c4de24035449be5affe637bbc3

    SHA512

    a59f9b32e933280c4fae20ae7fae1e4f98bc2f2112fad521cd25124550938200c70f9ac4ed77c4df509fa76c9918aa0ac372d30810c15d8a4b87065439799ace

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a33f4b2ccb45201d6b6e82b0692744c2

    SHA1

    8a85f30b48288bb44bff54ddd3fa1f3f597e81b0

    SHA256

    4924c0f2cf3bb6f86b7a5fdc1b7324aafc24de7f7a7246eca25a702fe251d702

    SHA512

    7c31383547a6e0dc53f77d8619ec7219006a903681922edf1b3cbd5d826bf6be1ab10a0d71bb2e4fa006d83e8ce605da70161aa617784767b7060a9443f3a6d5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0bcc0985e4a2e5fcb341523efc60a50e

    SHA1

    2cf28c12d1031b528a77ebdd955009bc5d658545

    SHA256

    1709fbc28546a0f7a976ef31c528a43594aa88ebfac925ff433fd9c8187ba20b

    SHA512

    e1d19dc61179dbba39ed5979c61cadc5010fbe0e68b52ba93adaa37bee167f255695b9b5490d070f08aae4448e9f4f3ac215e043b094486445857f28bcc10b98

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    08a4969f0ddd1f334e1d410d0a7a8c6f

    SHA1

    04ab2ee1c2ec88035094fa94d43d4a41ee88ade9

    SHA256

    d80ad7be22401431a08ab3e4fc0343c3f4861631c87c24f6f35fb477f490eaa8

    SHA512

    f42d1abc06addcbcda0e61e2e9b81be58204d69f272f350f6adbc6e628faee01ac4d3da610ba3cbb80f0455e78b137bd4e8401a27db89f2d28b1806083128065

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    56f5f9ef61c838227d2386c41ba2fe4c

    SHA1

    25df9b234867c6560b526543b9301903c11fe1ad

    SHA256

    5a7494ce3246bc40cc106a1669c4333c2b624898117ded040336ba26aadebed1

    SHA512

    6f99d74886ad35f9e6201698320cc1020da2f5e76883d0e19b79b7e724b3879dc4f0fb710a1cc461259c07ee5200e4cf1ec3aad8c72739abb048b8cc94001f20

  • C:\Users\Admin\AppData\Local\Temp\Cab189.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar26A.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b