Analysis

  • max time kernel
    117s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:05

General

  • Target

    910d5bf4dc3b69d9475100aa5bc43745_JaffaCakes118.html

  • Size

    121KB

  • MD5

    910d5bf4dc3b69d9475100aa5bc43745

  • SHA1

    a7d4048682d1d11d3964e9c8e58f25f7aebe78e8

  • SHA256

    17005508921a5ab90f803cf9244239bc78c1a042109b42f22d220298c8ae9e11

  • SHA512

    ad8699d57c34e1814c640d710dcc241a7d44e9f558173852f5d7b89aca4c8a1294c3466754558ec7a5ac3900599d41f9f68acb56d1863e19d288aa701e9c825c

  • SSDEEP

    1536:ScIgyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBTOy9dGCW:ScIgyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\910d5bf4dc3b69d9475100aa5bc43745_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2952
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2952 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1148

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    28f77c647ebf036ef220e1e6c0dd2ec5

    SHA1

    b0452fc11144cfc572368b2c9944b6fd04d6b11b

    SHA256

    1245224e2f1c8effc37ad6fb73257a8fe6b6e05f83509198d06f7dedbdd0a511

    SHA512

    8f63a568add4274a6ebfbaa3f282d57dd95d0a5ffafc9e2f85e4d9795578d6ad8102012402ec443e25c7a0260d2e08933bfe247d7cd3ebf011d557fa877ef378

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d6c95b1039ee19beed80a2fc9329a1a4

    SHA1

    129e13934663ebb78a966e86feeacbdc56cb5322

    SHA256

    1d7a337149a7108b94d562c304b483b2fd4e158bd0848aa0afda37e0a984d101

    SHA512

    be8eac8a0c8d6b3d104e4b8c8a918ed726543e2166a721a3e2fe1f9a218a317ffb49773280e4a71f9edf1d5081d5b3d3e2ef00ff87e448500cbc2d7542c05d39

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    af193381c97b77358f2fb842311bfad9

    SHA1

    af1d713685a5903487edf66095980603649bdc1f

    SHA256

    8bedaa3f4a6cb58b94cb5183f8f36df47431a16e1159e63d1f59d462d704b972

    SHA512

    23a88df52846e0efbc524044dc207fdc54a53fc00bfe8f4bbaa044238ea08ff7d7a1c8985033e5c4731c237fea2b47c911b5bb70070fd77843c1670dfba80578

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9947be51db2184e04deed8ed3f609fdb

    SHA1

    23c2b945d0b2bb5bc82f69538ad08b483ea8d2c1

    SHA256

    efe580d59cee034be38ab9451981c9b114ca8ca2155d9153880167a0c5e8da96

    SHA512

    10219a932c5bc62c6374c23b15caa52f0c26804d940c3d6a5b96ce0dba757ee7d9edaa99338ce56c8877dba591d46bacf6f69ac6b37919ca83576f5cbe943df9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b0c3e38e8fc925334213067835df5dbc

    SHA1

    64ce4b4627bf9b802bb4772b1baf55ce77ac96f0

    SHA256

    b4e35329dfe3c0bb5d9d8a308787b4128e33e6a7c7dcf9e60fae293a00490cde

    SHA512

    c73369afbf898455ec8beb0e749885daa1f47cfd12a598b753ae137564533518610f893392c4757e0ea322bc2fb8a090636e5376ec66298dfbb4e34f55133b9c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    333d488aca3ab1229a0df1e4cdba7549

    SHA1

    46bb693d668ef88961b0974bee46391a22bc0536

    SHA256

    5a25aead3a1afed35815c80f09b42f7be95dd0916c5425e522faa2cac71b4e84

    SHA512

    77132f121bb2dffbbb091038def8a3fc9f618d0be0139e868d96405707e0983016bbeed81dc15889ed10834db68204479893c625bdba7349ea4bd15ce987635f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    675ef7018031a7c8a22a594256c1db5a

    SHA1

    71b0ea640cf23ea8878a2fd8fc90b02d3ba902b6

    SHA256

    f63aa0a0936bda6430c4044b3a8ff3a726043aa418bd9368613d5ebff88685e4

    SHA512

    d41220c90ca3d4c7d992bcff76237ad29e419c61893dd81e29de50e22cee0a574b7ffaf41c2521450bce36f65ef5df1235175f6773a61c2062c7e5b3853b563c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3e9b27c5c8501881fdd6d7c5867ee7e7

    SHA1

    64ef56fd6887e859ae07dba9498a62a0cbd90cfd

    SHA256

    f06eb7be8fc45eedd8bdf7d1f49f1d00b76d41fbae9bd54de047606939ebbac1

    SHA512

    d7e5f90bdd7658e5cf3786c66a63b00ebcdb838e4ad1b2bc9cd4e282edec138bff8953e37fa4506f34f92e4701a6b146dc09cc980cc037ec7448616b24af1852

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    40cac5cc0cea490757b61e6518388992

    SHA1

    01746dcdfb0414da25be96b26ac830ead633145b

    SHA256

    a49b4c4124520ee6e7c579de2fbe5cef70c80e11dc47326d7fa8ce734f3b9990

    SHA512

    e1f512481c06fe9430c52ec6bb487d19d93330d3e4f686ccc7a7dc1fba5767bf1d809b1d61206b6df97168a22989963ac8f44e8bcf72196b7f7812401170e253

  • C:\Users\Admin\AppData\Local\Temp\Cab3871.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Cab38F0.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar3914.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b