Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:04

General

  • Target

    910c99c5bcb58c0a085638c6807574a5_JaffaCakes118.html

  • Size

    31KB

  • MD5

    910c99c5bcb58c0a085638c6807574a5

  • SHA1

    8d82685eba04dba185264cc4248b0cdb781b3361

  • SHA256

    75c11e22707e572262a45326200852bb39f32dc719255e2c3121964f718ab2d5

  • SHA512

    1700a7300ee5e2536410ffabc636747180b021f1021ac65cc76a5d080f78ae91dbe7fa4a539926f6307021ac4f3fcde83545b5c61bc2ffce860e0cf88ba94e07

  • SSDEEP

    192:uWvnb5nwpnQjxn5Q/rnQieSNnCnQOkEntttnQTbnlnQ4MCgAxRyFLqDxcYLujZQn:RQ/VekyFuVpLkZQiKJqCyOD

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\910c99c5bcb58c0a085638c6807574a5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2140
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2140 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2180

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d7e3c18b96cf03c945b1e159e2927293

    SHA1

    0bab4f5847fbafe4cfe0719c5452df5929c0871a

    SHA256

    f6019f48f216bf955e3c682a4bf69fa7467bf3aeecc8af0e3e4c447cae7da637

    SHA512

    ea9eb734165ccea369168451f548933367274775b980717b774dfef596fbf5b98cc404f8d8ba6eca1b9f49ccb3d0d7f3b1b8ca56c2e59d718bed979b4ff5ded6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dfd90e38a09682c3902f0525d0fd3020

    SHA1

    f5a3c3400b5ebe3e1962d5c04daf279a58de398a

    SHA256

    a94b1e91c3945860590a6046510492b21aa14109e9ec660f2c74e8276322a8a9

    SHA512

    298bbd9dabe713ff1c0ef21e415fd07598f6d3bd69fc6a3a6897e5f2979fcf3fc572421565ff019ed95238870834cdffafc49930a5cedf9bdd902bd0320492a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c236d8c552f4aa18c89c8190bd11b629

    SHA1

    28cd42b46b9ac34b89cbe1ab683e3bec7d628fcc

    SHA256

    f9675c82b38ec10b4f83d4233f4f27760432e2227a4212fe27c265d75b2f1402

    SHA512

    6b8d97678a3b7054fa4b7fbe49c6307adfafaa7efb82853b1eed13fd9c4c814903576b8f420b8926a53bc9122b3d49ccdab09299a744d8287e4419db70687694

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8185aa62cfe52d633e8781eb2d75e684

    SHA1

    ea66bfd3f67d13e2f185f81ad0e95854a8b2c927

    SHA256

    6e9b0ddcb07ddd43db24ee0bdf38c66cc595ad149297fab9157618c1e3c359b3

    SHA512

    bd8b01dd42befda2df67213280dc590fa753f385da38601f38cf33ef780b9d99d31778649157573b4479b5dc658245a1b01f98e73d7778f44363f5d9c1fc9568

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    20b91492e4d0d01eecc463580fd63510

    SHA1

    e78780821011d66572d52a9d2c525f3eacc962c7

    SHA256

    e13a1d8ad35c4415f3a0788059edd7c3258a99a374b8026544c2ebb8b2d87ee0

    SHA512

    89054a05ba06713124a02fd219db80ee2ad614574665e3e633d7d93b05398767162ec9071624c73433c6b6d54fd5ccbb6d00b225b5cf4d5e70d33dfec78959a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b22f1de0c17004fd852190c1e40b13cc

    SHA1

    87a7ecd26ef5a6e95da5d8ca2bcff21b98ea4891

    SHA256

    e8f348d0f882e153cc908db52b9ace69e9bdf41da71ba63dffa595aa04bef548

    SHA512

    2e6e11b580c9b54867715739eadb7a2da9624c24a6830b3a1f93e71ae1bc97d292613fb280c8cde2a9cceda968ad2007eaa0e30a548cddc10de1ff8784960524

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8169f11d9a5288615798caff7a437e23

    SHA1

    7693ec758595484592c706e4567972cd31167934

    SHA256

    68387dbff2768ee5a54c1489c896be7b1d068a0371f4c60eda8588386023a068

    SHA512

    d9ec6d54097fcd198ba105b6488ccce883c7542466cea7aad083e392619927190d8a5e6ba2e38723d1a7922852f3aedadef3af1e5c1a25fd278701157fd233aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    388ca987e5c7f7dde89379e2769f5023

    SHA1

    2555b831c5ded7b3473006348a530ee8a260f58e

    SHA256

    4d8d0dd33fd64accd7cc655b797c4ffe6936db853f8fcfa5eee4ac4d926a521a

    SHA512

    0265868c631e7ad6c0892eeddb6a9568f03efee0abc5b304fc7b603d58e636b6a04c37830f641380da43914664ae26491457aefeb352617acc8e02672639f2ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    af949da2e4f0d2501e6a83a0bf3563c8

    SHA1

    da301b29eb9028f64d35a07193518a0cd3834bcc

    SHA256

    27e4986521c56c4b4068775ff450068c45b6f96504075632f5e15199d8e305cd

    SHA512

    398859f67eaefd426497cb0c01bb4148ae52f1e3b72a60f8ff9f57e7c3649148486710486af9552e3410340541a3239d467e15540fe55790113c4fc159d1ba69

  • C:\Users\Admin\AppData\Local\Temp\Cab15F3.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar1696.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b