Analysis

  • max time kernel
    148s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:04

General

  • Target

    910cd2cf60157940b39fef6311e65f23_JaffaCakes118.html

  • Size

    19KB

  • MD5

    910cd2cf60157940b39fef6311e65f23

  • SHA1

    a2f80fce024d5de9a11a2805c77f97a809fa9f20

  • SHA256

    ce995f3661dab19b71e276d80b252c61ccc53903b412727a84b9c30e7730a461

  • SHA512

    2fd8bb9f50ed5a26685a5a87adb55f7b86e5a53de5e0c7b236cf0b80e3ae8453b4c4d0ec096d4d7ea2e3472b7a8a8272b7c7933eabe0c17e1eae474dda37c853

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAIZ43zUnjBhZD82qDB8:SIMd0I5nvHBsvZ4xDB8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\910cd2cf60157940b39fef6311e65f23_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2204
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2204 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2488

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2094fc30d85ced7e6813fd864c7a8d9c

    SHA1

    c9a3659bfceb4508db260476819279b2a9883a19

    SHA256

    7570ec058b026f02be127eb81ac6c1746341e2f0aa5503a87da15dc6f83e9cfc

    SHA512

    01348923c0e2ddb8539149b20ce23523342a65d77fa70335ce71a8680745ae26cb0849339c637613440c08a0a33aabd0cb7051994ac7b15af1c79c4c84dfc85e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fa600dfdc0a5d55fe93667f58b6d78e4

    SHA1

    2518cd88e0d750f8f86172eb1d6335ec86e31df9

    SHA256

    72611f77631c8d4669e885aafde8ff886cf062fbdc3f3ff730e5038cee5fd639

    SHA512

    fdd7347de1d7ed6df99fa0949e8000e8ec0037caca95001fa7b14b9d5b29d509944bee5a897d84b8560acef049cbdf702bb37e6b9dccb59f5d8dfb465cd37adb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3a30ae0bb64a81f84ad52a3553a72367

    SHA1

    a70544b54e5321b46f89c263b5392a50b97d8051

    SHA256

    472af63c0198a6bb0a8570afc1f3a05d591de2b3fb985a8922e86f48a62fde07

    SHA512

    22c30621b732f19789226ee104bbd999666996e699c120aa77d3d69f35ce4b41f769175012087989ed73170f64363bb8251a7157df4d97fe66d575b4b18db98f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    346fb2d98b4b4b3f20f8a3764fdc5e81

    SHA1

    ca2b082df62b35dc7948a845a9a57bbbaaf7ab08

    SHA256

    4442e42ab189022ca349276dc05ce230c8276ab4a6daaf3a886ccd8ab3b6175c

    SHA512

    77b37c86d95e47252a0a553afa394bb344ea3046cc7a28481be163f702e1d2009047b6fe4a55d43bf4aadc8262b9c25e1249e311af997b197a85b3077f12f511

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b92751070d13dbe865b45d2a664a89ff

    SHA1

    b0cccfc3a7eb2d069ebe62aca167b400470cc694

    SHA256

    87f0a9656a6633844eaf4b382508737d5ff6b9c69ce5f52f4890ae007f8fb6d0

    SHA512

    ca71efec0ba561503428500591d00efbc5c37156ba9418f1d432d434fed749987396c2fdb7f0aa3cb08f3af47569a74b98867132e52c5b26bbd7cb7f8dfcbaeb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    35acb112466476173f1e7efcb02d10f0

    SHA1

    55d21e15272efb6dcc361da9ece3b25367c91459

    SHA256

    86f44e0096bdd7b4b5130afb94b1af3c7484a8fda17140384ded21385cf8e4cd

    SHA512

    4b9fca2b726d793819f8c9bd2358da1dcf35399f6c8b11eb676e2f0de4d233312156a2a4ada033fc3ce2614c29d1c5349931304a84e48df8ff646820da9c90a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4b90a78f4e0996c0c888c10e7e241ed5

    SHA1

    2bf07b2ce58fb22e935059a0460201fcde0d6b25

    SHA256

    4bb4053b30ad3a7569039efc8da885f4c29b0160fb7c5ebdb56bce911708b796

    SHA512

    eafcf8a014bf169d77160b3425e88542d13de58903386496c5c01c71686880195aa090ce48da7125a0563a1f5748ad96f790821f8ce43a8565cc0e5dc69d97c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9ca8593655e71484b4bfa9d89611ea35

    SHA1

    419396f9e4f0fc285231b9f6b37b0756a132d707

    SHA256

    46ebdad8c5d12dbb1b3ba889e09d83a63652159dd1bd82278b103bff7b7c0edb

    SHA512

    f5175cd44204555a852aae0a835120942f38217da93f220c17c4477c2af44cfc4d2c7addacd2972263245d886b74f8406b09e13f0322a2f2a988055ce8478871

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a2675924dea12be12431844d74faf77b

    SHA1

    b9642125854449efa46797f99a9468dcab7eb8d4

    SHA256

    b52727c40411b80517ca293eec5c71f851541ec5654c37382e5de65c0e933099

    SHA512

    03168380c11f0bcf81a7150e317a2eef61d95fc8ea325bbba4fec43d03600c01aebc011bf1494a484ec2897249f8ab9eb654591d22d187361a5a17965e99979f

  • C:\Users\Admin\AppData\Local\Temp\Cab1D31.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Cab1DD1.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1DE6.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b