Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:04

General

  • Target

    910d0dfb9bb74506f63ef596357ed8a3_JaffaCakes118.html

  • Size

    27KB

  • MD5

    910d0dfb9bb74506f63ef596357ed8a3

  • SHA1

    9fbbf1daa0c9a1b696df5b842d483bec807ed93e

  • SHA256

    8a7ca86ce1144a6fab10bc660a015fea443368e493a0924a1541a04844d7c62f

  • SHA512

    6698ae57209da9096c49f961f199d0c70d2e50a77d87efe7da17edc49c04c79da60140ff494c19c33a98bc5f94c9c877c7f7d25d53d37e943782f98a89b8bb4e

  • SSDEEP

    192:uwn4b5n+2znQjxn5Q/lnQiegNnhnQOkEntbrnQTbnxnQ9eC1am60ZQWQl7MBAqnJ:24Q/D7IGQhSK12

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\910d0dfb9bb74506f63ef596357ed8a3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2284
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2284 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2996

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f3befe9c6d37ff29d696d6d5b3dbb008

    SHA1

    69633518ce5c4df9b8bb755d867257d92a1d65c0

    SHA256

    e14b7d463ff9ed5106f67ab25a075655d8a4d866e8c22836e56862da85a5612a

    SHA512

    f7e571aaed3b89046460a2899af47c2e96e3d53be4142dda322637cfb8586b73f0425f72483e2cf6d3ea7a67cbb293d44a34e786856ea8c514d5f059925ce4ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bbbb6f696ca767e8e053223dfa590376

    SHA1

    88b5b677083221610ca5bff0dd5db451cf2a95ad

    SHA256

    adb54e6f9163f67bc22e6d2a9c3970d4895ead44559249bdc5ffeb78503e220d

    SHA512

    0ae5fe9805df67306354db3096c4b6bd3d8c69249f65791ee4bbc4a3767607f4b4964b8d37e993b43799402015d5a868c6bcfda5c9dae1766391de19a60878fc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5d0848d63a7ea2a08c4f087a69ffb4e

    SHA1

    1ad807b025c98334ce252d0b9570a947f2fab828

    SHA256

    3fc03a8091b4644f477d7a8ccf3593ab563b6af1e93f0eafee3fdc6d61a4af16

    SHA512

    1010e72a6f97031a66087d186fdd2c03460688a6daf55064f1bf4f2062ef457b9e2042a5896711fba079b587924f68a459444c04f9dff2a702f1097a1e03b32a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3104f7211b3f4b048c2e4c730213f097

    SHA1

    66e369081c6cc13971722b9b1130b7113bebd736

    SHA256

    20cf767e00808db6c3a1a59def8e8d1cc9916412b9ffafe4bf5433759dadf9c7

    SHA512

    923446e9fbf49f0e691b1b978a879c783b0c0f890894ce9e433f361d9ce1e6e82ec92cf0ead4c6945ee20d52c212924e7e665e909e8b928abfb16dd4f92805aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f70b49bd8449c95a7270a6352b17cd2

    SHA1

    9fb39df5cbb0149fbb86d936458f26a7be4ee038

    SHA256

    5fdab547727da853fc344c2a42e9d45a13275d5634c307853e29e571ac92dcb7

    SHA512

    9058417819792da918e6439b6b8b27386c3b90b59e37f0fb5fd9e05fa124e6ec14bbed098d2f10aad10241e09c7832508410ff8413e4c1f6ba8fe8b6ad278440

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c588ba461b65da06ef7160e429e0d78a

    SHA1

    131e46c8dbca7cf94ce96109dbe2db0dc7846055

    SHA256

    ff7b26cf26cadc4d579b1dd0ba8ba18818911800c33e3eccd4bdd9f0e812cb02

    SHA512

    574ad2eb289cd0168a18b84ffd82a7f01e7a22e87e5566eba79138b54e5d0a22c8c3deced5c8301fa5ad0b5d5b70eba1e56096f08009cd93f9d9798c81e07eae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6c708aed4beaedaa3ed4994d54bb593f

    SHA1

    20a50ba51ebae52d97d751cae44ef3c549a318e7

    SHA256

    2069538b454681e710cd92b1905b9afa722a76912552ade13a92e787dc87fb7f

    SHA512

    84c8e23b71ddac901e0c4f3aeeb7fdb10e68ff22e6caa70f08762879261ffb6d3ed85f0f775ad34fcdc0e02dfbc07c1d1684ca46e141a00025b4629c4577a289

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e92c8e0a1bf6b1a8f17ffba4492c4287

    SHA1

    790c3f5b5fa61a5441ac8882edfabd177a7b4e2a

    SHA256

    fc98e951d7e60511f01465ff9b930e3b201da45f80f8d78ac40c14b9bb173740

    SHA512

    7397ad17f99c4f8cf4b508eae5fa2ddc523df6651c7fc38526cb4762d989dd05fcf40af20711f9cd759c683a164fa15ec56fa2525b5aabc18ff36fdace55bcae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9512b42d74baa5305e7eac58aaa92944

    SHA1

    4d2e6b5235db4059279b7e510a5e4f8919e3aa14

    SHA256

    5e13f30a63a96cef5b2511a8176ad0cbf0b21d6e5f29b0d1954ee95daa012b70

    SHA512

    291b01454461d6d0a0df7c9aa2136b14edfc6b6d630a76d4aa2aa3909ee176a9b9b21a2b30f8b4d2a87ca29faede33ba1e48dac1dd52445304468ec459a58cb7

  • C:\Users\Admin\AppData\Local\Temp\Cab8BA.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar93D.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b