Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:51

General

  • Target

    912eb85e14affdf377d4fb71111d0541_JaffaCakes118.html

  • Size

    27KB

  • MD5

    912eb85e14affdf377d4fb71111d0541

  • SHA1

    79ab3e462b1806e4718ab2bb2aab7c4a37a505cd

  • SHA256

    044b21211712f146de07866925abfafb1e9b834f55fc9053ca26d9197237457d

  • SHA512

    a220ec32f0b9ccdbc8dfc219d09e49261879940de2af240af2a0487f9359d97dd0c7d29b7dd66b3148d123c2fb25e951e7edc6140d21bce9254ad207fb5e8296

  • SSDEEP

    192:uwHAb5nswlnQjxn5Q/TnQieSNnsnQOkEnt5hnQTbn5nQ9eMzam60FKYQl7MByqnT:COQ/YpmqKrS0NMEm

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\912eb85e14affdf377d4fb71111d0541_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1660
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1660 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3068

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3f1a97e661cba9688eb78a9bcc8b5d7a

    SHA1

    4c0dcc5bb2a3ff4f43da5d79587a6f6467f97974

    SHA256

    47169671deadd01f48747cc553b5232cdda41e19fabe19b2a1caff26bf14449f

    SHA512

    8bd85bdd1f92ae870bba85c69404223f9568a9c1980b841cd4f50b824078e120420b32575766d1f52daa75e62cbe3b843829a14fc0a6abfa7207060b6e86aca9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    db406be322ed0f2c8bbdd859043f5ba2

    SHA1

    521b607cfaeba35e1885d3252edd5e580bd4cebe

    SHA256

    020adb6f3164c57083ab56945ed694c4844648b18920b6c27f515a3ab06c2767

    SHA512

    06d210a9778c404de072d0cf681ebeea8a574af310609d7c7f50769c93df3c379d46e393207a17609be96901c8ef86efa297cfcab8379d9d690ae5ec7738bc2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a026b5f96cdec19111d22547699ebb12

    SHA1

    b4fbaa7a4bdd41692d05036ef82d0c607cd83666

    SHA256

    026bb3b77e2a3d9ef4a77bf98a9cc3b1b71575201a858e5051b2d81313492f12

    SHA512

    cbee2ea7ac341c54f2acec15cdb51d65bbeaf1d2c44ac73d52c853b59f0da902239447a9bc12b6038a69bca98e65c9085e61bcde4e9f36ef2a6a1c8978e9ce9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f97c21e4be2cbead4b3c1076f3bca809

    SHA1

    27d951e971c01c47cff5e0803554e1674d528731

    SHA256

    c1f9c6139fa3d604b9376b6cb2da8254107b3e1dc0335e55c5c85bb799fc31ef

    SHA512

    1e3350132d5aa40b38c2d198a1f069fb370d1810e3bc67437608b93d2e49e5613b4b968f302af8c0eb2047ba6114217d8e985f46f932bf4f000fb192b01cf856

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ec5e734cdbbeac680b207a95cb72f29

    SHA1

    8c5655b2b220217e2a225db58f0a3fe66bee534d

    SHA256

    23157e94017cc53412f8e99fb3491334c7c778e6a8759101e1de035175a51e48

    SHA512

    d7c0ef15dd2aae49806b1a4c0d704f8234e44dca19a42d73226adbd8bf8a41d9962c7dbbda2c25ce716f83bec23f0af1f32b24bc5f5ec6914ba859e9ecfe6179

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    06fd6f13dca0895b03c432ee7a055b0a

    SHA1

    02753ea2d287d920fb4445399c87e63b56dae266

    SHA256

    212762eeba17933da444aca753a57eef514ead1fcbb90cb4b2ba968f4645d745

    SHA512

    e8f0e138ebfd84ff0c275334d870018d6f5dbb0fe31afbe05180d16a2512d858f4754c22090957ff71d74c1252c04b401b144a87ee70ff407934badf52acab3c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a015f003af23f43f2ba1d6e70071b6fa

    SHA1

    dfa666c9e0ad5b158b1d3648fcb2b33c288bfe80

    SHA256

    bf28b200970f6a4ca61978c16baac4f0f89b9b4034a413ca2d7b71185439cdd4

    SHA512

    7163c7f1645fdaf3b518e536a205cf12f50115003001ffa74f0b746f8ef30e631fb180d02a24d045b222b74ec17143f618e1d739c798742f90f4751edaa81f0e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1468d56cbeb5af7d986b697a94c27cf1

    SHA1

    a13487a59cbd467725439c7b25ce3ad1948a500f

    SHA256

    5df8951cf45711d58f9ab938b49f33404bd3d5819666c87beb09c7e97e92972e

    SHA512

    1152f0e0b3ba06a96aea179706bacca87e78515e84c3014031976079a775e2c495d019936e4c93618e5b5e68719ed2f5460ff74bf898094f77309a9137364616

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aa2e7a7e8b17ab9b267f1f505cad81b1

    SHA1

    554db39fa7280fcb80aa76ae32b23b2912fa3492

    SHA256

    2defb8907dfc874db8dfba0cc35f07f193f2e425f48e3605c7ae890ae455ef38

    SHA512

    5ca7ad3715dc84fa0c691226a8b82f6750cd26b70b3b1da3559ba3f2488b4bf21e5a72e5b7167605cdab267683ad36a83d6b835ce622e42d787c3e115b733cce

  • C:\Users\Admin\AppData\Local\Temp\Cab11FD.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar12EE.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b