Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:49

General

  • Target

    912d835927f57ccad87d1cce13157bcf_JaffaCakes118.html

  • Size

    27KB

  • MD5

    912d835927f57ccad87d1cce13157bcf

  • SHA1

    72b6aa40dd90bce3c6ab9198eef87ef8dca3d08c

  • SHA256

    538ced65b5c45fedfdbb771155b01fbfe648114e4377b7d4dc59024b2761a1df

  • SHA512

    cdabe26651ec3c119f2343553d59bfc2477c2102a451b64c601276bd3efc6978184368a4847a252cedfd0c55d3c7845ddbb2f8924d5cc8149ee8a2364a228799

  • SSDEEP

    192:uwDYb5ncqnQjxn5Q/rnQieyNnOnQOkEntFBnQTbntnQ9eomm6uFGMQl7MBSqnYn1:hQ/6FOgGHSYT2W

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\912d835927f57ccad87d1cce13157bcf_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2224
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2224 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2256

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d8da738d9d9ba4899dd0a774d862d52a

    SHA1

    1a833505d423eb0683ce4b5c2eb4056d8e4dce03

    SHA256

    12337774162c6d019bcd748f0b21c36b6732caf4c0ea9ebf748036cdffccda5c

    SHA512

    d8e639dc5f6b19dc2683562d908fa6bb7b1527b3a2184a14e1c23043a860b4affa9d83d20a885c24115b7733afe1487cf69e4287b13b2cad3b91691a19fa0d15

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15e1505fdb403104013573a9b82199ea

    SHA1

    c66ed63fd2078d8413a23ffce85abfd2ec4ba000

    SHA256

    2950021399847f2add0a68f4ae2770b14843c2c51534c937584a294b3aa512f9

    SHA512

    afe333a5bdcaa6042d3df4a7a5c61c3ad0e582a53bade514008328cae037b3a5ab0992193977a38da9cfe999ce5ae5cacc2b3733b418a640cc45cc9b79f94b5c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b5d93df8513cc165dfe653917932ad22

    SHA1

    3144e1a43a07a9268dada0b41513baa61c703471

    SHA256

    11acee37e766b4e86a19ca1d4cb8b00dd6fe7d9f9effeaf5364d2edcde9ded04

    SHA512

    fd3978a462368ba13b943931f1ccf9391fcbee6180297573660eab88081101d3cbc533ca509dd83d06a9adf0128567defe2225173ef5cc338773695b299c9054

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    292b0b5032d2bbd5aeef7556254dc879

    SHA1

    a0008bf9998c0d319edadbb561e550cb853d2735

    SHA256

    5209e8abb7bfe9d969a562b54e4c88199ecd5dbbdb55f2973baa3259093eba73

    SHA512

    ca7db04ee9d1901279fe722d1337a6741f1c16b4339a23c21ef78618b94bcb06b730e935752cefb6c0c3ba23150a949534df2c75636edd2a5a99d71847eade27

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    87e16fe51bfe36288ffff6d1ada302a0

    SHA1

    8f670dd54ccf2402844a029454d7d46770d365f1

    SHA256

    462e7b940c6ba5f384b8272a682dd9457684cc74cd161f2248f2bfb62a70339d

    SHA512

    01171a3204e34eddaf932d157df63fee492fe83e9cdc6dece997190294f23b22586190581841d96fd1c572c6d4d221d72eec890e172b129e2412de4b132329a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    745e43d327ea420d9f89e383f1451222

    SHA1

    9e35163b70680dd05c2b787afb51a7cee835b4e4

    SHA256

    61364a5d372d2467e1138676117bc6cd332af2c62465fc31eb8fe08b279bc46c

    SHA512

    0e46af81a53ca0e0f498d86c6dde16ca5a95876dbbd042f71b13cd31f190a8cd462d31020eb58666e8afc288f1e45e8852b651d2011f393ee7c7e2226df2fe67

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    41f0183eab18f78d3fdad67ab183dce4

    SHA1

    9c182164a1d178210603fd5cce87f64687cffb5f

    SHA256

    69bf50278dabc1b169d88498e8584e1fcb668aa8b120e8b69db35459838e7a32

    SHA512

    a2d6c0eee47aa799e1c9711634ebdb0a97c57667f079e9260e187145296a8ba780cc0dfec936724e20c62ecbaa83b0ec41e33cb6945691f189e28cb1d1d59070

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8473947a405478eb3612365603b258c4

    SHA1

    1356c19b3beb118252c71e9134d0cecbbca89705

    SHA256

    2cbcd721ab29a0cb1921e70841389925b4d169954555e5ab0debbb489a52b26a

    SHA512

    09469c7b7563a3af0c95acd1401c7abad8725d9e56e5d5383a5332af71ad5abbb96b2b89a5a83612b93d4b87740211aee274b7cc718d9c66f9aa6af319195009

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    54a630889ebee61f66fd55c321a378a2

    SHA1

    a2b5bc986caf4b63ea8f2c801ae297c90f4c6511

    SHA256

    29568a108727d406d792664ddafde47f1686176aef181431dd00a540aa6a9601

    SHA512

    8eeb7f6533bf32926eb657931925d0982f948da921f6d13accf798bd2ec3f222d270137a1d553be227d1508489cacc76d6f013f4cc246f41b2b1ea21e9b6ddd9

  • C:\Users\Admin\AppData\Local\Temp\Cab23C8.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar244C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b