Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:52

General

  • Target

    912ff9e18af132f856ff844f91986815_JaffaCakes118.html

  • Size

    27KB

  • MD5

    912ff9e18af132f856ff844f91986815

  • SHA1

    59ce15528f4d662ac63ae5685ac065b60345c9fb

  • SHA256

    45793ae929e478a5f8abdcf515c2644798bb6def0fb38dc6715bbe32a1db3e51

  • SHA512

    57b290187b3fbdeb6e1e593dc125264ba64b9e73d3b9e414f6fb27d128d7b42c00044966abd2e8e2588dfb05095fb590d31378901454fc2596641cf3e10841d2

  • SSDEEP

    192:uqFQbphke5d3BwsSb5ng4Z9lRsHrZKGxpCsWnQjxn5Q/y2nQieGJNnSVinQOkEnF:nChzQ/QygcEiKo

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\912ff9e18af132f856ff844f91986815_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2184
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2184 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2212

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f27a4013d5157351735757621ce0250a

    SHA1

    388ff52aafce5eba1c580030356c0342f6813bec

    SHA256

    5335f40b3b51c89bbe347ddd9e438ee8cbd3ad4df54ec77db7372f7f43e57fff

    SHA512

    3b3c33268ef638eda0d409633ff3de4a3ff5c02d812c6ce64002d0bb01a9f022a5f648b50897a2da764f71fffb0d35118fe8d73755e0e973d65ed71c6c358175

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9721b52e516101211c493aa3846a130d

    SHA1

    8ce5cab11ecc62f058222b7e064e468edbe08dc1

    SHA256

    327a93490f2767b52e6f7c5fb7a964530628d7c1585c926b343b35cbf0bb8d34

    SHA512

    0164462183f8d7dbfc3ea2b9a7886e81f44af1261112a3d25f7093a26d38fb84f9a66c6c6e517c318301f9f6fdaa66eba3064e663caac7d2ddb0a82aa40594c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    384858241c011cf5d67bb99a063aa907

    SHA1

    b219eaff38e901fa47dc445473f9d7e31c3c3111

    SHA256

    180b5b1faacbfb6f2089b3179b4b1b2d1ea0df7d31e4013907613ee72a031f00

    SHA512

    483ce79a94a3757316f26c4724effa9887b3de0175aed0f1dcc21f5f1985587ce7296dafd9e54ce86fe69f8a12f899e6a522b0fc07ad1e8be556806f1d069243

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2c89bdb90db12cfc1dcdb74e37ab307

    SHA1

    49cc518a58b6d2c4cf40a4dad0b7ce0073ecce25

    SHA256

    25e140a56f65c79da94d1a227471f4ad6101e49624531c1961e5925a1e35ad02

    SHA512

    58522d57a9cb50e4214c3ca5748a0f70ac8d0dd6b14d68d2f9dced93cbee5968f901cae15bda70776bda54bd037fb7db0d8046b1d8bda90cffe8868e44d3a259

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fa23775cafcb11f5b863f535043894fc

    SHA1

    333abc3195c65abe6925d8cc634e472a38b18b8a

    SHA256

    36a237da02a2bae15089514444d55a933d91dc2a54748c277606afc40161ed7d

    SHA512

    e465cef5e96b61124304e3b7a65b413e5f5496b8ea479c8289f8d7087c849d0b83be5ac4a5b00ef40e9ee252da4cdc398c1b7833272f3816c2769f2843a27180

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1e25411a612b08e54b30359e923046a8

    SHA1

    3bddaeb72d4754e67214bb29ba32b18421618a8d

    SHA256

    5257e49fc84b20155829e96b5b2de33ec769fba6149ad0eff4f291fa676f5689

    SHA512

    b58fc9688c59b1e7dbefd8cd788b63a1a4b666f3a34510072a50292586df438e7c857ac059c45939620472b3931d29d0ba2708661607458dee22ff5092d5be72

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    082ebbadce5513eb0bec7acc677602a8

    SHA1

    2af2793fa4103e82750e66ee495a4f3a9d41411c

    SHA256

    c8896282f94818566d269dfb52301cdeb9025ec1de3726f85d237fdc9fab83cf

    SHA512

    20ef2de81a7fef75bd32d3b515c3f2ae139d86ccd25bdbe399aea069a28ace9a9e874d691681da0e1a636538d6c9cde2da402271260381f486e7430934af9377

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9be259ac01ae3faa966641023739556a

    SHA1

    d39e32405f3a6e59111ecb39e802d70d987dad0e

    SHA256

    31bd71f24a5090935d8a7185f72db0ef5fd0f78b5886792fc7a4f89a22e20d96

    SHA512

    fb14fd4982cceba7f258889871b5e13c7b16dcfb42ea68bdd0cd191457ee36eb09baf515ffb5fae6f9bf899c4f5b0fc526f48989635affe7a41789b18b9ebaf6

  • C:\Users\Admin\AppData\Local\Temp\CabD8A.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarE7B.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b