Analysis

  • max time kernel
    134s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:51

General

  • Target

    912ef5ca39ed35ec3947b71230aea16a_JaffaCakes118.html

  • Size

    139KB

  • MD5

    912ef5ca39ed35ec3947b71230aea16a

  • SHA1

    5ab0b3ef3f3681bd0f2496b389ba5e40e2564b8a

  • SHA256

    6192d22e75a304c50903063ccabb005ccf79ea0cf9b7fc5a510401645d19f639

  • SHA512

    df15b49dc146f94cbc1af45b3360174f450fb9cf1385af316d215dc6fe62d02e26c64fa20e5a13cdade49ad7a6b403428e60359ceec58d7da4d8a75c36dd9d7b

  • SSDEEP

    1536:Si5bXomMCfaUSyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJruH:SGJsyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\912ef5ca39ed35ec3947b71230aea16a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2460
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2460 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1308

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    edd759a9f1ae7b7e2ae813fad833fb01

    SHA1

    99a889c5f3d953966ff7d6fb6eec20e2b5fdb910

    SHA256

    3f51ea7a9b51b1866192faf34eddede9eed8db7b38b5882283487fda7eb6959d

    SHA512

    6cf4c8aeb1dee4f67e63df746cdc4ef86957c32d60e1744cfb9a6c5b7899c4688dd523bcb23bf0ed0b0b6f978381827ebab0433c4a6ffe5cbcbdcb95525a860f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15212ca85e0b1a3737f56e2d208c3c4b

    SHA1

    54ce5daf3f25cc700d058e6b818da7acd2bfb927

    SHA256

    71a78050d3224bea01727e4d12a1208ae38833e8ab79da7d695610d7bad0f0c6

    SHA512

    074c29d48062231931a0f577e849348bf352fd1aa30d7e1f398f689e92c0b8da64ad022c02603e1a48c04abbe5c0f96d453f74057790d3324304c824f1b1d892

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e25b46656deb1b38df49c4288432e427

    SHA1

    8a0024a2e338215a992d0f3a1b60496df3c19ea9

    SHA256

    9c2de7d91bba0455feee536f6d1140827f6f7d40141bbd7518a599b0bbf08a81

    SHA512

    1c13d03ef763d2240e8fdc474a2b0b6af3579fc08c86b5d7a3b39ec34522b278435ad5d6300202ea546d86062ee276f54080741a847effa64677439e2bdb3de8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9c042d439b7d9c77c1e96bda49d67b7b

    SHA1

    b2ac860bef011a76dccfeb665ed8557d8d681ee7

    SHA256

    b6ea786691f2f3fd607d90249aefa24134e1b14d265ddfad98608f35dfc6febc

    SHA512

    1dae6a77d29ab45359a1f7fe645c457eb5ddd3a105280672cc61459ce9b287e2671db6d53b6afc571c3df3575f4abc44f1c76fdcaf2ec057d41df993a7b57a86

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c233f1fe0eab688db956c6854e83883c

    SHA1

    1b756253b7206eacd23270c3705d4e0b8d1968d5

    SHA256

    e807f7125cb9fab1a2b2a96ee225318b4973be5df05f4eb66524a7fd700cb7fb

    SHA512

    8e7d627e86ce597cb3563621314830bf0d1b57772bdfd603dad909522fab69e2143540bc1e04c1a4c12fabb90fa6af5b30df9655172912814d7f9fa3da44efd4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    42659bb759ea86c8165ea38a83951a30

    SHA1

    361b2f6e7a176bd6d1371cfa2c08d28293097349

    SHA256

    895b6e18652e37866b645995d0061bda7fab7bcee29824f089fb81ab9d29db03

    SHA512

    b141910527ba56dc3a1d65827f09248d5ac526206e44fc9d8bec7236aaba9eb7f150faed8d6eb0380632c6a952f8fa6f520786dab45e052a2e9a6e055d999bfa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ef6d4df4ffe776f541fba766e51d6bff

    SHA1

    b0a6e540c2b5978adece03caa230c269cd5f60a0

    SHA256

    735edea88f15c22ef52ae1533c5747e577fa9d8c4525ac6a98428b6f0fe1b608

    SHA512

    d0ca6669d74ec5a4acdc07d1a0b7b1c7581e431edfa80f86f1b9727554cdcafe35d24992f0b9434ef1de14efdd62449abb018aac60d2938566c0ef771b24bafc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6fb3ea5b29229710289361bc3b82eb5e

    SHA1

    b0a74122c4c7bc7ecf12aa1943f200da85533b2d

    SHA256

    985dc93d8af74e80d572b34c1194dae374564bace8405087480dc7a45fe90006

    SHA512

    00fb6ac7a6de8fdd8eaae977e95be9a15dcf414e97303eeea4f6c7b6225b143cdbc7d6cd84257c7ccf79028ad917541e6b2556ce64e9306f9f0ac6d542811acc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0a5d69c8fd3be3683c62b1b52fb758ef

    SHA1

    6a6f5cc95a42c7e547c1e540d8fc0775a07350cb

    SHA256

    22dc511bee6ff258bd00b0bc6bcc2d2c9252fff11cb0beab4e2e2c15d3ad49f5

    SHA512

    3f544b27a6d84e3075a5e8a2c2ac783bbdce2cd87c9a2f6a3da0fe9ee4478f48f5677edd5c8b64f2ec555417bcac67c963109e8e90ebb42bda2893abb8f40757

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ca52fc9168a03b4e70b54b25655bae1

    SHA1

    826927d2352bde1070125922d5794ec7269e8420

    SHA256

    c425e523153337f01f48d1ab0226da376e735e9285c7f03a99871cb027b41234

    SHA512

    1556671d610ae4b352f151306c9aadd1c6a53ac5d73823b8c071ad071c9e3300ba59d5db5886404e8e524594ab72202f99ef7f8218dde6faed9525fd7f615100

  • C:\Users\Admin\AppData\Local\Temp\CabDEAE.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\TarDEB0.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

  • C:\Users\Admin\AppData\Local\Temp\TarDF90.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b