Analysis

  • max time kernel
    150s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:51

General

  • Target

    912f103058beaf767557f21817d28f80_JaffaCakes118.html

  • Size

    27KB

  • MD5

    912f103058beaf767557f21817d28f80

  • SHA1

    602d886993c9f38e17f6dff47da6f33b99c6646f

  • SHA256

    2112a80e7b58f3595b000e6172686d701312a173b0c756e64757f75cfeb860c6

  • SHA512

    dec423dceee274b087a28e9d6b54d75312ed2394ecaef5b3e024d41d3decc7c89baf29e70bcd3bff6a24f4fa5079b346707dbb6b44b69f75243d39ebd543ad7b

  • SSDEEP

    192:uqgHLGb5nvEd8nQjxn5Q/nnQieWNn4nQOkEntphnQTbnFnQ8CJVevo7NtdFo+Nzy:n0Q/VygcOQQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\912f103058beaf767557f21817d28f80_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2168
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2168 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2080

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    be1ad0ae7f98cb9ec25f979947d57643

    SHA1

    d6711305a2994c4c1547304533e5b80cb9ad84c2

    SHA256

    df0c994293fb3156deb9544f301eb5f46ece7bcbc3f69ca5b6538ab10a620713

    SHA512

    4e449740c7e4ae82d99dfd9c0898678676c706b3bd0612a0d885a8cda31af31acac2a2f9c2800a5d6032a0a932c841dcacb7a83e1c19f4dd56846b0424a017b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ad4584ba92cc51486ad236c1490e10c

    SHA1

    6e680c96a17e0c55789684435273abeebe2b1243

    SHA256

    ff5f2db8fde530771d6de18b159b013d86d309e06d0c9aac8d88da49c719c3f1

    SHA512

    f7379ae56825fc73ebada77677bab7281d0ff0960c636ef160e015fdf398bc197b41fc671c7899b343a75a3f659650e87bc734b30ee158e9e67d94bc16273095

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dd449cdd554fb1899ccd4fb86f7414db

    SHA1

    386ab21283b128699710382118671003d5a58ce5

    SHA256

    c05fcc11ef9d7aca5e29c981085a78f982be4851552e065ea2f942321a460861

    SHA512

    5c29ebb6db22900d516856d6665c88978d265c5434167447fab41338b16db4c9e6a66c23ec4ac278ec74015bcbc1212489ac492992fbd94bcca5093a57b45da3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5ba15696270c176faa0fb6ab5d3ef7f3

    SHA1

    6d518035c3873e2cc67a26663b72b6fc875e27f8

    SHA256

    9485c62630a9583a74cf5eec6afe0387aaac74244c05066578408fb94c25f342

    SHA512

    b4984e411eb42f8c6240bd2b0abab2979c0e67dfa8daaaf7048cb5b37ae100deb1323d216f685eb17762558f08bfba3ac1b3be730717ff14a7eb07886bba4901

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    42b166c8780f1267c33e1dffde51feaf

    SHA1

    0e6677d538cde4a4798147a738fc06f219c6b3a4

    SHA256

    35007547fe185071433f5a7f3e925bee3088b557d6e032773cff8a8649a8cbcf

    SHA512

    9d4a20c2adcd9e77b7b14ae842640f9063e39bf600060feef2b0c4f717e2ec3377c2a1edd28c88858ee0af87bc497f19c0fb6e1a762b2897b289289d97fc0021

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5797b552991c1ee6472b899356913d41

    SHA1

    307cc2c47b1bd1523f69a6c4c0e31dd083aee735

    SHA256

    33fefd2fd7c9dd42ecb290e7ca2ce715f99c59ecedf307cd9d30bac59f80b3a8

    SHA512

    477deb573ce5e945f53a0af4267a3cf9d78efc4bfddc272b3cc77da669f5a0a87f526b00acbadcfabc7a0cd4947ac66ee3dbff5f0c35270010fa2f9eb5700fb6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e17a04c7ff3caebec682781c20236f03

    SHA1

    7fedfd01177b6e5f34843f5986e5159d1dde60ca

    SHA256

    0deb5671043fb9aecf749c15729ef1e9741751306bb829ef92bf6d23e1f21808

    SHA512

    c0b2f631e664ba341f9b13f99c197e68e4312504871aee4f24425c07852404e1e14237819c766da1b1b55e76b9c64c3caef06954775861a974f8fe7c04b96767

  • C:\Users\Admin\AppData\Local\Temp\Cab7C90.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar7E6C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b