Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:51

General

  • Target

    912f209250cc9643ccdcd1f6dcf05f52_JaffaCakes118.html

  • Size

    18KB

  • MD5

    912f209250cc9643ccdcd1f6dcf05f52

  • SHA1

    718824dcebaba44e7f7911f4527e1b7e8a3c69a5

  • SHA256

    3c326a3b1a250258e5023d709220223eb6db6106200562d8d8f756c5751e2f09

  • SHA512

    40ee660c31690649e0d7555f3747d877d8f303f7a90b5780c283747abaf29422c6731c0d09007052d127b289af00328f3623c37ed581a61be327d3cd48a00b5c

  • SSDEEP

    384:bO/Tci4o3rUynh1OIpeeVaEaXq7ZD2fA+uY+jVpzw9xv2xItsnlXG6bP:mj73Qyn2IpeeVaEaXq7ZD2f7uY+jVG9S

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\912f209250cc9643ccdcd1f6dcf05f52_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2072
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2072 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2936

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    52efba9f2e14f5210ec0c71a4ebcdc80

    SHA1

    0257ef3c5ae2173e3b58db730a2f640d348410dc

    SHA256

    84e46e6b44ebb24f5992e2db19f1d77e5a601011656a9815836da6c3129dc089

    SHA512

    3757c3bf42d281b6ef370ba442a7860505cbe4fcd4c2ee979b725de74b63d52bd02ffd32c4f1105ed6acec63ea124b5ac77e9dbb30efa707c0fa7530bfefe86a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8389b3e4f3e224efd1e056d3dfcab002

    SHA1

    4bec677e71910764557d20d79e6ced2be404e6c5

    SHA256

    bc374b183da8cd00fa019accb572e030635794427fce65eeaadc3d7836061647

    SHA512

    7881d46516471884749a04a87e74a4d48282ed1d7f7784b69f18976c341c3d7ff94316202ef158d4bb1c10d2a33eb34732c7d5d4a18f7f6ba72694a0955c883d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f17513fb4a049ecf4ba4be04ad766c6

    SHA1

    4c4613a77f4a240c0c1a96fdfe99c5ec0c3d9374

    SHA256

    88117df5f69591f7299a46530167358000bf0c32a3dbad7e766a6307affcdc7c

    SHA512

    490c4c2e28a792d209e234cd3917bf5bce554579492ead2d5cf0753109b0d6605f52748a68c71eaa8be5115a402c9b9ff88f6c01281645f9f43e3257d9b00ceb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8a2d2b9ef7b04741cf8d05a2c0390bae

    SHA1

    c0eebcf5cf2ce03de9eea3d9d424a4450a08e0af

    SHA256

    080edb4d63b7582d5321f6006a30a602494501db878387ca004b51040bdcd863

    SHA512

    8bcb1bb3771ddfcf978e3ae6fec3b9c3819b398a0599952e6a4debda7cbe5f166b897fb1c4225471453800bf6732eb3de98f797c4a3d50c1aaeddca10b712226

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d0f92a4c2c6087e694b6e87cfa0ecad3

    SHA1

    e1d8fa383228121cfc1495a4002fb05cf4338934

    SHA256

    8486f8b1c1d9a61dbd8643db4874dbe4195789ac15ecae0cb152a53a031c217d

    SHA512

    cdb97066bddd2596f3835c946c3c9b6479205572c21317922873119fe1f5372428acd587b6bf77573074e0928dee57d48eb2a0baa45a5d43b8daf265daef2927

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a784f5e7411c9624c53c7dc9e37e634c

    SHA1

    2f2de9449aeeedced3be68431dbc76ad51a0e1da

    SHA256

    cf1b442cf58e31e37fd3cae6febab029631c76319b6637684b27fb6018430892

    SHA512

    11b0a2c8ef2d7496b13805adaf4e5f423a8febc79c80e33933d78d203ee50f3ae978630aeae8933c8f76b1b1ba59c8683c3583a7a2547a1d71272cde80382087

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    28ce082c2f8bc4fa019c290910f3a0a2

    SHA1

    c58afbcdee17c9d584606ee7ee1cac96e3d086df

    SHA256

    2e218e8f423b7ee313599bf25204e6d3665e3d54e7492cea91ee431788beee7e

    SHA512

    c04aac949769d416cfc46cc405d785b908f24ad4cb89a40534cccec7e1dfed6a91808654ff207a954d24af2aa2cb43e2298fbc5ac4cc05c81cf965c7bf0c1e9b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e173a514e41235ac290da66855b02d92

    SHA1

    30016a76f00ba5cec22ead6a8fbb56082058a56d

    SHA256

    cd25d3231fcc0fc06524ba9032d283bf6dabfcd1560b587df8b6da7918c3cec0

    SHA512

    06c0be906c6e4f42c0484d2d006c7712a5d2f2fd014d3f3975030d5ebce2826ad844c16d2ee3820c2bf4dba6da38df9b07665033abe30d09942302f3c3eb9399

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    996a2b450b886fa30a64ee9916abbe14

    SHA1

    06d4dfa28a2bafae5f26a080732f1bcac3d5afdd

    SHA256

    bb51d4edd55222e58a1acf3a4fef1c65158c6d538ed2eab9591948e11dfd805b

    SHA512

    8e2241338df0702fa0ee5800bf20d0f9c34ca363f3f478a099a3007557e19b274a1a168e3fe41f0080cd1ced902f9579f36ae57e84b2df9372dfafe6e55c2dc2

  • C:\Users\Admin\AppData\Local\Temp\Cab19D9.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar1A8C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b