Analysis

  • max time kernel
    149s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:53

General

  • Target

    913076a35e678dc89584d3219ed6dd33_JaffaCakes118.html

  • Size

    19KB

  • MD5

    913076a35e678dc89584d3219ed6dd33

  • SHA1

    30d9b60eb4ceb67b5eb0c06b3da4e43dd001c4e4

  • SHA256

    620b18f9430f1d5b5754af749a5b5efe4434750c892243dd2f57214bb63ecb9c

  • SHA512

    79a3c00a86a3ee467e4183946616096d8a7e5f286566938a4a321f516fe47b8cd481405f6da16e96e7fbe29ab766a3fa83a0203b67cc0e1960dff750c794c92c

  • SSDEEP

    192:uwbRb5n41nQjxn5Q/fnQiemNnonQOkEntRlnQTbnNnQmSgHMBGqnYnQ5bNnlnQVN:fQ/FqunRX

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\913076a35e678dc89584d3219ed6dd33_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2240
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2240 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1404

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    23bbc16519c7460effe5bf6c1d901ff0

    SHA1

    11473d5faefdd411251604a580c561ba6ba65068

    SHA256

    49ef22482f20f4d1563736876f488ffb708a57f7706ce8445b19c3f303eb7131

    SHA512

    c83f6b8289b77d9630a2077e3ca59e9252507ceee8e63cfc4958212c384f6578cfeb803e9c330bc744c515d713fea872d92c31d1029269d7281e85caa773f954

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    03385c5f7c40b4925a3ddbbe479514c7

    SHA1

    fa314e23cb4fd434a1768557e6e8ac8659ee9653

    SHA256

    4b75c3f853184d5351cd175779d93fe4a75989bf3dd017ff42ab02a241031004

    SHA512

    54b1baf80559c4b6e2dd97c7044566ba21c3fdbfd01faf6e6f8ecf286412d02de8ed0bb7e7b64799ae403a92532fea859b8d9b819c5f51c258998f998d82e11f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    92239bedfe50da42768550717b1556ba

    SHA1

    49ada6661a29ebfc2d09a2e4f20580f40c6df3a3

    SHA256

    9baf02e36ec47d182dd623a97ab58e476f8bfce51f81c71ad6f78c5e9709115b

    SHA512

    cfd21f724946805faf12c95e924bc937ec5241510920a728ae9d73579679f0b1971727790c48fea265503c087233ee248c14f675855e1baa98c26ec95149f18d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f2db4447143ff0254fec80ccade42c80

    SHA1

    8297b33eb38aa9e4b46dbe3fb4518378b56990de

    SHA256

    ab95b22ded432da877b2026145560f06056c89efe4606b6951a668eacbf35b1f

    SHA512

    8a6d3ca7644f6b9d03d9089e83262bf00a77dfc558a14b7ed1a588821c36e008e0dad2e5333481c252de2fa7afc3b9b0a034e9a63523e5611fdd1c6055a2655a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    629a838ae7d9b4bdcc5384d7c3e69eb5

    SHA1

    ccc610463a3dd45ed267040d3161315500481cac

    SHA256

    4c96a4d0bd6493eb74ea777a0e47c22c64c1a126de13a30bf062183269757dac

    SHA512

    a4b2b177bfbbcc9c6415afae923faeb7b7ce3165bce36eaf65a3d684b1a558824e70a8f1d65204be746207dfcc86ba2ab560a98d807022b8a647a8dcf081a806

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9a66d966f210c78512dc6559373f95bf

    SHA1

    f7231aa86c894c1f07ec9767502836e695eeac37

    SHA256

    b25f4883e20255b0b550bb2fa90bba55d1bf0d978f659a597f9bf3bec1ebb0fa

    SHA512

    039cd9425ec9fa47e032f9cce7213708f2bd226c93054a5bc5f8146e4a88bec381c106d314ed2efac8069da9fba4e66f5eda3381c2caf5c0ea0ba66590a93ebd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    95cdef4fbd3ac9ab2f8dda6c8ea8539d

    SHA1

    108a6198432f9b3d411a8b60c771cb75d173f704

    SHA256

    c327d91a629a97a42eb11e399e08a5ab5ea028798f9af194a127073de2ae068f

    SHA512

    7e010321e9760ab21de760a18096bafafdedfdca86ef8c2cf43d7be9fd679a41038cd67c45d89d80da84257187d1f3c1ecd69af2430497e9e89d11f9f89595b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    607da4cf343bfc69d73dfb3cb4f5d99e

    SHA1

    d352026043d2e79b521d231e4f4772015d4248c2

    SHA256

    cb45877988fb00f3b8a33d7bedb385d62b9ad48bb723eebe993de19fdc9bd558

    SHA512

    c8825eeb929cbf69d643bb2c0a773a6be4fbcd1ef13e5fdb0ee76746842b352146e6671e3e3ffa3398f88d03ad3b65d2f94062950ed1882783684ceac14ca071

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2e5371d80c9d40964ad5785dc2c1ba5a

    SHA1

    21b62cd4817d6e9dbdb84bbfccb6f3c92b439e86

    SHA256

    f6b2a696497d476d492cba3177b3ab77da26b825d0a03a973dff105d23e33a01

    SHA512

    c02cbad9a5bd84d200b708b34a6918c5201dcd05d4843ec06ea79aa09995d23b5581bf05570772089015d0e9054a5dd60fa766f89e16f3def58965cf1a0e3558

  • C:\Users\Admin\AppData\Local\Temp\Cab81A0.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab828C.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar82C0.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b