Analysis

  • max time kernel
    148s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:53

General

  • Target

    9130c0abb497e4f8da7d1f8e516ebfc6_JaffaCakes118.html

  • Size

    24KB

  • MD5

    9130c0abb497e4f8da7d1f8e516ebfc6

  • SHA1

    c8f40fe968c1a615cf278b13d2ceae07566ec4e9

  • SHA256

    301c4ba07c546201101778be47e59095b9451232aba446d028718a4ef78fcc12

  • SHA512

    c490a4ed5c80d0b9ba5b7e06a506f7ba89818c3139e3391249a9648d6f9bf79255c02fee10fe16a392376f9785aae820300efb5bc2f0a76d45a9ee3c9f26f8bf

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAI+4qzUnjBhiU82qDB8:SIMd0I5nvHBsviXxDB8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9130c0abb497e4f8da7d1f8e516ebfc6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1664
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1664 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3004

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    54ea4f02d5c174b6bffe3064c4aa4b4b

    SHA1

    27f9eda9dc208c7bebd63b2720cb989df629859d

    SHA256

    d8bc92319ee800c1609677f457ba57939a51400b85098793dce506d589e7395e

    SHA512

    9ef3d0ef879db938279b7ece523b2c5ad61e3aeed3d9d6bacc8c81bc33cbb9113cc9307e97c2c858bb847184f69be0f6ace4dbcfc145f16bc0d2c8cbbb5b0bec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    136fdcd01c9500e98da0ed68414227e2

    SHA1

    c55c4d29c09c89581f90845975902df4e16e9311

    SHA256

    6b22a186598333e40b9762ad9dc8c71df5df446c67fee3f3fd1c9ed72ff7c471

    SHA512

    78846113d0c6a37d2f59aa988e4c47d6ff8b0f020f3012de142dc25227141dab054dd02caa45c01c3a6d14601fd1ef2f638541d32071009f0a8d79981d5386d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1898d8998b064ec475eb7b212724da08

    SHA1

    4d6c97043611927e3d7daf3cf496098cf13ac7e9

    SHA256

    4e6993f1c44a94b8dc82d4ff82c0dd9a9111892966a2f75e8cc99b807bb8335a

    SHA512

    402ad5909a0aff259749ff6a4373b00ddb39d6b2fd825439e57a1455f63c3d576824d306034d30a2c08c642945918c8303d46022ebe8857367fcf164a2e31bbe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a562b0a8955b90b0cdd73025f537fbaa

    SHA1

    0bc946060d7263f2c81da0396b1a8df8b3dc274c

    SHA256

    d7e684595d5fde359b5722f5bc0107fa6bc53b34ffbbb6b38d43cfc201327db3

    SHA512

    c5cbadca1c1f12200bbbea05c18649ae28380454fd69071bdc28a8fac58e6f3a1977a36f15acf626438418e0ecb665d1946814b3d1fd26b3a90a508200f854af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    984496cb3f6bcee1fa1092b644edc0a0

    SHA1

    dd4527c48fa035d2505d2bff97eb27a854d704e0

    SHA256

    882bd7bc930b03534dbbd78d630392f992b5ef042e1e04c4f2d3551a1474a42a

    SHA512

    08bb5b10d5d8ffb26e151616e3760d4e9d06c1c1e2abce618bc0dbf2737a942ae706e4c7e25de16799ef2be938fd3fce6158455dab37307930d844bd0ef180e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    87042e4675062d741c2aee29cb3d5cb9

    SHA1

    cf12352f878ef9073445c936de27df36b61a99dd

    SHA256

    5758b780345e730f058750ca761b1c613057d033eec8ae3312715424cbb8d69a

    SHA512

    8fa4872045a959db4e7dfec217e4250c2ec10673239555b25ea9607e6d54e2617b360ee6601c856656c34a01dd9605834ae3d25a2ab490019e6f8e811fbe730f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    be54a0dbaff54ffe11dd568508d9de04

    SHA1

    8e85e7858c968ac915ac3e61055925c9396baab7

    SHA256

    93d6485241d81e48fc64423cc725ddd89e8689c96a876e7a540ca572bddd172b

    SHA512

    feb0bd11908c061eb2466701b6e3da07bf77cb85e0fbfd158c47de48f9a0fc831a2ab84ffea9e87cd9ad91fec51b96f673f0c490a19b0b79e87d860da86f8aef

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b63aa7c386812d0caeb711d4c9a97455

    SHA1

    37c7e0fa3e198da72da0858deb7c52d6af4a87df

    SHA256

    5674d2e93f782b170374690e753ae145a0b3b752189e99c31826507c3970e1f6

    SHA512

    3a9e52954e5f736d913302d620ba06c6c6336d31e8bb4ec97bb1f1b47ae74c9d3a2d84a0d5db7a65b8c504e706375a184876b89b4b9d72048e155ec86500eab3

  • C:\Users\Admin\AppData\Local\Temp\CabA30.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarB5F.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b