Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 08:53

General

  • Target

    9131400f50291b7df87068dc66204b03_JaffaCakes118.html

  • Size

    23KB

  • MD5

    9131400f50291b7df87068dc66204b03

  • SHA1

    c23427b765defebce3969ea2992474c7ae8314b9

  • SHA256

    85e600d4fa2c246400049d2c0fb5d8e9fa5dba0582cdd9abacf0925ef02c43bd

  • SHA512

    cc061c824d4ee8be1da20a87c53243ce6d8310804802d7ad57a2312231642d5e21a5738764f77fab47a78b4580c5a0d41d73529bf778acfd1dbc21ca9474cdeb

  • SSDEEP

    192:uwzMb5ntmnQjxn5Q/hQNnQiebNn8nQOkEntDQWnQTbnBnQKdjbvMB7qnYnQ7tnA9:4Q/CoctA6

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9131400f50291b7df87068dc66204b03_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2132
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2132 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2564

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e8615d7915649ba0c254cf7383a42585

    SHA1

    65f13ebc09202aaa4d4004d6d08b53d970400c81

    SHA256

    dd14395ad2aa67b0f47aa704684a45384dbde9db1518cd26f96287ea66df3a77

    SHA512

    f65f40eb33f75cf904af9b02cde3a3cc36ec88aa427c81f1666541b535475cd4cbd40868d9ae586e3e581a311be97110a492ff9afb3f73a6c0c6e4e9808e3d25

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0c58b9d699e2aa06668ded06e842e482

    SHA1

    2deac51064479f92f00a05a3e24f79fafc9118a4

    SHA256

    f9155c99d17e559230b0c81fdb4e172c3c470bf584a995ada176f1cf952626a2

    SHA512

    9480892fe3df218d53f5186175f0f43910ac1267477572d2eb2f29be0dbbbde8fc055ec17a099946e93ec402c3da18879237e380bc989beb0be87a2d34ef4314

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    927a17d4f98217aa5dc20ac76be524d7

    SHA1

    3e6b8a894c0086d3ef3da6f0476de162925d7f8f

    SHA256

    5fe80b7f8290289c30cf2cb485770e56e9b30adc87d6421a309f79cb0688bc52

    SHA512

    f808885d10ef963f5e343414f43725e6b8e6932a11cc946e645e9a292041601d18d60c5ee528185eadd02a5815226fd69df79e9f6f10383efe535205f268ea90

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    68df04e36e85d68d8318ea3f48f055d4

    SHA1

    c9751457368db382b4a4d8974b0c2c09da12550c

    SHA256

    fac938fd903d51aae29b6cb07e992e20e2857167185ecfaf934adbba8995263f

    SHA512

    993f03b6f239c9d05d5ef25f97018953c912c1ef4976ceae610698a8945964b768b704a19f8b73c305ef0be72e8d0568a0df752529b807f2ca71928d080bbce9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    573b9addbcc6a7ec63c47364753d6abc

    SHA1

    0e45f45f968e674b6a4e2433d083274e72bfdbb7

    SHA256

    826df8d25d10bee8551a413e1365d8b4a6e3e5d18f75d6bfeee7a60a68a00b03

    SHA512

    dc90d8e67e64a2c80c1ce7040c7bdbc27453704f4f5927a77caa799d124f1563a3ebd9ef7c3c01f2ba204bbe39bbac755f1a78b3a1193fe128b43c54c1889ca1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b1da3538b350cbf559349dc6bfbd168e

    SHA1

    cad4d8c0773ab8e5157c79e50b81e377c8a5a2d4

    SHA256

    58bfed906bf4a69c37b9db24cf19d79e392f36f6cb7131ab4af25a7939fd238e

    SHA512

    b09761c346b8e7242b43ff0edf1f19f6ad19393daa68c2548f6e5e7e08a930ccaccdb4786889b4f7b9fc0a348f5e2d6c480d0658a54459ea66c6221818830ced

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    912861c2c55634a64df79a70640aa234

    SHA1

    c9e92c4c843735cf03cb3b3fae3671593b6b6891

    SHA256

    37c6d57c5522447726b7efb0ee66429c616379333b746ef712396d4e80b96e06

    SHA512

    ab2e64ea1fd2bb9807ab8acef345f9034b286f3f7c4e41d48b91d38394551d7966dec0347e343d704922ae764bd2013def73d5c4b75df5e82055b2897b8b8d92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1fca8d472db1e63adaa954deb0402fe4

    SHA1

    6378a9a3d134de1608f9094bf27a7b013e1f74e7

    SHA256

    9b3694f914208d5928a12b51a42c5519d3e84603908fe18b8b945c3908505a78

    SHA512

    84003a75b8e288e51d7292ebee4755caaf0f862799467b046b8487ff5985b3d3c3d51ad0db9a37998a40f084523bdf26f158e78c006aa62d87ccba82af98eff1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    64299fba9dfdc78cd6d7349ad876c1de

    SHA1

    dc8767e6a41d8b41ea170bbde9cc36dd49dc2913

    SHA256

    e9b3949fdd54871d5b47bece604fc4e7db03ecd37a3472bd4aef516000b087a9

    SHA512

    aa84b8eb3ccabb92f53479dc5353d23d1dfb8de799a8526887bc2dfe7e99bb3d1afb174128807bfac6faf0ce6459b2aa70d361720eac3ed63f305e975fe5f01b

  • C:\Users\Admin\AppData\Local\Temp\Cab232A.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar2517.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b