Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 10:34

General

  • Target

    917636c5389fbe5d03bf5345355ef19d_JaffaCakes118.html

  • Size

    23KB

  • MD5

    917636c5389fbe5d03bf5345355ef19d

  • SHA1

    dc2bbb4a51791e8c94180553f74dee2be9d1b28c

  • SHA256

    e40f6e3cb0898a57e10ee8f8eb5464b46aa5cafd1cb2120611152ae2a511d6a6

  • SHA512

    4e21f19fe35970ae984a055bc1027c07b1de9c19aaa29b2cd3e831b23b21a9a6f5b37190e58aa0dd82feda760bc890e9461ebdc23d65aad89713db8ef138c345

  • SSDEEP

    192:uW/8b5nDGnQjxn5Q/qnQieJNn2HInQOkEntuknQTbn5nQnCnQtdwMBpqnYnQ7tnQ:yQ/0HCrT

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\917636c5389fbe5d03bf5345355ef19d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2980
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2980 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1200

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a92dd92874209e8804fea095d6460ee0

    SHA1

    ab72cce3b635e01bcbe15c9dedf5814c8376eda3

    SHA256

    415fac46f9b34a2790b5b6ec7ba9433bace38c405a8703d244d240a3fcbd634b

    SHA512

    672e51a8342de68a266e51498561d4783b1a256fc92575b857bd2a307d4af95b63c07217854ac62cab5fc0deb95b36782ca07b1012baf20bf9de5a0a9e5861ca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cc7937e28a07297434ed647880b386a4

    SHA1

    e12b93d9242b35dfbfdab32b34f402dafb380e29

    SHA256

    387c9ca307c02e4b3a39030c0e570dd36d8fe5121b3dbd4dd229ebea820b2796

    SHA512

    628e8dfba327bf8a0420b3acaf14159c84e215fc85a2cfa8d04f7fc943f5a049353a3818d5332094106901c582b7ce679e7ab24bb7359ccc350dd86586fc4811

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9c00da5d5769d364b23bf2caecea245c

    SHA1

    d4f76013bbe2e8091e230d8f96ec6a0e38ddcb77

    SHA256

    cc5391122663b27369f4aa76ffbf8ecd606e38edfc1810d10e4629358e35c9c1

    SHA512

    11429fb2317f22ecea6633101e1656ae902019d82ae140c823e4b75700b3fb3ef115a1cb969652a687a3f2cb39a66f43348e259746e5dc1bf87b37f8b30917ea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2394dc40b1b1fc2283b8f8fdc154ea19

    SHA1

    dca558bfb65ff97d9a7cdd3898e49cd8a09705c4

    SHA256

    31283cddf7f39c93225485b2c0d2387528faae73e64a2f7fc9d7e412f1237aa4

    SHA512

    de53d56923304945911227f326229f597dea97f0f38a47621024391706e4368ea0d77e080f52af6fa8da331584a3cabaf1ad037c2e13854ac3002f645ec4446c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    506457433e79c6bcedd502438c5aa851

    SHA1

    9bafbf2a356b1127f49151064ad895cdb3e3f12f

    SHA256

    2214e28c6ec976fe56cb7d4e1276c20a19f5d764cd326a18554dbb934d251943

    SHA512

    7da040a4833dde90679ae5f5c096f61d00626e79db1151bffbaf6d3e2bf3ce3b409e3ed1ddf27266e32963efafb81b57bc65e80d45be26c50ea523245ebfc56b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    779eb6e8f15f93059398ce766eba2d12

    SHA1

    c1fb705e62dfa03dc7d06aa43cf6d9ec2972c418

    SHA256

    77ca9974d32e2472e5c032f63c5304e17a7c20ce1f4e2a679437d1ef6077ddb6

    SHA512

    96d383daa616e6e2e344b6d0e674d314e8b3ecb3a96e4f6500cf8532e4fe2beda763d2319f3102d5726912a84534af1f086697b984810a1228b74e851beda403

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    99724ef5644c287e7baca76332413269

    SHA1

    8c0cacc4ac5be392637d5204ac7630ae85a4d750

    SHA256

    3415633cac9ce544a211788594224adbd5fbb7446856620c1c429c21f8067f55

    SHA512

    11e30ef8856925f3827db0408bbafb4ac315ced3bfd52d9ff144ac6e45a271f27b60818903b71e551f9514bea3523b41efab5076642c3eaa3d78b3653ece633e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b3242d97ddb2fbc959c6991a8586ce71

    SHA1

    c3a4c8ee873afac8890e86f506deb0009779b66a

    SHA256

    60abc9bfde11ad3c9f6744bf8951cbaa86e45c9141ec437cfe8af494adec464b

    SHA512

    47742518fb2a60110d1e9ba45cc465515e802461206281962219efc3f734508fcda05c494bbee2671345d74d47c4b025e12c08a1b28d3e920d5100507d32f3ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fe265a2f34f1b1f11003157cfe87afb1

    SHA1

    c9044c3bada9b48ef7ebd140db0a3250b6e180d3

    SHA256

    dea5735fe00e0645cb5ce5799ef18f97ef5adc6c03ed1239c1460b48c9a8151b

    SHA512

    ca493c6978827b27f17604c4042c7ab7b60ce15f055f5f4ebf4de975667d4880b37fe466597e28a6dad6aeaced34cf5ea74a7a84d8abde62898da57a95a482bc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1239e1c9c8532fe845057568dff121a1

    SHA1

    5e539cd2d6b6d84a9cfbed2a4564701ddced26eb

    SHA256

    074c8d838088251fc530aa5aaf9f0628a459aeaa3377bd68e77ecb94097ed31e

    SHA512

    f774ad15db82df165e36823930111bd0b4bb7c454c2b51d8de27cd120a2a86ed997af8a47c7b9cd6c76321580cfb2c75fa60626479973a6dc3658892d8ccaa2c

  • C:\Users\Admin\AppData\Local\Temp\Cab254D.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar265E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b