Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 10:33

General

  • Target

    9175e597b4866e924ddf769084264699_JaffaCakes118.html

  • Size

    27KB

  • MD5

    9175e597b4866e924ddf769084264699

  • SHA1

    33ea02fac2cb61c46bea894de36ae77ba5863861

  • SHA256

    66f451b9e03501434f0cf57b7a3050d4b0dd451400b19222f55420003effd0c8

  • SHA512

    1b93d5647f9fb109900aab879a8221b6e6e9b898b64e2191e84bff687148c232ea8890dee34b398c6e596c6247f8ce5c6a19e1bf5f6e5ede08a725a03fbada04

  • SSDEEP

    192:uw/Ab5nk2nQjxn5Q/jnQie6NnRnQOkEntBJnQTbnJnQ9eUem6uFKgQl7MBaqnYno:VQ//hWMKDSEvEd

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9175e597b4866e924ddf769084264699_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2028
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2028 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1548

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3795f3b76053066ad7cadf59396265a1

    SHA1

    8f59b4ed8129f0e7f6b0627e4cd67de984ae0863

    SHA256

    aa260c17350bf8e7f50f289f019c93ce79349ed05a9523feb04c61264f66670a

    SHA512

    46f961d716a5e120e7023725c509666973e3d49ff69f1579bb900c852a114de062c62ad632928ba62d51b11c5902809973ef13ceb3b4c680e3b31e03cbbc6372

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a379933c13cfb415d7caff4b830492b0

    SHA1

    93b75426496a229ea43b9a14b192dfddf5efdb3f

    SHA256

    333c381ecb8f5c69f59cddafeb5fc5a7635ed5257664db0bba953993e208c625

    SHA512

    91714eda7549451a795fb2b785862caafd0206388586a4ab44c10ee751ac3642d4bc535329e8b800c7483949c77fbfce273cd365c312ff922495d8590bcaa46d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    03cd158281cc6463e67c90b960c87dd6

    SHA1

    60a0a285aeff40a735caf4f514cd0f0ee7e6a10f

    SHA256

    6e73bcdce20e2a4c5a06311d8732fba5d18241e445351d028ee7a47c1cd57762

    SHA512

    dba1e3599bec17c7601054a2af36bc81d061845fb6e5da10fbedfe97cf18f78e26b9c0deb02bd3665cfd87946a6b6b57b1dabc5da68b8e175c85816ebf3935fd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed2d47ddb797dff2c2275fca8f44f7df

    SHA1

    5ef10e550bd8e821b7be51b43c9ea7412a7ad714

    SHA256

    40fdd673f726c2552536f746d0f2a08224b09f4971055961c24bb4f7851289d7

    SHA512

    c42f985e9d5ec5b62747140cf685f5627526f92e7fd3e278d845002a84cccdfa3d55bb9e11c2fc2a88fc904a552b2b225da4424cc859c873a11c29680c6166d0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8a4251be2f5f589e6ed6058a0ad51a71

    SHA1

    592f1eb936cd3663f1564b9e09e4b33f3e28e56e

    SHA256

    5f38be86f704fdb854e2dec8ff277d9ca197ab07cc284d207bf800216eaac001

    SHA512

    1904573e19c22a67b951a82edb7d8ce3d9e79a19ea223719a6bc9c10ca92c139c923cb0060a36f64a1a76ca8293d12fd2cd6f068e56ae992592e9be87e957934

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d71f38324482923ddcf577c5bcfd29a

    SHA1

    e3e7fe9f7f161cd370bfce4f831130657260a2c9

    SHA256

    84b5e324fc3a9e473e7653292715c767ebd29248bba348df07955780e9d80236

    SHA512

    d987b3557bbbfd3349d2d7692c21931375095864af7b8f3349089772bc1c7e66111ffa3dd333480e2da7bdffd97078af217a90fe1088da532210b2f71c7ec05b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a4d10403405e353c3664279cd7a3bf8

    SHA1

    d970d643dbcdda524618fb7b9a17ddcc5d717303

    SHA256

    37a1b987d671e0cc76e59e45c5a2bf4d533053821817eae2adce606d3d605e57

    SHA512

    c9efb8b38d5a59a6c211db9fee102ef739be7d9266458f179173cc99908603324b951e1604da7f3be1e2d9e176cff1c099d951f68776639fdb04a957639e342e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b7745971d939094b1bd5c74e8e0c1be

    SHA1

    0e5942f0872aa25e89d4258e24788deecd04db2d

    SHA256

    2bac93f9c9411e9bb9d4ec6c8054992b8b280937a3ee1cf28e4d40daf866ca04

    SHA512

    0cbffbc5300747cca2e13771f107f19b2b0321419ab7036ab3723f718ffc115df2b75a26536b31f9d65ae625c8af62d2bd21c9912d03546082a99ddd26d63b3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ca87435f42b1c2830b13d51b2c59bab8

    SHA1

    df76faa9a086aae32972f71511e2651e0dcdc155

    SHA256

    8b38a1623ef2826734a5615742cef796a7c5934da1fef6cb7cc920c16d75bf38

    SHA512

    ed3ca4e41967f2e3bfeef79f6674712476f0dfea5f0d9890d702cfa7be38205f49eb5604016ec84ca0ce5ff80b85fa769f88d3c31aa0f3fde8a9d21e00a53a05

  • C:\Users\Admin\AppData\Local\Temp\Cab2474.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar2555.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b