Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 10:35

General

  • Target

    9176e10bd0916d5046c2d90d7bb5233e_JaffaCakes118.html

  • Size

    30KB

  • MD5

    9176e10bd0916d5046c2d90d7bb5233e

  • SHA1

    188a306f72f100bafa374895de1eabeae0b29d14

  • SHA256

    7318d0e3f01371db28eb5f92e9a8ffabc934fc77943e418322564b4a75e5ccb3

  • SHA512

    0e232ddc43d60edc11e454b3bf8fd1fb069c8e4cd802f07e88722b99bc2349ea6bd7163b9e64258feaac930e7d43d62dd7ebd7b9be126711a69dfa53ba7335aa

  • SSDEEP

    192:uWXbn0gJKJpUEsb5nyoPLfvUhnpyTUgknQjxn5Q/fnQieEnNnNhCnQOkEntx1Xn5:rQ/iQWOcca5zARvfdOOy

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9176e10bd0916d5046c2d90d7bb5233e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2232 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2508

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c1240e92438e9167a8736f08788f855b

    SHA1

    5fe563e2cd0fd4450459c13546a0623a008f2f73

    SHA256

    7b6272a2089091a412493c96337d138bd235228eca946e05557219635d9f032e

    SHA512

    3ebf3141ca4ad359270332841dda46de7e75725cf2f74deb0c7e33b736969131220d293b9eaeecab3c6875a8c464ba634d76e56b4f67cd8a90b83a25ab5f4938

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    708ce9710291dd7d373fc3e240ff93fd

    SHA1

    88c159c806c3bd0bc2489ce61b75037b7f67548a

    SHA256

    f5490cfba844ce02c16ee6d5387fb9602c5ac5aeadc292b066559907e761a336

    SHA512

    0f391ecb61809c7fd541059dc6e43f57a556ebff8a91dad855c60670a73f213af5fa5e6800a83cd11a74aec3915ba6634624f7a7affebeb7a9784daac236f92d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    73f7ccff2ac045df5481430f64737f47

    SHA1

    9b4c2e1cf930dbe413682cc409f7f9576dc56c23

    SHA256

    e9a32d0bc08a57cf7b3381ad2841b5bf55ed33428fe7f2043c4ff18d73a025af

    SHA512

    3c56a3ab19ca562c7f965b09a335606829198d06cd0edb4f7dcfd24e576a789b212d027443269e871a93c77e0a30729c6a557a864f278a3d8ed0f60416f0da67

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    66df7e6f2e0d1f679577f73781ca0f3a

    SHA1

    2dfb1ed26a213407fd5a9df696868e81b1e871c5

    SHA256

    13fa7eca08084b6214bae9165054fe360e00a9a60dd2fa9d1cdf0ec67c1665ef

    SHA512

    6dca87cfdc5b987ccf2d295930e8d3f1de41ff58ad3a56fd0ffb34f2e082f3497971e2325f57e8a3000c82026f2b3b99ca332ef237a8ccfe77c84c1b1d819790

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9f9c1225a67e6906c216c036af159029

    SHA1

    13516fda3b515cf140430ddf90248f18d51141d8

    SHA256

    2c2cdcf0ab29840b0e7d3de06cb44f191825b1551b81fbddb855d259ffdd998a

    SHA512

    11ccdcb7022354fa5a081e4e88a6fbbc27397301d8b86ffbbf9d4adf848b1d3884e5aa95f71037a8ac5b02e86fcf323cd47d330bd556f4ea81b3fdb2d7472315

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3aaa8ba3733506fe21252d443ac6c1c2

    SHA1

    2fbc9b9609c8163abeba521f0a77a53caa99bd75

    SHA256

    1bc6321d90268446aa09db9f7c4f859c1abfd93783baa46d922403405af51582

    SHA512

    86f39cd2f93bdabb333324af934f301b34de90daf8c8255e6de2bab5fa61bf03b2b1c33cbecc1c624a0adfb37a2f4da429f926dd6c4776eb5d7bee0b771546f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    46199c82edc8c2d80dc8c63833533bc7

    SHA1

    1fa43ceef1c6850758e034e77c3ae477cc506cc1

    SHA256

    de18a8915a181e0fd2bd29de58f1afc49ef1cd8e767c65a1839812a825e41948

    SHA512

    7e2acc78730c50a9154770e48a65bdcd407f42b1e7cde9cee07cf53c32db70e29855fde8e988cb97d64198791151560bc0ef8374c70045239eb0ec1dd13cfd93

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    659d7575557a7d79ff4dd67de31d9877

    SHA1

    c4ddd41fd75bd9b992c0669535dc504123c7af6a

    SHA256

    0bd379da2339c415ae3ae082b6623cef057ed7f2392be6d7ca4559bd5e0363b2

    SHA512

    22d76ede0a119374dea6c8a07e08d92cc9df8b20ec079fda9ec0cd33b2c8deb119507c412dae88533e6f39d52278b5be04f6545dc529a352637c6ab75f96d386

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d1156d4ea2002dd9dcb3962390f7ca05

    SHA1

    dd8a5489fdd854cf2bb4fa5c632866c1d5282d48

    SHA256

    6a33869d650d7c9a386ca648f871d0a03a4a6a2f747339c80229d1e4f89f5270

    SHA512

    337bdf0e910e0047f0d4370e6b1a7c81ac85aacdb530756ed555bf9356e53478171cbc5b78e9e1909986e4e150d8b11933cc08bca55699fc3b7249c9c8ca0bc3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b6c5af49ba5ee827621bc050bec65c8c

    SHA1

    6ea67b6f1c72c0aaf8b52e0b49bb7b53a46a8e70

    SHA256

    db688806c59a25f743d3449bfdfbbd986c6cb8f667998391ffa7c7a91b9a2bba

    SHA512

    06192a67f0923325ce2ae4bf1fb60665ba19636f028d271f7c0e51db4131b5316a250842ae92d7f3d2833bc040af2c7130ad8857f4b968c9e2683b7b16da8ff9

  • C:\Users\Admin\AppData\Local\Temp\CabAAD.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarB9E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b