Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 10:37

General

  • Target

    917897cc5dc0bb188b1720d959d95416_JaffaCakes118.html

  • Size

    23KB

  • MD5

    917897cc5dc0bb188b1720d959d95416

  • SHA1

    49c57dd5323bef74c18d0c9c582ab422e8caeaee

  • SHA256

    b1b8ae04d4fa1691faf558a44a13210d174813107626af85ee42e7df9fc2db9a

  • SHA512

    3392e420ba9458beb5067ef85a855ac081f3b3cc1ad7dbfa2850f2f239b3001a9242986c4856da4460ca579a36cef7321e67be6b38c089152afa2552d86f561e

  • SSDEEP

    192:uWX0b5nKWnQjxn5Q/pnQie8NnAnQOkEntrLnQTbnxnQICnQtmwMBcqnYnQ7tneYi:bQ/oWt

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\917897cc5dc0bb188b1720d959d95416_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1956
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1956 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2996

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    473fbc356625044fbbda41b099dfb502

    SHA1

    6403e9e337ed9d199d06cb17765d85fc51670b33

    SHA256

    568ecf9baed8a3400aad333a981bdff55fac4db52e5ef8a7e07f83d2d0e19cc6

    SHA512

    32421ff91c2270cc0717e47a7e755bb442df6fb7ae0af3efb1a1e7c952a1549ff398827725f5b88a762f52991836eabcf30ec1ddb7debfc0b7f2a345c810d9da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3d465667c7877db26034924d73c1de41

    SHA1

    808e3d2c7c92a1c6d30fc4961e5c9fdeb119357a

    SHA256

    47379ae8ba1d7abef0df0c2b43aed9566758e2b6bf8a2b39c225276f3e9c9d24

    SHA512

    48f122075fefbd08fd3d259530efb998ecc3a2de213404cdce0544acf022b8a305c00d9e4f0293e4bff7a22b1cdd251ffcb17d79fb896c551972c2cf11dbc69c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0cacf3c40dfb3613e1f6954717681a9d

    SHA1

    76ee571c2eec3bd2784174fe8774b7e7692285bd

    SHA256

    c9264dfc1173d6a49e1a8fabdbc0c741d86aa0d2b42834074a40a9afcacd32c7

    SHA512

    cc938521400db68b7e5dc44c8fbbb3b949f6f43f75824e8d7d6f1d8a345be42ba705cefa0e1b529b9359db8f660d5bbbe751f521a90243925062bd7c54f637c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    91ac053571d39ffb27c0128e900ffaf7

    SHA1

    7c6e10947c401e2650dc73d65c503b6e16f8bf26

    SHA256

    dbf1855c98fdc61372df262b2ddb6606da22aabed1d5fa692e0eebf99efcce4b

    SHA512

    de179fff1a36e2c6fc441209f4aeccc0423ef90e1c89b1afe30524911958de34ac5f47a7a0ff494f1cc60cb55af2aca1bd622715372ab360041897943c210ded

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    271f9d1550cd9d860b2905a5b8fe5a2f

    SHA1

    1befa8155b259982abe9e430582b2703ca63d4e4

    SHA256

    50cccb44ea9491aa23b7d3dfaca6ec6d5e9f5352539420e216371ca0c14136f4

    SHA512

    09b190762003798b9f9266120159de2d63ff107a4868f6e6d8357c93370acb43bf7bb6c5d43b8857320cea601179fea33f0b9ca7e4a3e8d745a85faedd79ce9b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0deac7055250dd33ffdd8527e13d4028

    SHA1

    f14ad2122cfcfc57f122134b195e08f0cbdd54d5

    SHA256

    2d8e01952d4fed6fd3c349dce01fdbfea5a9888f098fe0957120cd997c3a8ad8

    SHA512

    1b383ab2ed68e3747faa378a07f2b15b10dc9aa17c45ac52e3b4b0cf6b7dbfcee989adf229d1e16ecdf308e96dfc83ad5976626ae07b2c2c4f70267271e5c940

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c99f3dc0eb7b46069011b9b6baa6c458

    SHA1

    9cceaa0cf0993c4bde395e8783fee2cab719059e

    SHA256

    9438e7cab9216439326cae90711ff71777bafc0ebb16f513adae991a3bbc3247

    SHA512

    9165556fbda3cb5bec3efa0cb13321261819d7a6134c394cbf538f1496dc51e4f95117acfbaa37bb79ae573593e828f679025ad99d7f5e41639a09b8a0720781

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    45b59b6efa97d531f9a7eba15af118d5

    SHA1

    d222b549bd0df1d987a892dd79d540e95b0e11d9

    SHA256

    be774b0ec228f706c089a3cc38141797d2799232d1a83bca17800f387b31a579

    SHA512

    9ca33d27e5f2cdebf43b25f31a67488c4ddb2a6b68d083333f317d96d1c828f54a16d033b22612d92baaf02b2f5ec9ebec883ca2f1af1c1d7b89afdf82fcf29e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d8a506f90d4a84d98a963d7814ffafff

    SHA1

    157faabab946a6f60962a60ef127275cff38605b

    SHA256

    e55acae67ddd41fb960ce08b4c4a15b7e494ca4757ae6debd15bc863cb6cdf31

    SHA512

    a0bd1974d5e41988a50ae91d7a972c8a677d0d8d5c070752fc4c46139b8e021de9fc881919ed88c076b896268c40ffe7f19c2daddc05eca718bfb429bd114f63

  • C:\Users\Admin\AppData\Local\Temp\CabDA9.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\CabE28.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarE4C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b