Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 10:40

General

  • Target

    917a50034c8233613f9bb0dae093fc42_JaffaCakes118.html

  • Size

    47KB

  • MD5

    917a50034c8233613f9bb0dae093fc42

  • SHA1

    04f29896cec61aa06dca1c4dc1c7afd690c07096

  • SHA256

    82699442ab0235a160fb7b9fa2c4cbe7977991945a1757fc1f1ffc6d3857a0c2

  • SHA512

    a2cef554811dd286322aa9bdf43d72ccaf875c651f8448cd7b1968fe2ce7c0b372f749922780dcec8279ccfbc9ce93ab75ae2ee734da759ec27933fad1b34eb8

  • SSDEEP

    768:W+Xmr1gbJNShyZwvGvRMmH5NsiMmcrjMmOGSMmR+MwMmQtAMm+EGMmAbeuMmNNF9:WSmr1gbJNShyu+vRMmHbsiMmcrjMmOGv

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\917a50034c8233613f9bb0dae093fc42_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1920
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1920 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2516

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    58fc2bfb31a3baebafb3dcabab9a7785

    SHA1

    ebdb0bbf53cb29a48d936ae777a5caf507db4f02

    SHA256

    8e4073027c065aa5d2ae88fb3380b8db6b68adef1efcf12c68ed5de1f634b39b

    SHA512

    318e78940d83e5afecdcd5c619767970d9c84c258c70b74477fc8cda926ce8f5d22f09b0b2f3d0add2d69f291ea9f1299e7e9395a684f89afa1cc7aa00acd961

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e695040ed310287e9991a863737b006c

    SHA1

    6dc570644dfcddcbfa7950def46eb431226c6058

    SHA256

    3c6c4d2528950e4a0443e41ae63f4422d0d0f3f412267022da769504785d2414

    SHA512

    bb79ab81c6ab3fa2a99ba52843ebe510cd78ad0009d34d7d03689bf932afffb4d2b04a2cef464a8b2923b71f03e7f882f55063393920ca284010a29fb62c8af8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    51f9316ddd1737b443fd328a6ce001c3

    SHA1

    23c1e72af5c0523b2634a0fc5b17e651b32f78d6

    SHA256

    918aac1ddd060562c57172ff5ea5f0b80ccadd7b72097f1776bec23670fa9fcc

    SHA512

    cb48b6fd068dc581e40dab15873d9fb37cdc8866f1e47a8ca06a112158842d51aadc987ba8b71731be361d09a19b84d9a99c556c7f3059393ab3a5ca1c17887f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dd0bb08790cc1a962588d28d0d5ff86d

    SHA1

    49a5666549f227b3316617937da5217fb1e7ad27

    SHA256

    b31afc4cfdaf6db5d76c6d6e776720dbb03620f39a17ce09516e8712eb252ffb

    SHA512

    915320676c83cb68bb5864a1333838f779196d80806519d76fd0836e0a6753c93a8b5117ff4f3a2560d388b17914112f9301b3b3b8cee73c16818a413871798c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    62a923e9f2412eb15f1f45ba9dabccfc

    SHA1

    9c84969f260d9566b8ea8db02a4137c4a7d7c91c

    SHA256

    370c1e56c5862c18b5e3043260f1767cbeca2b010c2894aba614ffb853ea49d5

    SHA512

    f1e8c0662e0adf121d94b9a4279e79d8eb89af898dcd7abdf2360111cd3e638254a8472a9e4966d2145e53fa6ee8f8a16ac71e1273f229087ba629230aa49d2d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4932e8ed450f9e11391d4213f33480ed

    SHA1

    badf789629f19659dd4e46794d0b5240b642f098

    SHA256

    708f9a99246da4a13e9b030ba8906e916574a8fae6395e784d5da849c725bbc7

    SHA512

    936049286833ba7f05f927e5b66508ae67036825ceb0aca4314b883d91b4336f8ed56c266e487230210016eb379c430afc0719125cc13013bda02e950d54021e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    606dce5ee253e557605b6ef2dc0e9390

    SHA1

    d5e08d061645f13f060433972b019784c0d1a8dc

    SHA256

    f61f3c8d74667bacef7bcb7176f68b788f0603714fcdb0715f9bd2bfb4785efa

    SHA512

    eed6e8797dcddf4be74f3f2771f93c8fcc2605b6997a508971a686f2e295be62cbaa2acf9640fa47ed39210cae950e0f1ecef5cf9a59bbfed171d0e1971d35bf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    56e870c4b19c633d9b55b23d46d0797f

    SHA1

    d0b15e0dba6115f2a8fefbc045c2374470575809

    SHA256

    751c16409577beac6cdb1e2a7f98b18bd291123fb1e451e68120c7215612a898

    SHA512

    bb3dd75cfa194a8750a3f6a196ed94785d1e132b79a6ef49ff90d039a81e744056b6a9ee687ececeafe356b698504062d8633c8818e9f9f0a84a6c95491449cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    49359a13b58d84470317df30ae823a29

    SHA1

    43c6d4e335614e80cbb5dcf4f4c471192f4d686a

    SHA256

    bfd022a9378a35a17b4b9451580f5af0e8b290fa76f60a2cb01c35da89493583

    SHA512

    11c95d390b3e0eac6be24d518908b18ab00e0bf683b4f490f1bb013dbf900d28bbe2654245c81ff00e045140ba9655f720e90557d39e60b00a7a798269f6eb0f

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OOWQLMJV\index[1].htm

    Filesize

    5KB

    MD5

    ebd5e2ac69f52b209c7d5b11b4c3c251

    SHA1

    75a9a1bcb93dfe46478f71f2f7050fb610dbb45a

    SHA256

    37c6009bd18a92432150f936fac2aee19b563a1b0a8ea7bc75ad593b804088f9

    SHA512

    50e07ee5c4467d636402597dfa5c366e43b98034be18a166ad85a7c97beaa75ce5091ed5b6cd8af207534e48683c20b2b29afad864670e8a7485336cc9a30381

  • C:\Users\Admin\AppData\Local\Temp\Cab11BE.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar12A0.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b