Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 12:00

General

  • Target

    91b5b15952446b78a489a645d37c11c6_JaffaCakes118.html

  • Size

    23KB

  • MD5

    91b5b15952446b78a489a645d37c11c6

  • SHA1

    3bf22ecd48ff4aebff0bcbc765bce7d9bc663b5d

  • SHA256

    ce375d8e6c4ef0cdd610408c8c6a4f57287da36b85232d4b3ad91644b6acb8f1

  • SHA512

    6ca5096f7fe1c9c1ca01f5f7c2d6e84adfd9959565313f34a571581c4394b534afbd94f315c2754b29f60f0f398c499c221fa092cb07adfd069eaf4940146048

  • SSDEEP

    192:uwa1j+94M5CwBb5njC1jhJYeKEUde6oWnQjxn5Q/dFnQieJkNnAaCnQOkEntX5ML:YQ/dbMA

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91b5b15952446b78a489a645d37c11c6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2432
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2432 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2628

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9210597f3079bca775893f211a9b71be

    SHA1

    afefc380e48bf77f8484c7d9daf7ceae2d1e1821

    SHA256

    90f8389f9e8240218cd0d5ac2e6e6860a409f2e979ed098668001e79cc519549

    SHA512

    cd404ce12c4f6f4d7e4c96f7c93f0ca8fdd84051ab42c66418b41bc453474ac84128a93c48b8b2af4ec026474c2295f8444dfc2a04608ae77db85b96eb772440

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9dae8f1933574270061e69a79fe24d24

    SHA1

    a1888e0dd49c5c878f20bb44a941d83a96e5cf4c

    SHA256

    00846814f07320380ca533019a00409939ccec31ad2e12e1b4e05ef657123890

    SHA512

    15d678c721a6572de599c0b8e19ab3603617250b8b497f09b4677997447b18fca029305450bf352c12cb581fdceb5ded6444c5f465debac87e32158e70ccbeee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    89e008cef3d3188857708368ddbb9197

    SHA1

    4133e8ebad0a9f45f9ea54ce5a2e4b572f2b75e2

    SHA256

    d2745c3845640844238ea50e7b66dd7b93f083ab1db790e2142b37293e194957

    SHA512

    655f4434aa6681ebd2a004a6fbc5a93842e3ee5b565b247e502ba5a88f6f169d737c34d3f2f4872801590e6d157d12cf918e49eb6a6fd42003f416594715fe61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6390f334bbd91a76dbcfd8a57591d1d5

    SHA1

    a362c68486cbcce0a2237b838ffef905225656f9

    SHA256

    9997c239b285d1c499055f3168e415f258219efcc0f81ec9735b538e6cf3e8ea

    SHA512

    2817b44bbddf2e3176634e8e92ec517bc03b20f746bcca00fdf8ca5d5ad77f9d7afe1555f39ad1a4f248f4c67f729e10971886ec5901ebbf5eac904c0da316a4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1b5b573a7c768a30b39c646fe9bddfdd

    SHA1

    1aefd9a7a583b4c192a23afb9275f71e787cbb07

    SHA256

    9200a04236f02dc72359ae1148ead85ed1d5361e3f4ecbed942fe82acba2fe43

    SHA512

    7d0d99117eacda544c32c6491e91dfb0ec6c657eb9e6f91211925bea73ed0536a9a76b5207bee5575fe53a7de56782f46c4f45c6c2d014ed22153ac81916f6f2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    40cec453d2dcc0f047fb033c18bdcddb

    SHA1

    44ed462442e7e283a1a9656362331de0a2c4ceab

    SHA256

    f7702eae49ce5ba24389f07a4c48b6ccbc7438482a642f0b364960e35f0dfa24

    SHA512

    b9d88087e5ae309ef9c1d7dfee800079a580b7ff0c1b8dedecc98171cb1fa21b2081ddc69ca584b97bcc779815b84a33149570b1c7efd624cc06802907d24246

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f3a0f0ba52df7bc64006100cb8eed80

    SHA1

    c8ff597b8d18ee8869eb46b36a3f4dbd2f08f38e

    SHA256

    eacf977558cf53d2310e4c069e98dd0145bbbc75d92b373ae599b9503626c7be

    SHA512

    1da5570372968fcf2bb0772ac3617c299b1266379e9cb396d2f434d04198d778c901300c4b7d809682b269105a4fc471ea0d2928fa19544d44cb361375d43b0f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    680e569fc166a455ef929119eb347c66

    SHA1

    0a6cfe7c91e5b204a4172a4e2451df50e3d28dff

    SHA256

    efe0022175dfcab070c26e6cc4b41e651d5d274282343410227265e8e76639f3

    SHA512

    23a3d643029d37553b707fe03b3ca03564a4fcab8bb889722a2fa436f46c9b55951e8a2083e7c0025040fb6a8894f8dd9c6eb9216466ec5f434c78b071020981

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a8d682225281313d6858887e1e1e07b

    SHA1

    081856e20661e9f7d835ec8f224f097388a7fcf5

    SHA256

    73317d46fa2af313a5ee40a01e6804d9438a583e9878574321ed20704f6703f4

    SHA512

    d3b99049865b5f664e25d9f43958d9f44b073126d928356243581c1176348ea1843a7d398f33384e447aaecc7d8b23d08ca2beadda5ffac7a91fc5a935a07f54

  • C:\Users\Admin\AppData\Local\Temp\CabC62.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\TarCF5.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b