Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 12:00

General

  • Target

    91b5e9efcbee76d5eb2355d54280028f_JaffaCakes118.html

  • Size

    24KB

  • MD5

    91b5e9efcbee76d5eb2355d54280028f

  • SHA1

    4e65b96f8b18d29a3b23a8389209ad9628ec86f3

  • SHA256

    1a4e7927e8a36a4d254a7a4c89a7a691c1285218b713046f308f213598a8c5f5

  • SHA512

    9c9eac4772b5a44192b5a117cb76fb70fc72bacaa5bdb75f6a27a03be3245eaaaea13202cb5e2df6f966fb77f74ad8dad2911f6626e061833018ee5a2a457293

  • SSDEEP

    192:uqN7HRb5nW7unQjxn5Q/fnQieZNnZnQOkEntFYnQTbn75nQeCJVevo7NtIFo+Nzy:nIQ/6ygcnnBKu

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91b5e9efcbee76d5eb2355d54280028f_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2120
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2120 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2748

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    370613806811e4701179f1c0ba8c0d2b

    SHA1

    d1593fcaf94743a6b881257da5f15dad33b0e039

    SHA256

    8b8ea9623651c20b6d83605ff8cfce1e1d9eb0c5fc9e1def80d3d6df2b8a0283

    SHA512

    8bc7fdb79626d4aa50d21efe80d01671ecd3f5e33fc69faede66ba983d8cbfcb4cbec006669e0b7d4bfb3970c7b925faab51a53dd6f8601117f514522cf6bd06

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c39ae4cac710ceea4bc57b3935b544a0

    SHA1

    83e595930a420abe9bb662a14d14ab186ff8ce6c

    SHA256

    ae396aea0feed603f1497e971a055c5cd05690b665eaf29abe548a5029c6d92e

    SHA512

    d8bb29ab553da20cf5945f4c893d92b75651e345ce52a32944a73838e71cda4e826193fe245dfe9fbe609154666357e9cc1aa14625a30bbff38f61bbc1897f32

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e8d0a5b421d117f546d837fe9b836e4a

    SHA1

    afd31428b4936e77c8fd17cb3b00dd522233709f

    SHA256

    4751c899ef57a4a094dc7be81b6884bddfa02ab1504fe2d21ae28edd6bbfe640

    SHA512

    fba1692cdee4b84535d2e2c58953dbd31c19c302569271577824037a84f28d8c280ee5bf0160f30ff9ced77eb34b9e7b8d44d70ab0eaff8dbbe86fc73c49f7c6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6cb138d6fcbd85c3109dc68d2808ede0

    SHA1

    46a3fdc356fb094960edf0c7be14cb9ba0654a5d

    SHA256

    4c454fa3a2deb6c930f546844e32142fafc9ce900075e4ab64f70bbe127ae19d

    SHA512

    122c276c0d68707b9c9c587f2789b0ed89cb5a849b1e139a4ff99559b37475efd9a082b0ccff389152cb25347ebb3026d500b4025ab1ef8b61c540186f079c52

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c6eb6a369558e32840a871a3c0fc3b66

    SHA1

    9c7c7596b670546e8a151075f9ae6be3034a7f90

    SHA256

    4d31436cf54783a4c099a3b61a108a8bcf249bcd56794e7a09ff06c411afa15c

    SHA512

    04456ec19ec2f48d506384fd5d678c7e9d63b050af5a6e5cf7b4190e89624aca0692d9cf0b598e6cc1fbb946dc7882b8d9b0249ea1f01fe5d9656efbec7ba78f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dee1970ee3f969a0ec64a783117de695

    SHA1

    cca523df9413138995b6bc66b95e7917f554cee3

    SHA256

    55665aa1b6b58303f0cdcd17991824502628744186b2f4884ea8875d89e3fb2e

    SHA512

    34c661242633cff5179185f675169327e2e3861bc2075aa8aaf6b7223fccef5208a2a33ba2e568149989e73aa34b2ffa64ac3a95433117c2de0bd97fc133e01d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c0dbc210aa19798d20a9b997b463c176

    SHA1

    e23806162631e04a5e0cfcc78ee49208123e43be

    SHA256

    000b6b088cbbf385932131eda4153d4dbdd98a557b5dce59e06c241cffae078d

    SHA512

    1134f030e883a66b1a0ada9b259a9ca098cc5cde760ed661c6ec1e45aa5e8e3f2ce4dd84a8e5c038e2285f7fe7d29e162eaad0173b03fa07b73e7e8e834221a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bfb85804d5023aed6a0ff162640db141

    SHA1

    48e3b877aaf5190901e651c250b232e156617435

    SHA256

    3da08d6f40ea4bc08da716bdc82be5a367d1bb019774194b645a99ca36dde431

    SHA512

    e44dee521d1d1de0f352d60407bbbade2407d28fa35c3aceed261185d2962809c2d8eb0f236630a236cfc9eb7c2ef6fe5d5be810c62f51761fe5a41a56516791

  • C:\Users\Admin\AppData\Local\Temp\CabDE8.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarEB9.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b