Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 12:56

General

  • Target

    91ddaba7b4b55dfa3843d534c0417b5a_JaffaCakes118.html

  • Size

    16KB

  • MD5

    91ddaba7b4b55dfa3843d534c0417b5a

  • SHA1

    1904f0c716b8aa9b2eff66508d4f797a01fee7a1

  • SHA256

    25799857809a5075b66cc72d221b54127cce8ef7caae99535baeed0e3f3b003a

  • SHA512

    ecddde43f21c2e99c3a32b6943f9d34272367d57422f5ffd7916b8d1316463659b320e279e671810ba1c6c58350707c3639362a916ed9659931967e93a27deb4

  • SSDEEP

    384:X28H4dG3/i123OJ+HSBUSq9HI0/e2BMKDJ+lP0Du3BCa3bSD+8:Z4dP639o022CVb353eX

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91ddaba7b4b55dfa3843d534c0417b5a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:848
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:848 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1780

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    af09b2460f5081a3a9ed94b305f081c0

    SHA1

    9da3ce440cc46dbdd184e3714c72f1f1711c90c9

    SHA256

    466417c1df73ff0a7c135db402b4e6023adc5ad4a5d433b3b6418796e6c1517a

    SHA512

    caa070599cea6d3fd41b54bf9c6308a7c1a8df71419f97917f034c8d2d9bf33407f97b7c7cc2995513bd8559785b0d11f457db46b5284f0172d2770d0175ff7f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5bb814f7d4ff4e4b39b648c8ac32a71a

    SHA1

    91ef3f9fd9bc8b38d399f611bc5bdace06b1c0e4

    SHA256

    4f71714285a9d7aa4d6b6e75975bcc2cfc4fb52fdee934d9013efcd587a039f8

    SHA512

    39e3cf567af1724a3f68061973b6e5ae7cee6070bbf08f80a11c366fedc60e991df338a2fc5f706fa70bd05e0b13d41e9fc6822117f4ecd2946f574c4d722905

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dca933f3eeb191d139287218f8c0e1af

    SHA1

    598ca2cfe1b3012806d83a8c3081f2c523fff7e4

    SHA256

    7103d98bab26a41ec22d6e8622c1970600ee250b531f5f3d60c01e359f7a4810

    SHA512

    d11f84546f279a66f2179aa16f1fc614f5d3ab705b666f8b31671d42a206446bdde5c37d5ca51fc5601b60a69e8b3452e30e47988e86fd8934f53fd6e854622b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aef71cac657fa8cee6233f6d5ee3447e

    SHA1

    67da315b384ff178760478c981602f8e35cfef2f

    SHA256

    663bab0bcea2820e1245470c35a2bea42c6e27d3c9cdad70d25d4ccc8dceaf00

    SHA512

    eda0be01c5a1db0352e2c4488de37e8933829f75ea0e6daf80be10b5e5c24ec3fe8ce6043bacccc98ef9d689a3d5b480abebebcf1cbd00fd025b83547e037855

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4543016398cf3f1836c2081acd8ecad1

    SHA1

    0b60928adc0f267ab7a72660a1374ccbe206b3c8

    SHA256

    d0566058e5ca5f1491d25d924ad09baf0f25122dbb41fb47b4225cf2cc020403

    SHA512

    3bca86345cd7df1e198725503e57e4c5e7834bf7a025e1bc751ccffdcb224d5aea92af3b1ace2c65416e1418f3a77bb43b1cccc9753b639cd44106bbe8db7268

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    51570d2448247ab365c088615c002e93

    SHA1

    2c2f9f4f9d082ba35d3585c1d08b3cf04cabe093

    SHA256

    d9b0f8b89f594b3deab0a9d43f09d4fde36b67cd1f43bb11ee7577c073bd8f25

    SHA512

    77fa71b139049d659e21e2b9a5938c1ef384c0b7e00441f110c6b99974abec6c512b5393a90d177a63f4e5459681f3d0a645c6b32e7bde9082b2bc17c022b2d0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bfd734e3c780a779b346258b462741f3

    SHA1

    ea387572b8e86b87617d0a79c4b475ec21c093fd

    SHA256

    9b64dc3772fbe6ba6b20d57e08878af3828606ec14481b1b2a067250db3bcecb

    SHA512

    75278bdbe99d6017d3220de1da1c457f578c19be28efc2c98fc355222ad2819affe3af7362582eaf15b4d87803d02972db0730d84fe65211cccd442eacc3c8cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5732ecf8cd1885d9c2dcd78e19ac7b3f

    SHA1

    e83b7fa0407c9cb1ecd0d4850e98756cf12eb091

    SHA256

    94e8054d33f87a06e20eceedb2ce6c4f5b4c11f9fb1f0219707ae52f04b3b2da

    SHA512

    d10db2277f31aaf4249d4f79075b125f325f8eca5015f4afe70684ff7c87e8a2799f8f5f98e8ecdba82c22b596d5b61d45c207d1404cf2a0a31068d4b346ab33

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1370c4631c2bcc3f9b5e362cae051c66

    SHA1

    0813df3e4b1496f07467e796825af31fbb496fe0

    SHA256

    5384b87776b05c114276a56e2afa41ac1f3421fd027d817ddf9617da23615a38

    SHA512

    8698fc31be3dbb7514aa2b07fe51b6c721ada91af23db2e6dff230394313a2e4b4085485e6a3e0ef4d4ce99af384a73501c6fa1f9e390f6d940d30d7e69c1509

  • C:\Users\Admin\AppData\Local\Temp\Cab1EE7.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Cab1F76.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1F7B.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b