Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 12:43

General

  • Target

    91d38427776d0e8537aef6628fb371e6_JaffaCakes118.html

  • Size

    32KB

  • MD5

    91d38427776d0e8537aef6628fb371e6

  • SHA1

    88f7d40001cb6c164842bbfc7709e56f6a6cd278

  • SHA256

    861f40afc9387511283d6baa5af06b9e45618cf0608605b133ba735e4a540224

  • SHA512

    3e5787dea802d7c4e67ad5e19a51b3b41e94fab2f625124a42444b4d9ffb73cf2146628ed65f0c25b9087e684818318131cf6e635c083fdf0f4d0c91d4fe741f

  • SSDEEP

    192:uW70b5nxW7jnQjxn5Q/XNnQieQNnMXInQOkEntXznQTbnRnQvXCiCAd1e+7XkaGM:sQ/ee3CkjzlUURFa6jAiKgX6mOs

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91d38427776d0e8537aef6628fb371e6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1196
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1196 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2480

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f9cca4f206692048438d2cc9bfa503e6

    SHA1

    425aaf012e49b2bd8c57ab359193a2c1b091417c

    SHA256

    b3eaef6eb86137e96ead83de3ab1663590166edd5fc007ead2766803f9b7666d

    SHA512

    716c65cee7b52c2a6e780d12a8bee7f95616e8a0b613df382eeea68457653faccec4ca4da6e9fb0341b8775c37f616b95cf732a22be714322983aff015058c43

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    72787b66f932d8abde303033bda98558

    SHA1

    a47812e06f7aeefd55d22615d6db3bae248b2edd

    SHA256

    b1d6dc8a5dd1524717792d482f204e56d806dd9e9f04d7c2e9ac16c9b31fc3d9

    SHA512

    b95894097e943df7955770986d0395bd1ec9280c78a7fba54b5c38d89247fb927f7fde7ee4668aac07ea82a62b91939f2801cf817867ed5a7f6ed8a7cbeb93a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    16c198ab23e5718f97058bf66f403a78

    SHA1

    d020983324b8af238cdccf40b377db471ad4f93b

    SHA256

    4e57ecf5456aa5cef88ae217e01c661ccc4018027d66f4272b78e3981db6bcae

    SHA512

    1307374473d6d283d1423218fdbae2917febde3241cb3502a71931622ae30e3ec61de6f33c1983cdfd959180f07389c17ebce2134c1f3a38d56ee8efd0a9da13

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d1f121e321d3376cae153061a0326ab

    SHA1

    5ef8c54bd37dc17a06fbca050afeaac522686195

    SHA256

    d487f8cdf483baca980b76032b62162cb60cd1ed22b12419e40d560f178ef900

    SHA512

    f0a31b0d406e5b100ae8275e3e05d699d908dc635fbc6353803932d3001e7ac6fe521afdccd4e6b2e4061084ab0a3f8dc4069ff87d6fb1b9668373de775b1227

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    da87a6bf230827a478b895447e435dab

    SHA1

    c7e870d41c25acfa30767d0710b06c6ca6454bcc

    SHA256

    b1407b20cacaba51f07e736d4e2cc2cf89aa2f90cb395cc91f2262ec64cad11f

    SHA512

    73817133b459f511de8d15e68ac58b80dc9c8b4702fd9147d8c8b01b9c54be55c4164a7fe0f3c114630af2610457c4ef21197c3ca801e9fc5b70963215c323f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    13ff35ec9e05b0d0b88749d383f36df1

    SHA1

    391fcebea907f39e1db653199613d421f6daca50

    SHA256

    98b9f20ca65beb6364adde4fe7acaf081e4f2fc9bfea6e810275a3ea6791a8e4

    SHA512

    58ea76d475c829142fea201a16e0d7d149dd1ab7ec6133cb4e8af6b8b3fe49a6fa638db784d5ed2e5f0af283c8a4f8a83333b654e068d754949e8d5ca5f40538

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ab7ae899c9569231563cd1d902ca005a

    SHA1

    ebd3e77e5ac7a403349a51e6a56a341e93d1b3bf

    SHA256

    ebfc6a733e5f6b8341f701a67c12d1213a0806687b3eae8793059a827469ef4d

    SHA512

    d2e96b25cdad475280460643002531fab597267046b1eb1ac9508c741490cabd57aa21e887db8895ff4aa998cafccbc892391c5665764958e4fbd522a306898b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9fe04cefd6002b8f7f2eced50ae98f97

    SHA1

    35d71de74ed3e6c1ce5c3ee4015b8f29a03800a0

    SHA256

    965d1557b4cd84e1ee6e05e9b789afaebe4446675a72a7106a17db0b0b6321e4

    SHA512

    e68aa05407ae86625b494afa6995095e4488536044697df9c7c43c7ecb63465d5a4f0ceec2f14fd92d6f1851a8edd37bf951c64ba22a2d5f52b16b558dd5ceeb

  • C:\Users\Admin\AppData\Local\Temp\Cab20FA.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar21FB.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b