Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:06

General

  • Target

    91e3ccc6e2f9174adca98e38261de459_JaffaCakes118.html

  • Size

    21KB

  • MD5

    91e3ccc6e2f9174adca98e38261de459

  • SHA1

    de38ed1372d664f43b6b7d777780509402cedd70

  • SHA256

    65146d01abac46658ea600b1a625f6547363a8e6088d8213846e715383b31536

  • SHA512

    e8fabc4a0a36481e8fa357b2283d8799087639bb04b8465e49043f3a70a7358b325efe46d1fef097e563990f81a6175bde358366bbf87feb97467e21ec804a5a

  • SSDEEP

    192:SIM3t0I5fo9cOQivXQWxZxdkVSoAI3tETPETJmtET8mtETgtETPETJmtET8mtETK:SIMd0I5nO9HpsvlkxDB8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91e3ccc6e2f9174adca98e38261de459_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2208
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2208 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2556

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7fc2c57769a2b527b83208d56545e1a3

    SHA1

    d75958beaa5f2ddca24dc28e8b806e3e402ab974

    SHA256

    96bb5c62176c994e4d0ef79eef8f9942071e88cc3aff3ee7741371f999ce233c

    SHA512

    693ec8466c6d614d3c126a1726c761c463895dcbdbfbb5c687753d0a58549177de00246a486f5bc28813848232068536371327efb9232b09c267b2e5ab4e4f5a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d409c22ac9d75e7bdf6aa0389dc026b9

    SHA1

    0d0d63ac9e593b5747c6e04ce0c69ff3c25c2d19

    SHA256

    fc6a50650dfdc3ca6e5690ffea4a3d35bca6160eabf2fc2d2cbde17b8f9a8e51

    SHA512

    449a19da559064414dbe7b37ab6443e876a56d74940576a1e78acaadf2d7f7cbd8d162778a37d428b094bcd4e672a6dfa1f7425e72e48ae76577f6043cef90a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d5bc19bebb243234c6aceec2396bd82f

    SHA1

    808b5dd42477c629f059add9f905537cfef71406

    SHA256

    c2ed8612e23e97919164980abafe7bd18c25856f9dd0873f6f314c62a7adb7ee

    SHA512

    92167d62c1c80b2ce12b241a0627a92de457bfddd5a1a8f5e05b46cc2e41744ba5604b085efd5cc4a33bf9335cc8bde87a5642964199f34321c31063306db961

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    662c7d0f57f6c8c6de07ea6aec218308

    SHA1

    56e45e345ec42851dbc8eb0cd9df5422c23160fe

    SHA256

    89ee60499468ce71fc29b80a4990951bf0eb467d0f469d3471a744ed17df4425

    SHA512

    9c2525bd6f85dbb0813ec9790e39ecc9087cf3dd807ea01b92d46a0eab4fdaa8b034e282f1b3d3dc44f98810f0354fd3aa51730f0052ce590a7752fb6892513a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba04bfcbbc388e41766326d54fed6089

    SHA1

    7684a7c0ea950e9c777635149175da9076ccec12

    SHA256

    b2e37504862aeb05c51808f6acb9144f748a29263090448f1f3242a5d5c8dac6

    SHA512

    f3e21d026d849efe2e0c6265dd86abaef299f54fcca7fd476aa511277660720126a12222f46f8ddc6e531be93203b9c05ecb671448aa6bc041d9cc554150daa8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a01393ca7f71d6081513cf03681f90d

    SHA1

    50f8ea5896677079aa1753acb022847bd2d76bc4

    SHA256

    eb2ff6574634ddd36e89196904e65a59e1fea1fd4aad497184da1ac229835127

    SHA512

    5e8a9eae761bf5cd06669bf724baf54c3c431ecf8e2e713e35a6ff84ca502b7c8981214048c91ac2b9d3af877930230192ec39d40bcc6892705ac9efea0043d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0e93cc5a39c1711dc293b0c669e8159c

    SHA1

    235470dcae191d4ee40cf782f3d92a5038c4310a

    SHA256

    5624e1a3190c254f4b895de234c3d3e36039d25bf867b32b0d87ba5a382fc65d

    SHA512

    e9a61098855db94fc7028246ccde59b20f802263ee79c8e336c4356289fcb5f644b7151f30924104da6eaf7587356a8b4c80624775c3d63088efc5a57d2c2f32

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b3019af9fde0807d24e0679099140fc3

    SHA1

    e45aa565ee4c4585dfcfdaf7bf2d20d3eabc1e15

    SHA256

    1ec23841f6d9faa24b861ac458047ff2644d9ce6a91f276b4aba4ad6bde8c94f

    SHA512

    83e91588236cea71432d07354bdbb891c9dffc97f344bc10ebffde2537621918d447cdb15ae2c8ce89097021e873ceaa95db675436d8e1a143a550b55a338a26

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd88811919c436798e6c86fa30417a86

    SHA1

    e66734854c818d7df3c83c26c7ec49b9cd52a555

    SHA256

    ab8e122aad73c91e2b7a620c5efdc4bf2a96946fd38030d8053a756be2b151e2

    SHA512

    808a3c322f34242b5a7065e19ef4c7f01a08dc03a5841024ef27e13ff6a9d4b904d5a08c1f863bf3d1d4934bded63bf0730b0d9d235b6713175231f4aee08a5b

  • C:\Users\Admin\AppData\Local\Temp\Cab1E2D.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar1ED0.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b