Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:06

General

  • Target

    91e3eae7e4209feb78df66b78b1114cd_JaffaCakes118.html

  • Size

    23KB

  • MD5

    91e3eae7e4209feb78df66b78b1114cd

  • SHA1

    ab2da68a3859ea6ab861227197e5ee70c5b2da7f

  • SHA256

    2bf6410d5292ccb563ec9afb076b87ae91c10a5000fe473017bc4d063d07f70f

  • SHA512

    b49ce9c2569d71864762c9c20c498cb13d11a687aad6977024459eef8b863ea9b139f3038439e7c80ffacfa7e3b69fa6a8e5b4b50b2db5f456ab34188b7ce1ef

  • SSDEEP

    192:uwDfb5nxunQjxn5Q/EnQie3NnsnQOkEntwynQTbnpnQaGLnLnQtrqMBXqnYnQ7tI:bQ/HG4JmFk

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91e3eae7e4209feb78df66b78b1114cd_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2912
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2912 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2148

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c73c6824f11dc8e6b3c2e7ca488bcdad

    SHA1

    a36f51f4833c3fa65cec40a240d16e08bec759fa

    SHA256

    35a91410552f7d804a8bfab9ca4112207b60b0809280cd3a51ef080b22641152

    SHA512

    7e9c40e6466b4ba66a6b2b81d04efb00c7626f4510a88d17fc5f8937780eb8e0c691ee0d8ea9f2c82ee1aae72dd17927a6cfdefe8b43c7e7784b5f2f2120741b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f029243967aa399af9ed0ced651fe0d

    SHA1

    955a738fef296bf1697438b1ee7ad4f039f0d548

    SHA256

    515f5dee39b1c8b84485778fd9b614d63a5294bfab46f2ef6fe79d8d33ea7f4a

    SHA512

    222d937d8f9bb4ac060843be515fe3ea451acb78abb51edb32f0534ee1c2d6f0fc1aeacf2482ac6889246a4ede74b2890e5666ee6bfa07ac0a06bbb346592958

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eecce46adf29bbba7b3184478240bfde

    SHA1

    c5f8671a27b721025b684ddc9ef23f2ec6a02ba3

    SHA256

    5c0fa05ca83a3f2a8c853b60a955e145e35ff5f1038b3625376b20e0805abae1

    SHA512

    d520e1828b4c9a62e9be84696d78246c53a978b229d6391a70889d32a356615e7176ef9d5c5782dda3703093aa3b55d4b1ee672a6394ce6d8f6039849fc4323b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    85f902a72ab4d7b090449cf77d875de0

    SHA1

    55df484d2efe27836a4672456cbae6ca7aef2d39

    SHA256

    75bc17c3e48a38df338a731e0f9e9d258b89ca7ee985049c38ab28c613a9a73a

    SHA512

    8e710a0786c06e17b6de85b41477d8aadfd6d307722191b324fc78a3a570f370d0559ae038b1b2898e122db33400b79800fcc0cd9eec645e8e76442012e21740

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    01361d4d97d76950b10f684196f722b3

    SHA1

    6f8dfb3903eb5e1b884c3b7cb2afe5f2ea6e3575

    SHA256

    1cedc401ccc1a7355418e5fe4dd4bc6a24d72cee4fcca78a383a4cf19b3ffe68

    SHA512

    902df608e31b4e4d4530af129a80e59de9fa8a0bf64ff4f2598fb4c4dd663ee80a8b7ec453ba7ffaa44a4f4bf50f4a901cf5069d4a3ca49d06147ac01afc8f21

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5fe04d200b1bfac2abd86a2ecf0690a1

    SHA1

    a4a23e2365efce2f6db6f7293a0fce201fdcb2ef

    SHA256

    2bc8a705870db4a694c6ac48078e7debbb75925fd7efdf37c81f642b891bcc36

    SHA512

    5b8a4b0882a34a103fdb8bf4ffb945458592e6323a1b228021d5f92cf00ab135142fdd12c06cbef44153efa54622bc9d91a3debd0049ad9a0c657e51276a0cd3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e7be0bf680d55ea3d52ece08fc66a392

    SHA1

    e0322799da1f9bbc3b8ffafb8d20a67454a515ca

    SHA256

    6395018982ef700363c1501678d2591b3428460d9c96ef3b8ea9fd477a36e383

    SHA512

    3577033d4c9d00e0bb02e3bf710060451bc1e368bb3c38eea908c09207175fefe79b080fdf68109b91acac724daa7e4fdff77b87166fb2b5b4410b6b49ffd20a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f2bd0f344e2d286082dd22659dbecd66

    SHA1

    1f62f56214c0347f0eac9c1e5bc50bd88d371b3b

    SHA256

    c4a18dcd78bbf64cf132560f3f93730d97be72a59c53058218e90b750b382469

    SHA512

    ad9edb0e7012daa60e48045fbfb6914f0c7e9f61a0623c6fb98777b18abd1b902dcf38d09ba4d4c56538aee1231f01c0e6d68f7995152069eae29dcfe59f0de9

  • C:\Users\Admin\AppData\Local\Temp\Cab126A.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar137A.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b