Analysis

  • max time kernel
    148s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:07

General

  • Target

    91e48006017689ad5e3989031d1645d3_JaffaCakes118.html

  • Size

    214KB

  • MD5

    91e48006017689ad5e3989031d1645d3

  • SHA1

    8c4a31dd5e6ec2c322f3376ad34e34be6ced1aaa

  • SHA256

    f8744c19909331d9f8d8c49160f1d2a31e0aee6c03f781517fbd5a853013c46a

  • SHA512

    8cedf9bf6108e37c09bef4cdb74987ce306cce81a87a4f8e67e65aef5ea01d7ca1d735cca36cc8388bc98d2848ceb83d4c3ca09d9865be00b0bef61e975615b3

  • SSDEEP

    3072:NrhB9CyHxX7Be7iAvtLPbAwuBNKifXTJb:xz9VxLY7iAVLTBQJlb

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91e48006017689ad5e3989031d1645d3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2016
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2016 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3012

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d87bae7f550556476ca8380e3489797e

    SHA1

    989b01007179017ff785cf72005b712479b72ea7

    SHA256

    dfb4b8b9211ca333f02018d924cb72e7ccb71373516124086e9e56318731dffc

    SHA512

    737b6898b809ed743c6b5c946ab9a31ab3a4fe158be15e030cf39b842cd7d5b3c00b936b0750b2f27f85e0b302df3bd595ba4957c4327ace1b3b1ff84d1c8adb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7310ade577e01d3a02ea376905f892e3

    SHA1

    3220cd047fcea4272c76feabaa6f304a5fc6f091

    SHA256

    9d498baa990f1af2b5a647058e68212fffb833aa6211c659630b82d019d47cd8

    SHA512

    380fe7b4acd94bfba0699d1167613271e57fb43840264f3a8c709d00713c2edc0d65de5698ea9b87afd7beeb305e0cb54efdec978ba2cdcd1cb63e894aa09b1e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4385a8dd41699114dd84a79793d39055

    SHA1

    0288cddedcfd370c580a966a11bff5b94197681e

    SHA256

    404a0ab2b8b4952bc042909c903cbdf04f76ac9081fe2e7a4f8551b5cb83c754

    SHA512

    a69f00aa2efad3a32d2c61899929201e1c751425d3dd30a7c5bca35b32fd05f0e0aafef9d02aeb6ea7bfa1dbab65e63c8ade9616a0aa823e7c768f2d7a635900

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    92fe2f67ee9d7af37eb5c9212bde13d2

    SHA1

    5cf652b911cd20ea16e264419dc8f2992694585f

    SHA256

    5507df5bf6e4683a94f21769f603bd8de0138e3eee806f9c0476a8385e66c6d5

    SHA512

    a72ccf8ba5b5bd0e460dfe18be34a8be6ae15489c78285a51cd5be4c7d7e0cd43ab5be188ed0b5a0da81f94ca12ff9f739940026de4a954d373c847abc17828b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cc9d3848d07de52d5ac2ce0fc592e405

    SHA1

    8cca658a72c6820eaf0cdef262185dfdef2c9f0b

    SHA256

    a09364c4bb6d716ba67d52954927e7328ef503333157458e943c9dd721eca43d

    SHA512

    776ed79486444ed3f4f09c88ce4f0ebd11932ea3c9e06a55023a6f2c98f10d6bb8cc5a55e0f611d74cba431ad855a1f171521071f8ae0bf6e889f527b89723cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    038525373b29f92d7d71e3554215ad9c

    SHA1

    83eefb8ee2b580e4103471ee9ae26d6ce733fedb

    SHA256

    2d4a42214498a247fc25c93922adf2e8c3684d401c21623e572dafd56465c7d9

    SHA512

    bbcca35b86edbb5fd1b46907f8718e6d11bd97315e2ad2d268fc96d4d78f33a374cad768d912f34e96a8bf46afbb7f171f3ab70c6fd06b05aa68297632799b9d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8862ae24bbaf1788ec31eab1a97703bc

    SHA1

    e5b351000919cff1d758afecead81388129f754a

    SHA256

    a238ea9703c498ea3dbed66921d896425171a9b40e92ef219179c7157b9de905

    SHA512

    e6188488f95689df96766dee437f7669d9d48baf9d568a8752c5262e3a2a9e1467361078c548a3ef66328d6e398044a3e27f2fc836013f32337cbdc683cc7e33

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    077f16e9fea5df8299de6f922d6c12aa

    SHA1

    d5654204707da8c1920fe07918fdd28cf06ba4b4

    SHA256

    aa7e5f05f61b76ef021c720de46ed777a1d6c1d9aec29b3b7471d0f9d03d9232

    SHA512

    7139868fce8fb8e01563bd63d1c1cfeaa27ce3afc8e97ef2789d5a4dcac0c1afef162670c5765ffec5b9758d7b8d60d76d70fa41d0c6e5a5a64f8b3f96e50da3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c32b80fd7ea10f81474cd5f1a835ae6c

    SHA1

    40dd2a4866ec249d597cd7e3a4e0b55c2966d8a6

    SHA256

    4bc42be1feb22d18eb87a6f9fa17f6870b03a45bdb43b9075ed09e948b1eeadf

    SHA512

    6f83270d29009758fc28c36b351f777b48606136200e3db1d16c3b641f657eb961b4fcc5cf8fe87288ecbb580fec9b375c3fc2cf696c4afab978cc708421d814

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cf2a935ada94d1220c40f2ed9bebc2b9

    SHA1

    4ef17ffd8b1e85db7e5f3c18ef29c21b1330b656

    SHA256

    33dc3437296aa6a570f18b144a22f85c5a44a5f057caa8687a1739ab88d3849b

    SHA512

    d671502ad59e9ce8bf5b48f75a587bf089c8b2266b8406088ee6e7873476dd19fa4ca022ae1fb9b91b4bf961204762a4ec64487aaa3123744307db821d209f19

  • C:\Users\Admin\AppData\Local\Temp\Cab1834.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar1915.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b