Analysis

  • max time kernel
    148s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:10

General

  • Target

    91e6d3ff24fd017dd03486e3e6cc3ac8_JaffaCakes118.html

  • Size

    21KB

  • MD5

    91e6d3ff24fd017dd03486e3e6cc3ac8

  • SHA1

    036b11b0868d3658503cb3e07006df0801927950

  • SHA256

    e13aa2545d890d54ac2c85aa377499f1893c7a1dcbab0fac27fe2e08dd5875d7

  • SHA512

    263ba1d6a33ba417371686959ccbf52dc83b5966f566bc3bec9e4a6d9ff3283beefaf812908372a3cc4cb8fdae8a791e01003919415303a80356aeb317d5ed80

  • SSDEEP

    192:SIM3t0I5fo9cOQivXQWxZxdkVSoAIC4azUnjBhuQ82qDB8:SIMd0I5nO9HNsvuTxDB8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91e6d3ff24fd017dd03486e3e6cc3ac8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2056
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2056 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2904

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b6e3d1b27c65392012c46e7d33ab9a4b

    SHA1

    c5326070847f6d699b1018f1a23a061c9a680f26

    SHA256

    76f64e4c4e301f7dd450e4222ab804a05fcb9aa2d79740e153b97586b809aabf

    SHA512

    9658fc7cd06b01b70664e4c388a7e70c9c86adafbddcb12762dba7b1b28fa9e7fbf7028c093ee176f66d1039d04c509e7b7cdb192ce619982b1a89a1f9996199

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    68780f2f9b56ef897de78e55d1d17cb8

    SHA1

    e926f7e22c1f6df45ba64c260649d9517e51befe

    SHA256

    86fd7b367d43028593d3fb357af5ef5533d667b1e2477a3b897d4d89a21e5fbc

    SHA512

    ff056db773e64b45bdef497cb11639aed1fab964b5181469a61e68cf651ec9aebddedbde1ab878edf21a6464d279dfe780f68300cdecc517ccd8b5b276c24483

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e7329de1b1d40f66ff6b8602b484c9a3

    SHA1

    718a78b37928fe10ab6a27ba311ef6d9f352dd5a

    SHA256

    e5ca4b852dd9b1876ab7bdf691e8741dbf1fb71db64bd27c38c6d64b2747f18a

    SHA512

    c07927b101d74d419e0fe8f28ce844a29e57496e8de18b1fe2b213ff2a6b4cdd4855c384021ee176e5e79d01c78dc6fc646fc43de7bf4a6ffb1cc87a36d609ea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f35dc7d65f201e30951c524a562bc386

    SHA1

    4f08ffc5b81eb046151081c050f85b54ebe01090

    SHA256

    4e3445b9a114abb2d7a87f0c01311c20216cde3532f4593ea4c6428354c9fec7

    SHA512

    5157cef00375c41af2e127060f5c29b02b0bd84aca4430f564e7786cbf9d0660d0de0ff571127d17050e8d953f98d9cdabf5ffaa6506c24550ca32b03a33ca45

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36e06fa5c553e992a1712c89286e165f

    SHA1

    8037546f0f83638990d5824d526a5a79c68d04d7

    SHA256

    d9c53f3aa0c672552a2424820aa20414b7f6b54c247d8a2d9bfffef3868a5890

    SHA512

    0e0440e5de2bf4ef114ed0d2d4d0e3c85700fa1b7c490272080dfd88636c4e84dfb0220034634686cf8d90dea97cb9e7a212634d5a3f01fa6c9bbaf3d5e581ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    04678057818720e2547ebcd722644a8f

    SHA1

    d93483c4e3c12dc52f5b77104e2c51054aa1d1d5

    SHA256

    86ebf62ffd6e0f2847b9418e53ebfd0ca99f973bab330c1052b9ae8d35392768

    SHA512

    9dffeaeec51e100497738287b70da78a1f0e023b21237e44e2d821656001094323424ef85393d98bc9f219764e888a3a5392d081f5b1b22864f681c54f51eab0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5bb2b66201c687543217df82c2361103

    SHA1

    9c2dd22b1a22e20d7993de90f6f61d0327153a38

    SHA256

    311b20d7bfcc1c64b24929a7708584aab630a5b932b42679e60126b63bbf7de4

    SHA512

    1e07335211eb9a696a1aad1fd23772fad8be15590867e47aa495818f17ec40c2897e7f725b0ae272817dc980306f8d35a04ff632113bfde352c3da2e55d65c0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    89b68b7d4ca5aba43d785d0aaae59890

    SHA1

    70c1e65f60af2b9b4f87d7e477fb227277c49b1f

    SHA256

    fe29d5fff2f2b4adc026654460fa0aa5f37b03cfc5f56d55e1c0b839bc1258b0

    SHA512

    3b30231a355c57f2c9d02cf64d54dff176ddee672a9c2a288c60c5bdb91317dba23bc5b64399f83ae4a420b7139afcdbc931ef30d25f6148ae93c58e0396e395

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e6ad149798f1c7b5fcfc1ecbb7bee7ad

    SHA1

    a51d6c53ec373a8136c3bff48b5ea328d29d3653

    SHA256

    544b4b8ea78177f9b1fc2f2f174a9f5716c6a4ab474b3ad87ca236f9d40110ff

    SHA512

    fdf1b395baa95d725be0720f30689ed0d653e41989b6ea873b2d190b56d9aa2317692819b0e5e782dd76011e5972f4ca98c7ec358852079d6b0333ab49a27c9f

  • C:\Users\Admin\AppData\Local\Temp\Cab210A.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar219D.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b