Analysis

  • max time kernel
    134s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:18

General

  • Target

    91ecbaca7904162dc6dcea8829df168c_JaffaCakes118.html

  • Size

    27KB

  • MD5

    91ecbaca7904162dc6dcea8829df168c

  • SHA1

    20d5d87ce36cc681b8f44ccdf8f2bcd398eab5da

  • SHA256

    62b8843ca2fc1621e982507cfaa281a2c91fbf02f9cbdc9c30ede9115ba05112

  • SHA512

    f12c2a0a0cd96a79558416793dcba73bec186134359de7d2847055110ef7a5059ce7c66451d564382fb30a997b02172cffe8b01598ad55d508077f5a4114f2d0

  • SSDEEP

    384:WBDuaFyELCxzNlM/445+qYQ/xMz2H2WqARZHJ81VNP6K3O2H2KNnFK5OnsOVSNqj:vSs8SLhV

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91ecbaca7904162dc6dcea8829df168c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2236
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2236 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2240

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    640dbe850de4fc26814eda0d804ffff9

    SHA1

    6cd221dbde547ff0e22048a007f012fde26961b4

    SHA256

    0f0b92876989351553c4bd77f77e468c9f9602fc0558c831d65eadeaf99498b1

    SHA512

    46e5cd2dd97fbe622fa7d934c952b2a6a4ee8bfa8f131d751a7bc005940a3418919b11803871097d510f55c4437863e26fcd70f026025d09c6e7b76cb9034023

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    545c2829541f306695f5733e28373761

    SHA1

    45b7d133bfd2f77adc5b9a4b85081175efb167b6

    SHA256

    d69406ccd4246bbd69889561c01eb7f355060f5888dbd8932e813f53d2d460db

    SHA512

    89e8ce297da7174e3378abff026ec24b44d9915fa4035765c93235b36840b4acbc013e814298bb2a9b7b26088628a32f02fa03bd78f56e1b074c8eb7c40bf21a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    90261927cfc9ab5ae15e1abd67c285f2

    SHA1

    e33228ae9d74a5dd427526112e504b271bcb6857

    SHA256

    58511f1e67898147be429d7440b782d3f2c951b80ea53a673dd838fec60178eb

    SHA512

    5257a7109b59d7d21ae39c9f8544dd5ee69937a92d48df21f8f9b19e722ac2e78eb1aba2359975c3d24b61b6878e8bc9be8d7db52463d4a47e4a930f90eb337d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b61578a866c63a1e4ec845e750a5e2aa

    SHA1

    0841bec89486ee93c3bb087d275c667aa2baab74

    SHA256

    16aff5b1e70d86ab7dce605d563235d4d87d2ed15b6c2b5ec2b3c5e9c8f0b37c

    SHA512

    4e3c0fe03c29787351a64840fb219424dcc79a2d7c63c53ca31825d037c262de3aba43ca1706a4330b005943a1278b37db6a39cdc6d2e5d0d2ec360a4df1a0e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    539e878414a75569ff0f2168f0fe817f

    SHA1

    bb88ea3af63538416191e61eafbf496dd30f19fc

    SHA256

    0fc5d080f080d9eb2114bcc899a48608d2ba67a0ecdbc8a4739362bb865b5827

    SHA512

    fff097cdd677768aaa16d037b55c790da0fdecb4adad5de09105738dbaca9646735b33042801a31e1f2aff377e98bfd3906de5e2110fbc56354c12f8ce31839f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c5f76dba6504f7fc28d116b9959c656f

    SHA1

    b2578fbb5a4fc441f26aa10bda8346b7799ed3f0

    SHA256

    4954f72637ee62f14a36398f6e47dcaf2016cae3db894a15aae0c6f69743ffdc

    SHA512

    3803469d3ccae7edb3810fb3dda2ed4b6dfb099cb367ac617f54a0e6973e2237267f44c15b0034afa6af72b37133581fc42744b88fd3743f74d369b6efeb5946

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d73fde96dd3d7c4cb95ece28218f6bf4

    SHA1

    659a324c160861eea3628aaed94d30e4534a0d32

    SHA256

    f416792966c8deb480c5b342186159a304092484e857c281023e6abcc39b973b

    SHA512

    55bd72ace4df51ea2354d11dbd98d5598eae40d188fc3386ef318885c80cd9b05e8c4fc8cb0f27f4b88fe962999240308da287b9f46e30a94dc15e422d1d3ec8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6181ac6307e3f13bd952f241abfb8d03

    SHA1

    d510db8584dec098075e75abe54eaa5939fb6cb4

    SHA256

    d44573b4aebbb2c38918f6e3ec22d12b34323a7f47581d83b2414427581f382b

    SHA512

    55e08b866b044ff8a546fe1713ccb21d120d6628dd69d81721c73c7772cb309a71658e9cab492f52c488c19825fe21e4fb30d3a728e225761225d169e86f6990

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c9e3a23fc72df97170018d31f53283e

    SHA1

    95a7b1f342b5439903c24b28e55dbc51c4867cc5

    SHA256

    3161b8732e46e7583c21a854f372fadd0b855ce5f718cc4c686544896e1789bd

    SHA512

    514da9567f24cadf984a851e917e4a44e6852c13f3c87cf301e471f5ae6791edc7951461160034b9737569420b28b1e3eacd89a1d7df945d9ca77bc294d62f05

  • C:\Users\Admin\AppData\Local\Temp\CabB0AA.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarB1FA.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b