Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:21

General

  • Target

    91ef9a265cc3a32c4ec6d61e0c62534a_JaffaCakes118.html

  • Size

    27KB

  • MD5

    91ef9a265cc3a32c4ec6d61e0c62534a

  • SHA1

    5af8b987ec6d26dcd38071c2840fde19101325a5

  • SHA256

    626a9a796cf6108c161db9070daf9939f67377c879f22f4b21ea9ec5acc06698

  • SHA512

    beaf0688f12a4b1d498f8fea0ae7f70e1d945a59d4c6f9b3c5354f57395a2c711d398cd94243c273d72344b56c8ce690ad7fcd84dff81ed05873c15f0e99ea40

  • SSDEEP

    192:uwvgb5nQunQjxn5Q/nnQieuNnvnQOkEnttdnQTbnhnQ9eIam6l1uUQl7MBOqnYn/:BQ/5tyDu/SwD+s

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91ef9a265cc3a32c4ec6d61e0c62534a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3056
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3056 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2168

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3469277cd88c9daed8a2949630596bf8

    SHA1

    9260afcb8eeccd559fb73ec43116cf49eda05129

    SHA256

    2f73e162dc1e200a36db0c22950d9005668b0f6c34b2eb474d190acfacd0b778

    SHA512

    06ad1b97aec65b06301c55f79871f07e0c43f096e6fa9fce9009aa54afc2a586d67f7b4e014ca8d8ce057954f4282d53a024dcc7f3951310d354571c5761e92a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1863606d5533b4f187501d00d20b74c8

    SHA1

    a557962a13a1480471e85493b5241d63a59be689

    SHA256

    f9d3823889cb42cef685893ee32d0deccc37c435b2f193b76b93661fe3162092

    SHA512

    12690ea10d4d4f0fea24930715450b026a05c83b460374c4e338a6ae32d64d1628fb11102c5bde960e35b104793e845e52e96e02b4abbd9abca027cb6d4398a1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    80bccec96852402a754da3c6b502e4b0

    SHA1

    40010714637f63d6808ff638d18219d75555dc6a

    SHA256

    18899d86c0d45c65cc74f56054fe56489db12d1b97be18f2ed00eb60b01d119b

    SHA512

    1486aeaad7adc2615e6fdbab5d754f51ae3e58da92f58c98bfeb13f3fc678a9f2914ebc89e1697726f459d0e3a65e63073748db8e31203d04c1f370e8f3d81fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3f2d8d480bf0c1637b5d9eca722c2e55

    SHA1

    ed03281c234c2cb4637688768de5ca7af62fdc8a

    SHA256

    0c601a5f1709b8b6245e4bdda9e80aa82787d53bd1cbc28077348138995c9e55

    SHA512

    da495318332812154b2ac99e81c3de044a533600ef2c3f3bc4ae51c67c832a2e31d41ed8ee22d2fd487618bf6da0fa8238b7adcdf1fa0f0447bc4816bb1b4b6e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b6c2c60674bfe0b398e69495d9e7fe98

    SHA1

    fa7d97542e39e33796de780a7e0fb1d90ec16993

    SHA256

    f46003b520f6c98b977f2c1a2250192761df0d122ea7510e4fff85d6727940be

    SHA512

    8d1c622e097e93c6a3d3bb3616e051c863f9eae4391a0a2d383039bb70eef1cef52d637ee3d7a021700adb2cf985fa715e6c3651d7189e0bb33282afd213fb63

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    378db099307c924b96999bf633c4a13e

    SHA1

    eeafe016d84668e1baaea2d62ea600ee3ba66bf2

    SHA256

    559f24d7bb653598054623db5a417433f5af3966ba4d4ad4f2c138692f2230c6

    SHA512

    8522fc4a0a745f394c7cd7467cfa268c238b611905d69f13f7edab2987ef9b44377fa8ece3bd89f7c57b5a4e0f081333c46f67bb0cdac3b3b23c5ccdadcbe4e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3ad7f11b899716b28ec982d11bb42ccb

    SHA1

    97ce3704c58fdf1054bc661d3e0b4ec7665bd561

    SHA256

    73a11245fba2df7d2ad188e48ca1dce4de3eaefca9b85f6940e7309283eb768d

    SHA512

    3b2e3bacb030ec0717a3630fca42bb872177f8565506301440bf535d4b9e9c0662f7a58ebd900ff812e2b4a92a3798459ed32f630adc507c5a201f8d6d66528e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dbc8a507c95bf37024653bab03c9e383

    SHA1

    eb2c439b7375dd2ff842566bf7b5def74c0ed998

    SHA256

    a00d601160c49adcf8e3bddd07438ed2aaed18401c72351175fb4ccb68f6208d

    SHA512

    bee2ef82e00cba13aa3b5d1cef37257fbd90c96cba3f7e11deb95a0904fc319117cc49a7d910bdfc5984fa08754b87ff60ba823a52cd2806eef05d49e8bd6e5a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    51bfa5030039e5eaf32a0c9c226338bc

    SHA1

    861fdeb9fccd03c5bb81aaa1e2636247a11c3faf

    SHA256

    f55f8d3a379ada6cb90ce31216adc8ae56b882f84bf6e63ffea60f53e1bd6d6b

    SHA512

    63a5daa5c04777bbf41e56d4e8fac0a19a08effe153775dc26f05542397ccc49cb16083af3f7a2d0e74c12430d5d7e547d063c47b27d49fb2ed9b86efb2b71e9

  • C:\Users\Admin\AppData\Local\Temp\Cab23E7.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar247B.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b