Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:24

General

  • Target

    91f138ac6a00741e8cd7a2520c35769b_JaffaCakes118.html

  • Size

    26KB

  • MD5

    91f138ac6a00741e8cd7a2520c35769b

  • SHA1

    bf898f7b9a7ea6fe703c7e2ee82e0a70e28ee223

  • SHA256

    423d119a196ffbd6d33657571e9f88eacd3ca9abf2cbcd3df4fc61ead389a428

  • SHA512

    1c0aea80e9f4618d41741717e3aba081b562d82b7a98d856a8bdad6312c53ec94df7872953f437ece25d992248b848f65315da40f97467b639382812ef45532f

  • SSDEEP

    192:uq+/L0b5nimnQjxn5Q/hnQieENncnQOkEntX3nQTbnZnQuCJVevo7NtnFo+NzQ49:nsQ/Dygccu++

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\91f138ac6a00741e8cd7a2520c35769b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2008
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2008 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2204

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4919ff5f6e3f52c90b67a588db21597c

    SHA1

    1ab09b8dd0f178193cb6b8c9d978295fd861c6bf

    SHA256

    899d70e548749dbaef2ec3cdc855bec91ab3005b10dc401b6337c8abdee40215

    SHA512

    22f7ab398e9e6a2d9adf094204d9d1d4e5a348eea7f2e81158fc12d318727bc97c992dcece621a11354446a834f2aa5075edb5c195e44d89b52ca9b34a9de967

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    698b24c16e02059bb768fe5146bcd77f

    SHA1

    a02ed9184b90eb8f2720d98d2cab8c7eaface7d7

    SHA256

    118f749dc8977bac4cfb9358d043ecdd2421a117ba2fa6925e49ad21d7fd1d1b

    SHA512

    726784a01b73ed0e3c7e56f9cbaf20e6d6ea94d0520e748f7f3cacf3e186e8e7c5412988b8185169a9a7043086c991b1f35caf7fbe802fa99a4da2091a5d85d5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    096fd24d56608e110254b5046d0073d4

    SHA1

    2966c1b42d27603634808c8bf14ffd7c44e1a6a8

    SHA256

    6356d201e2d007fe0d061c5de0f389786de886c59c13fc21ba277a4f43762f8a

    SHA512

    483b0d1e48e1e9f35e0d45e5fb0686313d04e47f03604252c3b9a38e4d1f9f6585e84d28d06bdd6c096ed43b3887b73893cfdbe37dad1732ca2b4e11796b0385

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a5b6fc5a36d171a8751ec30485192645

    SHA1

    f23d195140731a48475bc5f5ef8cc7d250ffa248

    SHA256

    f996c74c4ca106c603d6466eab9dcec2a1c300a255b7acecbace363e9b608c31

    SHA512

    f194c7c3de1eda1fa6e0ce04dc048f4d29b65160c2cf04467cb886f4a0d6e4485e9912faba3a058209b2ada16a26fd619a6ff945904e15636714ad7cce36fbed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    99e21c870cb0cdeafb5e8b9a8a79d2a7

    SHA1

    ec111fff81b2a2582294856d9527597ba9432804

    SHA256

    cb9fdf982b94417de67a6f0722d740c1d2ccbeb77e840bc8ec991152283430e1

    SHA512

    77c42fc3d0470e6dc18241dda5ec1ffdf6b679b76bf30125c03bfd82447eb107e5d76f61493d9b3140c857f9bb1bf45e6276f942e744b2f5a6d4b64354fb3dff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a6a85d1ae43ebc2ded89952e83f37953

    SHA1

    813aa245d1e6ab7bef892568a47d48a9f4c50030

    SHA256

    fffebf6cd023792a8928a22999930e9fe809917fc4cd8e28e696dbaf05fe3b13

    SHA512

    30fbcde4d05c0a7e64a4ab330b98cb8f3446f8d846a68e4d3cea7bc713555a2ad4d7ea59d4800963c5c1051fb277ddc7538975ce13b2195ce137247dcde5a4e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d4746ad2941ee0342ce4f7d47469674e

    SHA1

    2b6456436b2089b29a8089c307373da650cd1d6c

    SHA256

    1d7e727ca7bac644ff000822b53393d7ec2f72470153e3d3cc35a3583c4295ab

    SHA512

    e7996a472eafc209be2aafaebb5626ef92e3e14451cf4907ad42e68310c7e35031dcde7f0cee4e59db8695702ae02fe3949a4703d1a7398303aa08f27abbed27

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8661a87e960f0e3a7daee2956856b3d0

    SHA1

    409947244771dbadb1e9d720999b1350b40c51fe

    SHA256

    7e2c74ac2671d198c73a2c791a5755f7deea7e3fa023617f8af2f81fbffe2096

    SHA512

    a08fcc85d5d68dd84aeb6ec8808b5991af5f73662d9d75ad561a0914478a21abf1cff5463fc7fdfce9dd1875bad3baa6622092e99d2e97e215c25d3d368f6d5d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f56f2a02108c605cfbf50142dac180d9

    SHA1

    918b0959eaabcc76312448df3426b2e4a804bb81

    SHA256

    26f9341ca1b1597ceb2b5ac76ef139808dcc77134a0209be0d4320abb6f9a6f8

    SHA512

    91693bb9b4b5922c6c1d96bfe724041effe7cd22100a3f34ba3c885b88315d26cb8937bf6f9856f300746004467a9b60131fc7d3b246f82f33f6b89dd300984e

  • C:\Users\Admin\AppData\Local\Temp\Cab12A6.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar138A.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b