Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    04-06-2024 23:43

General

  • Target

    96a75dde459c7dd6a1c2f6f3c8711b70_JaffaCakes118.html

  • Size

    31KB

  • MD5

    96a75dde459c7dd6a1c2f6f3c8711b70

  • SHA1

    af7deaa33fd6f5021362d90904d6451b08061546

  • SHA256

    aa7ef8bb6dbab5a030178dacc400a0929a84f3baf9d636be96d1fe4462d0f1d3

  • SHA512

    a3d262ec61736a85c954156d50a37803b33cf9f45454594402c9edbb02119eb822cbd90d480fc37cd63a3a5f18af161735d5cce2df21f391f8f86f3c70339ab4

  • SSDEEP

    192:uWThb5nxDnQjxn5Q/wnQie7NnonQOkEntASnQTbnlnQKMCtAebLU/IfyINcsitO7:6Q/rD1LuxVP2ZIAlkcO4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\96a75dde459c7dd6a1c2f6f3c8711b70_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2264
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2264 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1840

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    995bfd32ce29af844cc4fc2413753241

    SHA1

    13e5868d020f3b7eea62aef813cd39c846f01ff4

    SHA256

    d8b2a5af8deb1053d430fc010f95c012afb4317a0e1404a65a12ba713c94e526

    SHA512

    ae18f14128c2e0161c56e16359ee161d367d32f6c99f355b29f482ab0c49d4abb91b1ab5e09f76426cfc977dacc63e8798bf87a0a9cd6751fc69d359a1b37b24

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    894d2872ffd663c97662082c96bf36c3

    SHA1

    92350a28250254451ee748a18f049233fbd44dff

    SHA256

    7da7e429d61875dc0927e41594e557303517bef4b6fa7184f239217312de7bb8

    SHA512

    a46226d856877f1280a6fc62df4fc1719a5208b51a64976190d8ebdff10c2c372cd2646f27daca34eaebb7fdd9c2ad43d69df2caa637a48af77882225d83fa5e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ff1f2b364746f94243765496de40c3ee

    SHA1

    64cdec3d50da390bbc0aaf6ce3dff2423b3786ac

    SHA256

    7c7992170710bb21cf86b2a1623ae031697e2d22c97f37951bd89d2e36085a7a

    SHA512

    36a68e1c15f3ef7e0227edcc32dd161e03d056adde09335d6b8b21118c96241902172dd4f109bfa24e53687170395fe58fc5e36e250fa8d5ecdfe3219647ea1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3f0ebf80f6178aabe6fabb654b46e519

    SHA1

    c204c87347b96957679b00cb1600a8218bce28fb

    SHA256

    7ea56072574a32f6c8ec4033fa0c17ac56849e7c7326153c113152f985d20279

    SHA512

    99f3411e13eded53d9726e8c4da26d7a82b597d9b97d4ba24d21cf0c18494eea7ac370310bea1133c43773548b5ccd19fb12d4538cc27c0051b99b5e584b9bf8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a2ad8fbfd5abc4e6bf1ce749aeaa3b4e

    SHA1

    0297ec9b9e9088750ad14462a2856236aa42d186

    SHA256

    245dbcf48ffd193b5f5f3a0a343d6b21e6a37b57437221c554c489b7f271e1d6

    SHA512

    954e66edbd8e45cffb06ce14a013da7bf5af3a74f9168f555f2c15407e738a09d8166628d52336d9323a33a9827ab72d6d9fcccc80aa5b9f66a7c40072b79e0a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc364b559b3b7ba0e79af5c333981f7f

    SHA1

    722286c17ca142afd707b4e177342ae0af6ad084

    SHA256

    a4fffa5d9d253557651fceaa39dfd10e2c1dc2bfb52d88da1e3863dc5cbebab0

    SHA512

    7de690fe4424250a439027953511fbcdcd4ca80abd239bcf8925a2845f65419b898f4295d01562e73a2900b854f82d4105d717217ad8215e0739296c9934cd6e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    000959f886b31055b1fe1bf8c07e66e5

    SHA1

    aeffd1e338c73586f1aec25cc7b672cf255c314e

    SHA256

    db21e170fdc94790270afaa3b467829d2909a9d7d565c8438397adfc045a2ddc

    SHA512

    4daf21a47ee157f3d20695c1369883e096558ed94b60ca6ad712fa08a731e1f718f1a9218e11da82afea54e2e996cf5d56885a88707784d0267cce0e0b308a5e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    96e1bfcf4ad2d00d21e6eedb5026d4cb

    SHA1

    ef3568b4679c29080ac8e2375a4a9df0862e5971

    SHA256

    249f7dcd1a8696ce8f8ce3fdf86387be454d91133d81b9b3b7877f28aa8cf352

    SHA512

    3f07e53c4bae8c1867fbbd12408fbc289c02aa9de653326d6803d12636229ffeae6e12b335360ed4065ac8f05cf5dd467b36dec833939a70a4ac62e9c4a1c0bf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e07188feac7e07f145ea7e14d9ec1c40

    SHA1

    be234bf1275dfeab91e90ba62d006c3642ab756b

    SHA256

    90862bff27a51147eb096b0115dbb6f1a7b12735dbdafddfc9b0a5aaefa2539e

    SHA512

    c8140c9329cc024e5d13b6a03d412781345a0d757bf615a9d39af5b59f7c33dad03d60dd56c8b1e059f64c6c42caf4a74555e7369882169ff85d4dcce008c0f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8a8171a3cfceda7f474b786591c3ed8a

    SHA1

    cdaf75a6cae4290d5742b30d08d97e02fbca1c6f

    SHA256

    b45089f816c11e7cca57fcd33a29c7daaafbfaabb928383ba96102c0d8a314c2

    SHA512

    1aeca9e8edb117be4ac06bf86ff6e57fb7cc2b3b6fc6cbd1daf1694141a23017004f2c21ec8baf82fab1cf9f15188259472c745df4e1823ace263b177a105823

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    f1c135534a34a0aee4ec0f454676f018

    SHA1

    01300407afe96c16e0746c87c0e4b847d98d88f3

    SHA256

    ad7f63536a685df8264989fc56828445de6f13fecb12acfe2bfa922b493825b6

    SHA512

    3ef5cb7d81ecea46c1faa605477d2ff82132a263aff30274dac95207e62113607d925547a469c417b62b36dfb79bc8ba008f2b8dc887b862535ce088e04761fd

  • C:\Users\Admin\AppData\Local\Temp\TarFC4E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b