Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04-06-2024 05:12

General

  • Target

    93b57132fa5aaec293baca7e8a2eea89_JaffaCakes118.html

  • Size

    28KB

  • MD5

    93b57132fa5aaec293baca7e8a2eea89

  • SHA1

    179ecf4478b4490ade92020ab9bd7d3085821bea

  • SHA256

    f0be3dbdef52c2930e338ad2a4aee8f70465a0c1157cc746f29a267dd771d053

  • SHA512

    b6c07b9ea7bb221d4f08cad0f2fd7a491f5cca82bcba043ddb410fbb706150e0af089bea278d741b1ad580590bc5f59ba48a8036c40f0243f9eed7c4dbf94bb8

  • SSDEEP

    192:uwr8b5nOhYOnQjxn5Q/YnQieTNn88nQOkEntISnQTbn9nQ9ej/m6sv/zIBI5Ql7i:2Q/yM+hO/zIB9Sj

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\93b57132fa5aaec293baca7e8a2eea89_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2612
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2612 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2332

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9763db6f9137ffe21248a3da7239d6fb

    SHA1

    8be2cf914bbfa774792437813ee9bbeadd93c7ab

    SHA256

    0c8c2a55e7906a9ddecc2ca67b6a67fadb24d42f88b6f4e86bdf457acba47237

    SHA512

    4e109a080e2f3435c2fa17b1874dcb07b52fbdc58a400e40fed7ddd3f99dcab1a2b31e6b54875c32d831aa66d3634e25b5718e60a244521faeee13db7a01c973

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    35aa3d6c15961cb6a1eb1174f6ee7aeb

    SHA1

    f78b0256bfcda9c4a705a4ee8d0cfef68cccf08f

    SHA256

    b34c09afd250dd6b584c50575e644440d6a59c7765da74bf9600b1fab3b66e95

    SHA512

    1b13252896790dc671ba6d2ad341ad058b4755f832d8f6701d3c9f15d8097c2a25b64df044dae192689272994c501ed6ede76f1f22211cb5f6931cb71867c89e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b8a56e1bb01d8658672663a3eb558649

    SHA1

    03214e7afda86429550e8dc96634555de4f5f0c2

    SHA256

    e311bdcab852d97e5fd21ac3ba550e255113e08e9a9109fa6c1d465c68f5e8b4

    SHA512

    0976a15ec9be8476872d438ddff549e4a6d16a293f9ec144a441b791b9a0460f8ef1b41eeee6786545acf43e955634ada04a8bf9ea1539b53afae55b6cdd7cf1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f7b4e84235c15e74f37ee1f22cdb9546

    SHA1

    6c09bb85e9ab9db3648e8724490a0ea319bc4180

    SHA256

    12d5ea0ffd0d02cd516bef466b49b353b6024f8042fa6de47cd33d75690e285a

    SHA512

    d21a17bc63653f5a938a47cc1ac810ab7012b7661a16184579645aaf464a19a3ce864c6fedc1ad67f9db95b88e42d0ece9801cab6115a7a63e73d6c18537f684

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bbc6d90e65cde8a46c10b9b317f5f09c

    SHA1

    3fc7c3263b8e5761725ecf3f2b3afed2e7af3a1d

    SHA256

    d9113eae57a24e7e911a262e662aed5f2c56342d5bd243311a1ef76927948636

    SHA512

    0386fc94586a487aa51a53e7d4f78f8e3e5bb22166185a7e3b3bc0125fa479be3c8a9b1b04acc8bf0071441d81ee3fe1c0833c0655fef138333fe4eef3ef2895

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    236adf4ab7ec478e7070b7fadabdd3cd

    SHA1

    c4e5f41127302580bd0ac8aa3e7eed6a450e7318

    SHA256

    391f945b796d1fbf9059e4d3f6d14e4d87755f90bba0761df89b094865710543

    SHA512

    7162de958f6cd75f9f285e406b10175a65dee8e544dafef9351881cae932baace27d1a6d270058d4d42699d2dc30bd6a5ff068f21ad58ceb42eb0ffb89d7bb89

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    86beb00069311b60cb24c3abca3f72f2

    SHA1

    8144f85b15a45c532157a4dc22ffdc0bf4d8e66f

    SHA256

    ca4927a1f9ed710ee271baafa6603e584f2fcfc8d913445ef16f6d889ba249a0

    SHA512

    da5d18e06094d2eaf3f004a7230a3e0881d5bdb5cc5423122540a6ee9258623a31997afd355af439db9d2644b31c26877171a02b1839e7d831cbbe6a78edca5d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2485393cdbf2b53fce3e6f9af99df162

    SHA1

    968de2682737484cedfc7f62b738b10277a17d7d

    SHA256

    60e44e029df5f8e24ec999236ff1ea332a74ac0eaa6b39321b1ecdcd1d22b083

    SHA512

    1fb6a0bbda83dda5f397308539f16caef081bbf600962b98ef2421a978d18c5a370dd1b1db62c47d7843bdc532d1b48b65637303d1051c8ddffc77f916da53d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6c6c32ed92415bb0468293a0ccead65c

    SHA1

    53e9597055eaa9255cf17c852033b9237f9e7e9b

    SHA256

    ff05909ed8553419cb0da72bb44e7fa80cc7de2de56264b2b5023290189c3f58

    SHA512

    158058c9828df500bf941b81b96fb47036bd1204ae9a727ed08ea4c6d72ae812473ed8a42f64d9e3ad2b1b184b0b74724e8d7199303f8ac0fd9f584185dc04e1

  • C:\Users\Admin\AppData\Local\Temp\Cab1036.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab10F6.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar110A.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b