Analysis

  • max time kernel
    151s
  • max time network
    157s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11-06-2024 21:38

General

  • Target

    9f9d7eb42f5e9173a056de18f2123df0_JaffaCakes118.html

  • Size

    37KB

  • MD5

    9f9d7eb42f5e9173a056de18f2123df0

  • SHA1

    a3644d6afd9c3dda7747e8d83aaa3d5fc753d51c

  • SHA256

    b5a5fa06daf3d9c1606835ea746ef11e97d549520f5a4324dcfc0a97b35e02fa

  • SHA512

    626ac21a27c4d9d2deefd50d152412b499b9da8cf2da9a3868e707c1476d2d154ff9b387ddff6c6f35f089dc5f3d75f548b823ad56ecbb24f82699edc6041f6d

  • SSDEEP

    384:DQ/ZAZkrGtEGxd5mPR7Lbe0UmL7upG27KW:AWNiR7Pe0UmsG0R

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9f9d7eb42f5e9173a056de18f2123df0_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1084
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1084 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2300

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    928b6a0d5d869126282eee40afd3ac00

    SHA1

    0a0faefdbf7ca5efe83deecee4f927af873c3257

    SHA256

    7df9fe763f0c57218cd77cd1973a12afc77248964f6ade215ab425819605ff97

    SHA512

    7f76631eb5b8c0dd48a52739a35e528552f985f7b45fec882b9c71c78af8f5186802d7ace5139bb96b5a8087f0673f4c103f5f6fe3640c7299a24e788ea2a054

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0d7b7dcb506bcab8d9f5b6b03e927f38

    SHA1

    e412b75a3ce489a44849e4b724cd8080a246e62e

    SHA256

    4cab7e05fdd57bf93df5f0157efb4e371e27a4b6cf2b6ac4373097d2bf9bbf00

    SHA512

    59892cc153a389816a7d925a145033104203833e8d18ba220b443f0c07ed52e676e44df10f413a09ecec2ca7dd67e3a720b8cf5c0b8a209502fb4a48ccdda44f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5eb66b88f4eee855d289163eadcf8630

    SHA1

    e689d741baa0bd0fa0989fe15f9921a5689bf8ab

    SHA256

    b625080007a1d6ea9e561065089eef7d32d93248e9e867d9f4f97e9b15cd987e

    SHA512

    eaba8394ca55be4b998f7ae16df2cd81c57e23f0637a0c5142797d807cf4c844f062f449adb720f9036eb34b739a1420fde738e85e44d9fc7f566ec340d0fd50

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c8f7a744674085d62d4390c6db195aab

    SHA1

    e917f46fc1b36e0f95c29cf7ef7f3c12e01f820f

    SHA256

    8c3ee60e042dc2cf23c86dd3af62675d07d9b1eb585879bea2fc224a5ce1ea55

    SHA512

    9d225fb7fd6626b0505290457126bc8e5d05f101eb10bec1630ba5340fc2a7040c723aa4fae95444baa2eed3668828642c26886b13d650eb76f5e91aba30c263

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b46348fd68ffe8626f6a10c4f76e0034

    SHA1

    a6d31c005dde40bfbd30c0da203a3abc11961c1b

    SHA256

    5dae7e0cd2c9f5c869bd344501171cf00956d094be47507eee95eb7c9aaf5ae2

    SHA512

    fce583b67f27eb62252b2cb7b371d4dd1bdefe6220840548ee1e393b2ab13d47a3533a86ecb87d40bc46c7406efcfb943696cd1bcb679e400ba4e5d19026b58e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7beb65bff61c6cef688841b1cab13daf

    SHA1

    fbae77fe7fc1e3d52f26ca90f95dff58192c766d

    SHA256

    4263d42193508e0558ca04abe065d2f8a2ccd4b3d12c8bbbdf38fcc048636f20

    SHA512

    29dfe63aa96bf25f497c0446bb4c8b8fcc6f84d584808f4a39b068bc496b9f352590eb4f47b4e21780fa54b073cc3232b7d1a0648b1dea97036a079565bcb8c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b961718f7e669d2f9b42eca2306c7822

    SHA1

    1e1cc8a2f474bd3caa7dc2f7548314d4c61f58e5

    SHA256

    ab23a8b67b3c85a57ff3e1f59edc61424c34923a37432c19cf950e8233310bce

    SHA512

    ebf865cd491928b1e6c824e87a10518513058b8cb7be05721227640ffe525893a28eec084ee36d81d95d34f393644835381680bff82f71e3bda8e063fd06b438

  • C:\Users\Admin\AppData\Local\Temp\CabAC47.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarB007.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b