Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 02:42

General

  • Target

    a391dc8ce9d2a980216613b07d79eb97_JaffaCakes118.html

  • Size

    28KB

  • MD5

    a391dc8ce9d2a980216613b07d79eb97

  • SHA1

    58bfd11244862366c77df1c1a5d760dcff9b2d53

  • SHA256

    a5fc930170271efc9cd716c8fae55271e4d1bfb9f59e97e4d226f1c0d9a88b65

  • SHA512

    915df74b062b8cff25ceb969854ecbf1d54d8e06023eb11b374e70d35f62b5db05d802a593b61951b08d53264cce242ed60488215e6969f14549463bc596497c

  • SSDEEP

    192:uwD0b5nvkJInQjxn5Q/bnQie6Nn8nQOkEntB1nQTbnZnQ9eoCm64h4StjQl7MBa8:3Q/whqk4ScSb

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a391dc8ce9d2a980216613b07d79eb97_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2172
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2172 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2356

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    e302514ecee058016f48f7812035e0c1

    SHA1

    6b50334e450e88b93b3e196530d6b96a25eaa14b

    SHA256

    706a0f2687861deaf793f3acb2d12269174b4294aa90f3f4f08fccd389b4533f

    SHA512

    d67b53cedede136480b6284f05d6ea92cbd3ee888de5b6dfebee652df180d615c4bcc90e7983f09556c901946be0f393e9b429c772826ecfd83c206bbf6e2262

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    8220736a3952d8cc07d40f7e14631c29

    SHA1

    36886a99fb531aee35b7e1c642c601860a5818e5

    SHA256

    25e89cf1db25e064766e9312f1525497edd9461d98c0d245cd5f285ac4d02b77

    SHA512

    2f57cb451f20c21cda725663eff1ae975610bca0e98eeac68f5b9c24379b47dce955232856748c506147ccc0fbcfbe59358f217dd547a44a4998634acc1045e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    1a1d7f7db22a9e17b412ac12d87cca60

    SHA1

    1b8e1cbbaf8e65d30b64296bd6685374c4bc0d93

    SHA256

    9c467c4a7f4f9905ecdf76a803076aef1cdf7323e791711bb8a14e01931844c4

    SHA512

    0b6224e7d4cb4252b75c36bf511cb17e23c92d16f6410a59703bcbc6cfe75ec943cf1308ec811ca808e407df50c20d32fbad280284bb81ce1052d90e6e546c5e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    22bda1ed9c5b52b7765260ade6cc4561

    SHA1

    44ef4ecea1abf544bc8bf87a0389a1929fce5452

    SHA256

    e89d233b37522e10e258544531976d73210b8aa14402cc990dcfdb6f7a711407

    SHA512

    197545d6b2cc9bdd397defca626747a37bdf585171d9a054e1db4666c4e907c51afd2c0683dd607e925f0f827924fe0aa408057663a38b6135a51cf62b8468dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    60a9beed98a191a5e9278c89e00b6567

    SHA1

    024a8f8957a940546e4d3357ecfe82750394ca18

    SHA256

    0bfefd60dcb634396f9c844db491872f92d5612fd349f9a9a9e156502aebc869

    SHA512

    44adc9f2c8de48b3c979f2991abd233c2fea1dee794ad305baf2d53dcb2ac90eca4b85c42ea0650ad1ea9b61e672dc30979a3af8d40bbfd2729c4e77271b3115

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    97fa70ce71147c93e0bd0f1b4063bba2

    SHA1

    6014342e51180a4286f0729533fcf4053b06249b

    SHA256

    5200a83af8c143bd76191ae901ad81735b1bfa86333efd811377aef5c400daf8

    SHA512

    3760ef3a6bbc4660078aaa29da7f575710353d3af47eda2223a8b6de451b8f559190266a7f7a2b43299b8c1d2991db0326d1ca3af5964aff594393ad8c8b9dff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    4454adf70d50eb109c06b1b7034303ee

    SHA1

    ff9f574b6c3fad7ca6a3f4a029c3afdd6325e334

    SHA256

    9153ba6855153e3deff019ace6604938e550ecb7c56da634d9cbd54534dd5dc9

    SHA512

    cf3a0936186b3a4c2b2c668d05df06bddcd95f0125f934b3dd115252acf3a7bb51ced509bce1f84cd1353d883e1d2dfd42aa82dddfeb62b24d5ee341fe85b3a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    304B

    MD5

    74b733db6c1322f9b27305ac18636ba6

    SHA1

    230dc3d02a4f0aefb20c6a360b430c9bf3142413

    SHA256

    25324744de13806362b17e48ebf83177a5d5c742c583b8c8e04b96679c3e52b7

    SHA512

    93316a522a5a2dd6629715b712fa1832b81f574de866cbb16bf60a8cebc99b9f6cedea594aee479e91f6b3ff030e5aed789a29a9080c9a97a036d432d1c4a6ff

  • C:\Users\Admin\AppData\Local\Temp\CabB97.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarC88.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b