Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    25/06/2024, 09:33

General

  • Target

    0d90386ab72f60a40d906f334aa3a776_JaffaCakes118.html

  • Size

    34KB

  • MD5

    0d90386ab72f60a40d906f334aa3a776

  • SHA1

    68339fa4f55a82bbab84e5cbac01e6ef8420a955

  • SHA256

    60582bd915af69450586ac85be9a00eddb8853d309300f5552745754f0d0fed8

  • SHA512

    74fe9810f6278c1d681f91963d8b0d92dda095ab5d91a39808821d27e0bb7096b7dcf8cb7afb09dabdb701840ad1b482878e24073f9eeac4e7d1ef77c21869f2

  • SSDEEP

    192:uwrEb5n74FwnQjxn5Q//nQieuNnYFnQOkEnt9JnQTbn5nQOgpcwqYYcwqYHcwqYk:jQ/qmz8J527Ou4wl5rFiT3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0d90386ab72f60a40d906f334aa3a776_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2112
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2112 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2644

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b086468d0d57b7e715c97836b86bb993

          SHA1

          53a0d06abb075f594a9e40c8787f4f746f9dbf3a

          SHA256

          ac1735ed52f46e4c93d4a106746ffb02dfa51926e03ba9cd53eb120457680293

          SHA512

          dc0a51c6e2e0775a6b9e49524764eeb5c23415caa917ddd52d882d9a5e68e97045bcb2b8f6b3bdbd9b9722f2f8167c128719243b3c87d9abd4c363f9a5937cee

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          df6212b72d008e961a5a85a8b4b1dfe7

          SHA1

          441c1fa1649c7a81a1d885e49a271493ca66fd62

          SHA256

          3ff28d356872d6df860aa6c1df2de39d7204ed0f60ee49905ab1fde2b58369ae

          SHA512

          128a7be2f2976afe111bc1590b852c1d006b21b946f41cc95b46af7bd49cab6caf7befceb39ac557f660d63c223280d863922d6bda7e83e53c55998176558648

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          acffa2c815f315b16579825a7f5fdda6

          SHA1

          e04dd934b08bf5c0517ee8e2d5501401e12aac64

          SHA256

          1cba5f54bf52932a5373bc840dce6beffdbbaff1cd819987adcf0aadd5da180a

          SHA512

          78cbb2fb715c4e944f70b253cf198a7739536089f70fb002d5b4d09357f230cb040acec0656f666303ad85e0879dc13b94ad0bbec6bdcec5d2e9d1c88a4c1eb7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          652a797ebae320f350ed55abb2d26c92

          SHA1

          bcd4ed667a4d2164bde06cadf8c6851d55ba52ad

          SHA256

          fd274d1b919087e161b32d180dfa7548f94cd5ed93e7c18a22567f8e6f45e71b

          SHA512

          0615c2344c28163b8bae1cd5dd16a80ee97a20085e2a4f7f807e0d279f6c31c438f0c53955c5919a72fe124de86e131c870ddb39503d4203669fe4f993d18805

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4efc1f99ea093c3662069da8cb2a08ee

          SHA1

          e6fda6d8a3988bfc49cf9fb450b4d3e5b5455bd9

          SHA256

          ffc1dbaccf12566144a14fea5b8f82a0b9a83eef0339f0cc8b06475ce21bf7b3

          SHA512

          3ceea3317a6fd21e245c4e40af6b0b9d8c8992172ba2a3db6d3a4c4ad28ac9577e8053924125ea02f43f9d536aa959869ee30adf0d96b5c09d2fa38c3bd8ef0f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          26bf9d616d3f8c70f0fae70264b04cf3

          SHA1

          c79f23b50b06f0bef8ea441436a599d582ab84c5

          SHA256

          5cfc357e55572cb708bc32e0184afcd23ee283ee73c7e3d18995368124c9b036

          SHA512

          094f9e6a5b00f0e3f61943bd99d1e0e97149694d9d19871cb557406a1e1719ac4d37bdccd71702866c847c679dd5813c974cb24bbeea76fb42f6f0ecbe69362a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5e3f190b03342b0d78ce4f9952e30097

          SHA1

          6c7307641f0ec881a07d0f083711ffc998d4d026

          SHA256

          66c7d2cff11f16dc06f1a34bbb556f294456497699ce5a591f3edaa84ee8c582

          SHA512

          ecae5f71d1847bb397812ea13238166f7ae5de8bdd5b9eb68092bf9e85fd670a2685f0a39f2edcd86929e24c2c76d8e894b66426c923f588fe912a573b16c5e7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f6693b99de09ae9039bc30e990b99789

          SHA1

          80430c93792e0395d32d1a832837111754504d3a

          SHA256

          9df20be12c3849b4578f9d0c9e766846d00b2293e1ecff2bf73e2f4b0d745f43

          SHA512

          9684143535bddb86fbe9210e24140cb1f9603d4d55e030229601675d8168ffdeda725d50dee33557cf7f5b381986f3083f0635b3bf158099d9e0980cb282f9b6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d0da8a26b95d4bfc67e5c8db19ab5f7e

          SHA1

          7f03bdde9a511ace2f55a2080097dc659fac88cd

          SHA256

          10bd7046b797df69feb069bf7e3e0e577b9ca1aff0b9649d0ffd138d6272e5ad

          SHA512

          c5243d69a834f561bdfc312e4ab0dcd74ed66e683941697311fdaa216bc53e3fa6c4e341693f797972200d62b1b4cda75a8460fe03e412bc8cd9ceb1f60a0431

        • C:\Users\Admin\AppData\Local\Temp\CabDC7.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\TarEEA.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b