Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    23-05-2024 21:14

General

  • Target

    6c46dbde3724d75f53b17fd0f0ecabce_JaffaCakes118.html

  • Size

    23KB

  • MD5

    6c46dbde3724d75f53b17fd0f0ecabce

  • SHA1

    c813aeb039d2c4fca39e8a42b01d595b35f23b75

  • SHA256

    f96d380d65b16c1785c050d1511a1e6363b84e056dc2932b010117a142384964

  • SHA512

    ac4feef3d946db8ba51b4c762fc03b574d9890b1a0458bf2f21a3b75d0727c7f18360843b0baad38150db59b83286ea5c9bf49983be0ee3cba929d82fd67443d

  • SSDEEP

    192:uW34b5nA+nQjxn5Q/XnQiemNnMnQOkEntF9nQTbnRnQMCnQtMwMBGqnYnQ7tnqYP:FQ/2gT6

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6c46dbde3724d75f53b17fd0f0ecabce_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2256
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2256 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2424

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    15e59eaea7ece7c1dda1b359a5dd8751

    SHA1

    a41f0677c2d47c6a4bba5ede97fecbb92a4c4eb0

    SHA256

    650b941acbbdee32c14ca0cd6f3cc40bc2c1fbf4a42cfd1eae2ccc0d646f441f

    SHA512

    ad72b6b84530597370c6b9804778115325c7f62199a2ca83d053951a592b8d9da9471d6d5cab7327f94e7030247f9a30fde26d04853d16f39f373b3d862bf506

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1bfb92b700480e085c45eb3002be644f

    SHA1

    3ab3e9a8398b8c38575002f128b7141b1bba269b

    SHA256

    a9da141a2a78c5242e22ed2d26eaccd331c27c1098216f876e874ac74ab57c81

    SHA512

    43ea8591100ff1687f45a244ac6bc003ad4e7092cd3d99f843cb5965dab8bbc80103bfabc22693436203b118f43dc11fa0897abb106c40999bf8c62b7d332711

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a10ce265064a450911d7aea8d921a26c

    SHA1

    cce72ea74704e21bc9f1a6d6b2531494719981cc

    SHA256

    34cd257e3a25cb5c7c6924bd19605fc06357007ce3b6ab3dec9a0acd2edf1578

    SHA512

    e383b9c963dc5688f70fdbcd7e874cf5d6c0a84023aa1de425795269219c998f3a4b8fea5dd91eaaf6a313f6bd9595d037627b08f47ba23a2c9166e2758ae6a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ef541fb94400c71fd329f4c417c4ab84

    SHA1

    9a990fa0759910a265aa895a17c51df6c2d86296

    SHA256

    739c2266ea1c608fa8c2873680cc761d7aee21f8dc14d13aa3dd171bce059b42

    SHA512

    b82f268a5a39036352bad92e4a87890f092c0dc4e45c532dde696bfbbc220d11034d4afcc6407e26fbfed8d9af21e54cfef925a2f04fde8003656184fb44c4c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5fca11c4922dc0f908f0cb2dd2913666

    SHA1

    654bb1508f9321ebeb98695e1e76f7bebcebbb56

    SHA256

    bb496b81fd561791a024be7cdf3c8b539011de0a36825c695a15ac732c30897d

    SHA512

    6d0f26c5e1eb39858c0deac97e502b14ec25c63285dd696324238a8093514d5c033109418ccf58bbe15be570779a32bad761ede2e6e2bdc38502715abd5bf2ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    511a3a8029316d2d865d439ac82bb7f6

    SHA1

    02200dd81e08328970844a73fb95eb39f5ca0a6a

    SHA256

    1611cc66155cacf082d337c70bb081a6ef31e55590105d504ebc6e6392b51016

    SHA512

    a1527812f74496697710574d4ed91f092e52877f52560f3bf2eb1216c67de4ef2da717b926ca9bdca8b23567f421f2a242009cdb7bcc2b5762e6dbbf4bfeff19

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0debbbe1c9b336c8501a97541c8aa971

    SHA1

    8c9e11d098e829de569774d7b06143d6954f247f

    SHA256

    8f7247248c70c9f87382e057c79d95153abd5c00d2877a6e3e52acf82033f3cd

    SHA512

    09d5a7eace993df0e3f61b83237e36f6eb72556d07ffcc4a3a6908760491e7850fad5aef23d17df8bbad4b62bce1520a96ab4058350b1cbe5e57fc601bbdbf74

  • C:\Users\Admin\AppData\Local\Temp\Cab10B5.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar1145.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a