Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 21:33

General

  • Target

    a6ab7d55b660e9e1b68afc83ffcfeed5_JaffaCakes118.html

  • Size

    23KB

  • MD5

    a6ab7d55b660e9e1b68afc83ffcfeed5

  • SHA1

    b9d132c1a5ab457e806d96908a782a6ec8c5840d

  • SHA256

    1959f0264c3f4d5075e29fe92ce49bae81774163cba4959303518bcbd78ee202

  • SHA512

    96e77f6356176db865e3199fecefe029e932c6275c3823ad83a0e8c1e2494298cefc160f9ff1efb87161a0f42ed8c8920e07688a00dfc71a4ac07983fd02484c

  • SSDEEP

    192:uWvob5nW6mnQjxn5Q/cnQievNnunQOkEnt8anQTbnZnQVCnQtPwMBPqnYnQ7tnEc:tuQ/Ohc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a6ab7d55b660e9e1b68afc83ffcfeed5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2368
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2368 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2340

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    107aeeae7a3be83a95c059eca66699aa

    SHA1

    37da495550cd60cb4cd238451fdd2976499a2999

    SHA256

    7fc36b4981d06b62b269f33571c9dbdbc1b8bb8db379d5327da815d66dffe730

    SHA512

    2848d7473c1573bd777b03195935eeb3a56d02ec3c0dcf341912e8fb12a8b952bc024e8b1812e11eb69be37ca938cb12fd769eeb92c23c31d16ede7a7a2b859b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e781ca2dfc33e4629cfc662e2e22f8f

    SHA1

    6b0bf21b3b2be2c3f409790754dbe3719eba995c

    SHA256

    0eb81240e60dc09f38bde07c690bff0fb74516fa90dc951c908562a8017199b1

    SHA512

    0ceb5347943a6692fcd93089e72c9d6c8df07bd8f9827227c0615d11678dd36c16c86dabf1c988e3a734dd38a8a1c50e41959d3f001633e7556cf6e307c20c28

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8e960d7befae78ab177cc9b5499033d5

    SHA1

    8fc66dc6c5b008aa22bb0ac7ccdda64bcddd1bed

    SHA256

    9a1f7e2046e98e7c3974900b9d986e4f6047c3f28d9a80fdc85bda1f40055c13

    SHA512

    8412e0a297cbab19e03637609a4d50108b45807b4970019133cc071907eed8900484ccd71e0890e71dc1e360f3bb17166738cd38fc38326ba554790312febfd4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    09246fc211fbd77dd8be742463da392c

    SHA1

    d43930f7fb5ffec9aa6137c1a6aaae84ddd4e8ba

    SHA256

    52459d2feda738a363c55023afc4bdaff9705bf30f39fa3588e5285ab81fc930

    SHA512

    750e9aa0f2949e2ec31433b158476d6dee36377133bf05cbd9ced5537d52c7b2e267f6c8065edcaec5f75ce18f31f8269db6a2b3b6784466c3e54f384c70827d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    81386c5219ce4423a50ec1f86e4dd81a

    SHA1

    46d14cd13e5cce13055b0d9655394703dc200e98

    SHA256

    57448e158c5913c847dd9ba4153e899d77536534fbef7c1fd39d486ef856ca02

    SHA512

    b31fe4e89a3b99ab545a0719f7a2df7616b3c917d3368fbf5fd0a3c2707cb327b9d2e03cd8e3bea2bf700c2b9f8ba1619222258a61974d6a9c6950dfa3dd30fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9af9c7caa1a757a378ed2209a335954e

    SHA1

    a506462d15cadae9f64b32a4fb6075c720db4a96

    SHA256

    30fbb78bc888073bb6e43320943415f1ab128f7b35dd20cd2b10a6f535fb1024

    SHA512

    6d4caf22d8fba8502c1c3918a0c4e97bc133f6ec52516979c2e4c877f53358a630714ae4eb587ab99c3a6a26bbf8826c0107c58e58d9776a7543d4508b166fd7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9016d8b431c926850370d33383561d4d

    SHA1

    aba5b80a728e83e7f5e09aa71fea9252767ac5e4

    SHA256

    691e79b3f39c82e041ac87b6ec92d6b4f867d0bb5622afd190a8d7636e7a9bdd

    SHA512

    b13279c4bcf6800200fe83c1c19c9764f4390bc56a01e774bad719700ffdd4aaa45452594a0fe99595f8f2750fe8494f0d9bef5955223c096d79ae21ff9aab89

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ceeac40d9b4cac428f89788daac6be05

    SHA1

    b9fe09a7f021f2ef56dac8dd489abe489041fe28

    SHA256

    e2811bd16f53ba84238d94c316e7bd561cfee613060e4b8766b229830c30d24e

    SHA512

    6c50925fedffa1252ffd5a8b76d3b4860057975bc70cf22e026358e8df3621b6539034809f98940216aa3ef0216e47a064a9f7e08e87a7e124a1653837ff6ac3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    14aefbdf88bf06447073155b0a42f22c

    SHA1

    3c3b9ee98cac299b69146ca759bf9ee7c5d6ec0c

    SHA256

    17a0372abd65aee09cc9989fe10f7d04548f4ce9a424829fcd8888843f03fa48

    SHA512

    f1475a4732707ed06f3f7a541b5b1a4d8d84e28cb64441666a24918497cc87d8e3a2ae9653d33d27a0c966bb2d8fd87af92d6dd175a1ceb3d3b5ddb7ccf81184

  • C:\Users\Admin\AppData\Local\Temp\CabD7A.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\TarE4C.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b