Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 00:20

General

  • Target

    a31d469acea47cf903e7819eb32b1792_JaffaCakes118.html

  • Size

    27KB

  • MD5

    a31d469acea47cf903e7819eb32b1792

  • SHA1

    6be48a27110643bb9adfa803c28811f44a2e3e38

  • SHA256

    d402e5e72b8e32c706f0de4b520f862e2d67fd7505e831665981cc6a74bc8951

  • SHA512

    516841677a505e9dccbe142a2764d9bb37d66c63ba215e2459e736eb80bb3ea6b162d85543650309978a4b572a6b923abffba88ca17dd68b5a1e9629f48e2c05

  • SSDEEP

    192:uw/Ib5nlOnQjxn5Q/cnQie/NnSnQOkEntMKnQTbnJnQ9eL3m6sflPQl7MBfqnYnD:0Q/gyp8lOSB7

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a31d469acea47cf903e7819eb32b1792_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2908
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2908 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3024

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    492dc3e86ae4ccf6d216af1f6a85dc11

    SHA1

    e9fb2a06e7439266f530925b97d914a79330f291

    SHA256

    7c42cda15d2df51aca4e83a88916523925a1e5fb0af053524b09463d1f820bba

    SHA512

    96107d9ca05c1738bbe449558e150d347142cbee9a99e721df97c9b50e801e3e3941d0677e9cef92fcfe770cd0cbfa7d9092d2e9ffca0154662e5e7f522264ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f22155127320fd2c53093a839525363f

    SHA1

    7e0dad9f1a420bba317801a435bcde7d1ff3e863

    SHA256

    7468e85fb682fa7017c725b3f1d41154012a7963b8418e5f16706b8165a13761

    SHA512

    79b454b983f6f45d7f14232c5131d96d69c5e4de7d3f91ca22b09e814c2059425f40ed5e48fab6a0b239462b7e5f572e687208be6b53d49f8ab77e1c7b82b933

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    306645a43ebf45d8f8be932c6a6235f8

    SHA1

    76c8eb3a3c847c86a60d0fea5ccfd920e4f3dbf9

    SHA256

    da3dba62183fb7eaa0b7ce553a60ee9a7b9de0acd6f502eab90914386d50e815

    SHA512

    6e8f28167fcfdf48e15bef4003c59d76c5053fd1d209ee04c805672e77b2da65ac1f31c10d5039c74a72a7e34b20118d88212ab9a310231e014b29d65f907d8c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1586ea6c3ad7a925eb4ecde8eec4dfc6

    SHA1

    ee4f12ae4df764b716f58138496e78d9f6ba3cc9

    SHA256

    ee73934c8dc0a07d19c6daef28f50c40311bebec7f7ecc97e7223d071f45f682

    SHA512

    93d551068d5190ee6050b57c3be9c03b87e3b64aa4d883011fd5126e1634271bfce21388cdaa3db3262a0872426b5074910b6f93c6ea1b3935ef3fdc0da353f5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ea70ce50529cb5c481c597a36ed70e35

    SHA1

    dd3be80ef5e5bb4a7b512787f80eed318229a825

    SHA256

    76ea6c2815441bf55f3060440c4176926efdea92120143b94a49d75645ff9663

    SHA512

    6256fdde6d3e0227ef911567f98db7d9c871b157660ef8a4789a7a0a7a17cc38068bb61bbd12d56879d09ea415204fc3f5c1d7ed4b0a03f9107c1bdfd859a270

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9a841bf24529e0476c3ec593b23b0573

    SHA1

    c726a52105f9b5d0a0748845d10fc6a997845dc4

    SHA256

    7651908041fb5b030085e745126ae593fab913a4c2dbead3351f32f1fd48c416

    SHA512

    4adf7802fdde1620ea57da4fce858d8be3d308e78d66f1a1c4aa32bb689ee31b05fd3c26bbc5d4f66d740ce125c209262a9c203a827a63922508cce7a2c1e78e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a1afa02ab7193df51f3d36d7a8700211

    SHA1

    8b8b06c611866dc1cec025ac9126d80d0daba23c

    SHA256

    6e1032b129fcb6c2201732ce38a4a5d4e8a1125aac5d0c9a0e923cc143cc2010

    SHA512

    40a245005023561bfc6416f67a0e76c3d6923f52c818136bd43317b0f28b5a4c525d8d405fd04dcac70874da8447a3418039d5905b701622e1138ab8f1232a76

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7746487f9cae33506804b693b8ca0e40

    SHA1

    7262a62a9c24ffecf5c42808fd8d1ada4ee23e5e

    SHA256

    9c2f7949ab08de031599c73a579ea49c9e3c8a5e9def11f0a1218a09721a02ca

    SHA512

    0f8244519fe387842d33b43896df379282c70c3108986a75fefd9cdd8137ebca13cbe56ebbbeddeb0a4d65b0f5421db70c5e6b6ffbd82699281191ba27928883

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    03f8d558d8302620b1ffddbc13da4fbc

    SHA1

    0dafe9b085c7cd4c29c1a88107decb74eabd89c9

    SHA256

    5e403332015103314635e46f99ead53126dc03dd30edb671969c6ca1803ea363

    SHA512

    c6bdc57ba5392b56bdd132f235c689048e441af3b394a7c6842123c18bf24ccefd7eabfd09771727e03bd64113112b75e45e41857f95faa5c19c39bf651dd141

  • C:\Users\Admin\AppData\Local\Temp\Cab1316.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar1407.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b