Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 02:17

General

  • Target

    a382c7c03808dab82d3ca3e3d5fff09c_JaffaCakes118.html

  • Size

    27KB

  • MD5

    a382c7c03808dab82d3ca3e3d5fff09c

  • SHA1

    8d4b0c4ddb58cb8dca73b86dc263a7163a25260d

  • SHA256

    551da178c554ea0b06919feea55bd3a59845f68f400bb3849e81ce70d1bdfeeb

  • SHA512

    4e5b927c9988318f36fed7dda16391e451ca4fc07a881f85c3d6e8cafcb270bb07b47806082f79d862717ea9413844d89cd54af390bd850bd2f4783ac31aeb74

  • SSDEEP

    192:uwz4b5nkSnQjxn5Q/jnQieCNnwnQOkEnt9BnQTbneSnQ9ewum6uF2MQl7MBiqnYK:BQ/OxNmw2HS48

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a382c7c03808dab82d3ca3e3d5fff09c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2240
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2240 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2276

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a28669b96fcec36f95fb56812835ba1a

    SHA1

    6e8e2750ae757b746313bfce461cf13e06b1736e

    SHA256

    2c79a7e43b8c83f6c082805fdeb33c033471869128170ad419aeb79bcb98b2ba

    SHA512

    d6790cfe47facc70fd7ed836da1cc56ced0a84dd0d62fed9ea6b7b48ace971a05e2da76cafd2892f77dd8b1e4c4152e37bb8a7d42d7662a09c0840efa1e23ee6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    51cef4ffd1077de69310a169934ed4e7

    SHA1

    3034352cbf95b73979e9ae1d016e125d519a19fe

    SHA256

    d320be60c222db13f888a203695dcca14e99ca63e1db86a3a90b9968e7e534ec

    SHA512

    94b19b2cc88ea638cf3e6e3bd28702c4f08da6bc42810fd242025a1c7471a53101760c4d1e2c2e1c17e9db960b6d3043e7b3b77ff9dfc63dfd732d782b70b478

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0bbe9b23d7459d44bd7c38e0624bc714

    SHA1

    1d58fa88ee66e023111f486bc0ae7563671fa2c4

    SHA256

    802315ca62f8e846caaa70aea09c441721a1fe36b76be12b4681d4e9d686c688

    SHA512

    f5a49c83268416ac92103fcbc62a5583351825c5966210b438b5e1f97ff24df39f1e9b2c29c28ae28cf208590bac4daeafa21e274564f57fb6fee8b49d2ba02a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a1b70b7339104880372187a220896cfb

    SHA1

    61ee0615176bfb8ffd28454952af1d9b7d93b5f7

    SHA256

    a0fd53b3520e07c210d4cb2cb3cd576ab48b52e1eafbb2182305e6ba7679155d

    SHA512

    56647dff2e4d6d1a948cc8c113cec874047fe116449b063535897d23f54fc9eddee1f26d88abf7be8a90623690f468af90df89ba8897e063a6d8d9441a1bb71e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1e00c6a187dfe6460a92588143ea33a7

    SHA1

    308c29c74c56925128adcaa108ff35179616a445

    SHA256

    9594903b5a16da738081efef2ff5ddbd73c93775e305c406e888b4bd10503d10

    SHA512

    a1010234008507bb35c82b33e4188325e07885f89607c233063d54a65a77778c4ecd7099806ece4628324d50cb808ffedd0778a2be975afdbabfc2527bdab837

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7a624aa2b4a517876a696550e2c0d3d3

    SHA1

    8f1d2b091eeee5bce576cb6c5bfd3d1745b2d943

    SHA256

    fe073e1e8e10161d4880653f43c872f37791d315a083c003b533b8cd8be96160

    SHA512

    71dfe85a07d1297f6940261ad793d23b46ba3313bf10ca9c11ef0977f0e04d63fbf75567a0718835b6a3a5afb9cc969f1b26feefe5825d3bee18dd46bdba7276

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d1eaa8af2302309612f943c1165fbd86

    SHA1

    3baf1d954c5741ad95ff4b0bb4ea4b1fe9cae1e3

    SHA256

    5082a8da5ab67eaea0a9af73c7ebff1149959a2b71d1cadc55e3cf89d97fb499

    SHA512

    912f8f3d4ffcb3ea2f7e104fb4c746b9a9018775ca022dbc7ff9086f1475eb9b69e9a0b9228648f76b5ae3722b782a709770351d50c5298c1d5f8b494f26d659

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba75ad73debdaa9a234c363266bf7b70

    SHA1

    9326f229532665581958ed1d5cdba77fef6087a5

    SHA256

    1ce60bbeabbf589e14c5ac8afd59e0ea6b97c90b6a4774bf6069408ebb939d60

    SHA512

    ae6f2d88e0c252414d440327ef62a264cef319584a62d53d31484b83fd44ebbbd8cfc3e9e40c5d31e4d2898df84fd1d40ffee131f347d2d19322b3de510571e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ac0e3e495cb14b098e88adf66aa7364

    SHA1

    c3a66bc2b3aa2dff06a740dbfc0f141a34157d0e

    SHA256

    3ecc82ee0940317a0720a5302392696b772209a662a6ffd94deee3bacac18d9d

    SHA512

    04eae44e84fcb8b491a927b1ece00c08cb3a20fdbe3ec8fccc20eeba0d606b6e7302d44722d5048ad63e571c9f5bfe7520d3cc79bc53066a24b7304884481f9a

  • C:\Users\Admin\AppData\Local\Temp\Cab8AB5.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar8B92.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b