Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 02:18

General

  • Target

    a383383c63b15cd48f7051e7877a1638_JaffaCakes118.html

  • Size

    30KB

  • MD5

    a383383c63b15cd48f7051e7877a1638

  • SHA1

    01d2b4fc833b6b19a95aaf312e5680a248d7c482

  • SHA256

    f502c8b6397871ddf97c91fe6b87c0ecfbbd6d98db8df3451ab702bac344b02c

  • SHA512

    be4b9245748c38bfec24a29f0f50fda233947809c79eddfd269f282a91c3d482ec56cccdfe6bdc12b1b2215cc89e6fc7be5a62f8343d08eefe4ddd8251d6c5c6

  • SSDEEP

    192:uW7rb5nN2nQjxn5Q/9LnQiekNnqnQOkEntr3vnQTbnxnQEAMCU0A/DSQBAXJ1+my:rQ/9UHu0U+YAXL+mPrbZRF5H5EOYCdO

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a383383c63b15cd48f7051e7877a1638_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2848
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2848 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2988

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d41bd2f2272f86a220ab2a7c5d7d67d4

    SHA1

    80aa2b88eec76e5c2d481ea0537f2c95ed959b4a

    SHA256

    4774aa5ab737f1c1838dc2d6cbcdeb5ca8bb8df1868dcbe3c78eceab01f8ddf9

    SHA512

    9c0085ffa742764c67e559e23ad45f19fdc0f17c9df0bd4f840cc8c0ba4395b7a720cc96e3416b365bcd641dc40278fa5491904c04bcd707f133e86503db53be

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    77088879137f9f34f551328768a75fa7

    SHA1

    d81f0b2b9bffe012921284c07ffa7d35962c5ae2

    SHA256

    0b554ec90a64308f9475bdde82fc5a945004c7d7510fe6731fa4f25bf1841341

    SHA512

    440a380e4b7dcbd198be3fef6c6ce9ad7112c93449a5e64bff846fb5a9652f1409f32213d37bffd2492c06751675e4e982ae9f1ab42ef7c1cd01ba117484a311

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b307c9210c50a96087750ab38a0fb9d5

    SHA1

    3f5637249d1489bf813dfc8c56878d1151804493

    SHA256

    ae89bf4c2e29ad4a765f20e086130f79d86656885bb9fd95433260b695b68df6

    SHA512

    4823854cb0e06c5d31384d70e957c0c11389a3d5a885e80b0cbfd569542fb1cbfae1d9e4e622c05a7cbeca9e857455552719b39efa86c9f653b1e5e0abab9291

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0526cef819c0ab550ee852d4bc984d6b

    SHA1

    ef9dcccffeecd49d962589b220cdf0f63f895979

    SHA256

    23a62474325c4d060ccc48fc79f7c55ca1a06ed25f44429aecc3759bc7f90f51

    SHA512

    38aae2d49afc17865f26bc029e795f7d56eb0f6ac4e1567fab0211aa62345a3e4caa472b743b1af5636d7ceed49b6bfc1f15134e1d5bf715cdc32e73a21255a3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15daa92cb03a21801f5b00ea12d62a17

    SHA1

    dc60f07820def0d2f5db40acecac2f9a81f65cf8

    SHA256

    d7c8ef3bef6529988741fa33587c07691e0d52998cc81271d59c6e05ebebdf0c

    SHA512

    0bf20d7141f163e3b3a89d52a51c1f336c59ac5cbe3aac9e84aa5484f53c9ff86bfafaa8784c199ebaa5507f3aadd6dc9b70a5199a0150f41191f789a20e719c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e4f8828e2d7f2626dd68716c1b9144b4

    SHA1

    d97e48b584e803b894bfc02126262e8251ebc05c

    SHA256

    97e29f548916508e79ba7f930051d0fa97e8d7314382c628f8380549112ce255

    SHA512

    c9408f2f62963f930a0a3a402e0d192af9bc8e5993c100fc54663b6b910beb02636c96d9810b45fdd3ee5bbfbcad087fb9bd8cc74d6e87ad291ef024f2f577be

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    800fd6c5bbed080f386025ee9ecdd255

    SHA1

    139a48695af789123fdb2be6be464e316013306b

    SHA256

    80399e5cbdfc210d686914b90daf90912bd6645e9a296ee8cdff99521f9dba40

    SHA512

    d22ed9a6735b5dcc878f70e1ebe80655741bfd00030e74bb38b1a8dcc325aae872ca86837e2374001db1a2b3c58e3ddc6a4168beb254bac7c7a27d52358385b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    79989083f5f79a96278c93a233135769

    SHA1

    029830d2f2dcf878f33f99297126bc8553559e10

    SHA256

    40e20de0afecd731b14d9c17399f6be240e9f6343f03ab6d12fe80df342aa141

    SHA512

    0ca9f3f354ca382e32b61b0e644d03453671c3053de63a695660f126785816e037eeb5cb9637979bc66c293a3d7edf789209529dcc161cacc4f9bcbf57c97d19

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    10aa923d4a570b791d4456093c9ec324

    SHA1

    7191f5560ce6c4472431fe7f5ebaf8f853ad1904

    SHA256

    af06a6cc274220a6c374e1ae6ab6161a1b3f12620ac72ddea126d5dd87e8405f

    SHA512

    a28c5cb578c36777d2ee151af81c6e05d1a9ea5cb04db5af7f981722ad0250123673bf7a0793ff34adb2f2d9675f906b53b0af5fa459cecf53710f16a4cf5223

  • C:\Users\Admin\AppData\Local\Temp\Cab17B7.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1885.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b