Analysis

  • max time kernel
    148s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 02:18

General

  • Target

    a3839451215cc905010c2d54e0081632_JaffaCakes118.html

  • Size

    115KB

  • MD5

    a3839451215cc905010c2d54e0081632

  • SHA1

    4d5ccb63509760a752a8a7a7a1118a1dbaa23eed

  • SHA256

    7691ede2e1072beab36a02194fef2daea435b17d7d44aaa654d9180c2edee32b

  • SHA512

    c38d0affd441a2d09e8f614b4f915df4cdb5c488fa4d1991fa42e0744d081c150d897865f8324ffe590b36e7183bc81e020986d9910442627da64cde9b894cb0

  • SSDEEP

    768:VlRqChJgBzehCKaKTA21Ie36uvD3r6MsI9MhTueVTV1yCJD6SP4UM9oqyMVX/ErW:VlRqCh+ufqu2g/EYole

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3839451215cc905010c2d54e0081632_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2116
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2116 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2332

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    78a370bbd5004cfde9c38bff5f9463d0

    SHA1

    eb5fa09ad33f4a7627b83268fd8a2cb0db619f4b

    SHA256

    8be09454d02df9c72f3b946a198719dd9b5190321a35b8745e3d3d5b70bad68b

    SHA512

    5e90887197f193a937cfa300ec247bb88cb490a80cd5fbc02daf95e4e137f767f8db3db8601c83cd707ef244517c64233ad7df037e6ee1a7b7fa38e18fe65eff

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    275a40d0bf33386e4e1bb8b469a45ecb

    SHA1

    aa65b4d29d455b9ad79ff3caef326669e3496850

    SHA256

    970bc7904c94629dc54b78b1b53ce26f5393a3bca5c7e6a4298be31ee32b286a

    SHA512

    50fe37aa25671c586b9d89c1d2a69f7d990a6c492c6300a74bcbe612e8a8625af153f581a1ec525a04e7e29515072a8747dfb12afbee4a4d73abbe6cda69a5c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    66ca407543b508a489b199904e71f5fa

    SHA1

    66ccf0274847a326f9cf430b8237723901859fb5

    SHA256

    3b1c42d34b36e9b642e3c9b4ea3b2bc9cd2917ae684aca8d99274dd83c4efbe7

    SHA512

    d08b66948540f9ca309b409986e661ebd949e1f3c5ed938a8703bee764db364f0c1479d1bbfa25549f7552aad238ac642f11c97003c218dfcde616c5c71ea517

  • C:\Users\Admin\AppData\Local\Temp\Cab1C1B.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\Tar222B.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b