Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 03:37

General

  • Target

    a3b31089c66421c54bc9a439b5869ea1_JaffaCakes118.html

  • Size

    19KB

  • MD5

    a3b31089c66421c54bc9a439b5869ea1

  • SHA1

    e545e44d48c592ffb4c0a9eaa9cc497f8ec5a82c

  • SHA256

    ef99b103337aaf79bad887352e085f86e15196e5d8cde6eb0eeda46c29c73565

  • SHA512

    675370400b6cb4a16b31642065a9f1fc2a524aed78522a8135923b92f08ffcff81f60a3083996933e2698387b0e8a1f6e84136e70bd90cc85791164244229170

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAIy4QzUnjBhEO82qDB8:SIMd0I5nvHDsvE9xDB8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3b31089c66421c54bc9a439b5869ea1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2752
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2752 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2324

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e79414c1e0d7c4a1978f0b7bbb309d5a

    SHA1

    9ed8553dfad1433afa09d16a83a67f2c5f7b806e

    SHA256

    829ab1d4761b1d75cbc229f5d8dbedf49936883cb7691045736e3c580a26bbbb

    SHA512

    b163d0ca3983e7c9703d0b46275be245c18fd723e98b56ea939b248369b632edf72aba615644a3b4e7fb535f7c7983d3d2a14cd83aae86e159cbf77ff712427c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    076d2f042f3b9036b6b3ec6056b9dc43

    SHA1

    36dfadd7db50354d46cc1dc8e88248bda41addd0

    SHA256

    33a4d4335419a62dac1a885c4a10d7836bd1fcd4b5831ab00307a58ee1849bba

    SHA512

    a3e7c7e21c43f30fd57fe2cdc669d4a6913b8c14390c60d99de822d2e543d769a21d50ec53ddcd48584ce495b5438e9deaa6e22c7fc33482b048dc2e3a1aa253

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4790b5b4e3b5712749e320f846740545

    SHA1

    a98d6aa77919b898e7612307c41f967fef5e2961

    SHA256

    f7025a63dba0db192b4fa18af90e1f191d423bed6c541c4f1fcff8c1b0ef3c87

    SHA512

    e079c4f07cb4e9cba514b10b3b96d188082c8fe0af1b05b98f464b9b5bdb3b155916129c083c8e1931df38fb6e89c86e444c0c12d07d90fa1f54948cdb4275c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    82efb742e7ee7f6d20999e898ef295f0

    SHA1

    33116862eba68dde99ddbf9f51609ffadd9bc2cf

    SHA256

    c139a8b3b83a515ed68c813e8d15da38b103ee516e2232fefb15e73280c37ad9

    SHA512

    dfbad1f8fc95b836deafbcbc3cc45c892584a38102246554fb49fdb58dbc540646c68d8b6f0304a4b4536eb068d245b6aaee035b1ce69ab388ce02eef006899e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d350ac64aac25f9acca1c52d97d4cc2

    SHA1

    ab82ac1233847dcd3f5632e034255f15cb2142b3

    SHA256

    ab9b708effe62852c42fabcc71ff73f854986dc65c87fb07c2b0fc922fc520a9

    SHA512

    16f05c381da6fc7e8498cd84381ccf12de4aef14de5c23ca56b1bb8e510e9ef604138021b96429d72c5831529b7945b7b711c4b58c454d3f654a7ae85a72d378

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    714985582f36f02ed87afef726605b03

    SHA1

    0e4b092b8969a0f855b0cffb744c09543712fc79

    SHA256

    209eb3661a8345398fdb62fd16593e83a0d5e3b889100a714ca93d1e93231394

    SHA512

    f5113402d2c78428331dfa7c928d3207659b141b87174965ed219906096f62f957aa5736fcb6c08cd45172ae221575adf49314765737789b92615ef7c1cf2bb4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7e0cb1eedd543047d656c867782c1904

    SHA1

    77b5d3c472ac6ba30658fee38068980bd0ac608a

    SHA256

    2ce86ed47862c3322fd351ac42c3398ac9628bbac163dd26eea08d8f4e0f88dd

    SHA512

    bd19b5bae4db7508d07380f1fea03c86dfd874f0b53183ae3194cbbabf29d89ed88c4427e66a683ee6d903b26b049ac4ac319882424ea5b17bc383b580c6c973

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3663fd21cf82a8386b352cba75e30001

    SHA1

    0e52c8263e14f3c27932f13eb3b3a7cca8688650

    SHA256

    abfa3e810d98d175e7eb2bc5b2ff3d542dea85034516707e918fbd83bc9cb0e7

    SHA512

    a122a4db3077bdbefddcd02d23a6b2eb9942cbe7ef069b315bea052cae7ded4b60e743c61435d4b732ac09ac8650dc1ac6a9099e638609909fb58425efad3c98

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a1b9902a6d35d9c659590d5d7b3b95fb

    SHA1

    5b8603ad8ba4604bf0cd8b1a33e84b3c7e884ef7

    SHA256

    b9c3c80892d9018fa1905b3616ee15ca52ec10203992ada9a7b465211c499746

    SHA512

    c2a6801405f30be8f00d7ee2d15bb4b809e8342dca36a925ce4e57b28c333214d88a83b884926e5a603e615ae501bddc8364337e7c60e1e78e0e057c68740288

  • C:\Users\Admin\AppData\Local\Temp\Cab73BB.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar7489.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b