Analysis

  • max time kernel
    141s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 03:42

General

  • Target

    a3b5329067f24304d2f41736c7013d14_JaffaCakes118.html

  • Size

    88KB

  • MD5

    a3b5329067f24304d2f41736c7013d14

  • SHA1

    62416ea326666040302720d343f685d6d5ac0677

  • SHA256

    0bf9be80e2b83618f767043aa222862952eabb9cefdc4e4614ddefac68fe5858

  • SHA512

    bd9636e2ba1b1afa9b24e0edfadcf5ca420b461f0687c35ebed3e5fdb5c804335d990fd13bc865aca29f0e61c1f416bbde288eaaf7fafdf92da7c448f60e660e

  • SSDEEP

    1536:9MfI5VYXiKqkqCC11ffd/YK2xT4EaeaeEkVXtke3QO5moAmy6QpSYXoqdigX2l5L:9Mf5SKqkG11ffLkVXt5crWqdigX2fuRe

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3b5329067f24304d2f41736c7013d14_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2020
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2020 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2060

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2c38c2068b1d83d9e8c76768b01dee0b

    SHA1

    071ff545a2ac13ad943c25af0d080c5ad282bdf8

    SHA256

    75fd9da257bd04b021799a125960f324524bbe88295ca0b397b6b443c86cacc8

    SHA512

    df468b347b993ca5de3c2de292f8c72711c6811b8a92f081318c0729b97105cf62dfabf89ce20edac7a8db36224e3fa2da0143a285bb73c15e7abc635a245a55

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8db8dd36114a81501a9cdaeba1d00b78

    SHA1

    14e14be8ba5176a18025c831319bcc15a67a6dce

    SHA256

    c3b15d50203cde4765d6494f05cb88c40b3a79d7fcf25594a40644bbeac18aaf

    SHA512

    b455403bbffd81476ee89c6e825913cca61cdfc95a99ff14b63dd7950f2fb2831b72cf306eb79607c2efb9cdb7009142f3d52bda92aa1b70b36fea62bb2890c5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1450f8d3beeb9dc854e4e6ba32831a29

    SHA1

    2530f4c6cf0322720b6a370862546e0d437c3dc0

    SHA256

    1fdbaad7e5da4d05f116d48bb45f226bbe3e8f6ddfefb2920d605964e920df24

    SHA512

    76b1ccd9442b4d13eab2c4b764aead5c1f137ef0ade17623a61f1da3633131ebc0cc85bbfb005e43e754c6d4d945f9bb3b42479968b32abeed6e02b349157171

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36dee332f6ec36a4a6cb720642915367

    SHA1

    a6b98b4c5b2373b54c78beb70b7db61e5942e8af

    SHA256

    0abcb2e4bc04a793c86e300b118d3ba2d80769aafb16214217e92f0eefce9966

    SHA512

    9f584cb29c906686222fa85bc93bb323c999ea89fd5875e37eb9b4c561848c1cdcfd7a03b8ebd62ea3e19b3748a73d2dc2e9570ca721c70d05e5c7a5807fa748

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    03652004956235f1d89f1de37785fe70

    SHA1

    ec7447b93615709d62e0740c53b37c341f5ee117

    SHA256

    b4bbcf27e38dcf8568513f8292b579f008f8cc591b0eb6d80512114fe377b1b0

    SHA512

    d4f7b36e21817616f6e363e1ec0a84a1c7212dae66f2ad6303413d111f707c9d613730ea16548b13fc91e8ac823a41fe6101c714381bb1c0ecb596b655e8674a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f986dfe6b99357768b03291def74d5da

    SHA1

    b09e3cee3d2e9a7092e11581e8c3a2aabef2147b

    SHA256

    979219c94ac3887e21cdcf05d071f192deb2c0e432ddf9f87570a9ee0c338f2f

    SHA512

    3233cffc671955c388110e74f10600184da23662d53c616c450e4959ba9ae384801776e57a5a5a6238f5ee5474b3922bd4909d0832af92275bf8fd1a59f5e4d0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    505ecc9f8a22e982f17652068f03ce58

    SHA1

    6eadb37d53ad61434aa69d6390650c9472d71fbf

    SHA256

    6a7c92c775f9349ee26dfaf66edcc062867f53d609ddbc3cd74a2fb9d6c60eca

    SHA512

    384c524e9e2c05205b47c572c6c5490706068962fe8b8ffb3a980a73750d4dc4b52df26bf83c8580137d4ae3c26a1471c78d1a522142124e18adf30fb64a3f0e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    928647eb17a81ab6534f1afe6982bb64

    SHA1

    232f63258965710903479f7c0fb86a0503e1c478

    SHA256

    4cb7e1b5c22709d0154f23db9f6df65b20bfed8ae1aec56cf9f5c479438c2d98

    SHA512

    5064be333569d5cf534e8e1965462db9f563f66a1c38ff5c94db95ea6b27ffd5b514b965ac10bcc09bd7384d1e2b9c71b43e29bafa9b6df5d9ce44ae24a6b9c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b97bf7614534af275bf3f2202eca1423

    SHA1

    2d58c408d06010c615a18153b5dcde9b08880641

    SHA256

    b60d6d1a7cc1d96f27c66fce741e08b538bbec7007715ac9bd867412acee6e6f

    SHA512

    9aaa3857171438c4044f52566959f55eb4e7a658c4693778d8a75c114d19f3a0c5f2006bd484403455c57f8d779dadbf9e1fa1066bf3402fa3fe3b0193390f08

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2a7cfaf08b44b66c66f22e787002f005

    SHA1

    8be37d72cc01b02de4c20b50b4ae630a0a5476a8

    SHA256

    940e1e6c21e6dd961723bc7974c25df87e2d2e8bb340fe31ddf5bfb699d8fefe

    SHA512

    9e970b1f61ff1cf3804d6f48b79c5d37a5f8a03a242afc006a8aea6b53d8c809c63c85f631327c47bd5e88c689356d355bac86c49ad4b0d33c2da82d7d566f5f

  • C:\Users\Admin\AppData\Local\Temp\Cab1612.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar16A1.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b