Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 02:58

General

  • Target

    a39b23aa80742cc69220633a349140fa_JaffaCakes118.html

  • Size

    22KB

  • MD5

    a39b23aa80742cc69220633a349140fa

  • SHA1

    e80810c6bf1aa5c625d29e4e4c0418f3e03fe81f

  • SHA256

    16e2718fdf1c4426590b2a69057e32e92da412caed8cacf9c1c0bde640cba81f

  • SHA512

    160911ffeb1fcd57b5801a99e7aa3c132542d1784725edc4735053c48377df8aeab59e6a1c70ccc1c65a92de852e1853e64ecf4c457d5daf554ab6d6bdbff4e2

  • SSDEEP

    384:8dhAWGFBMfBMFBMJBMYBMtBMBHyQkJJOUcbteG2zdctb:vfCfCFCJCYCtCBiYteGjd

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a39b23aa80742cc69220633a349140fa_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1876
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1876 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2160

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b4b877790702a46bb4d0af6fa56e897

    SHA1

    5b21204dfc05e8898edd25c0d6ed9338d82b06fe

    SHA256

    deb7475c4658130b772f7642f1e59b71955e52d3e263924ce5872d06698e4682

    SHA512

    12310f1d44b343976a374259bb2d18979e15f83fbd9216052e5440e8ffd8f48cd3ed951083d649451537ed12f3ba1096be57e6b02062da8e10710c838a567cac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2d798e099f6ddcb9a7f611938a18f820

    SHA1

    1a7aaa837706429db9c6df2fe4dfd2070f93306c

    SHA256

    1f2547850fdc318cc8dd88b1a66df8f76d0c8dd11954a1fdd0a223f8dc14dce4

    SHA512

    63b3827d1267a9ceeb50fde5575bd7005f8bc81bf15ecf3e30ae152a2655bacf64c87656dcef8d8175e79581adfe751431c195965358101e0174b5e923339247

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a66db45b068183a65a2f510bb9255334

    SHA1

    87a28c96777c7de7c8d0ab7ff8313fb0f46bb6e5

    SHA256

    f58c9491059f0f443a5c2539e5b94b89452698a02747cf5bdbead18446f7746d

    SHA512

    f265455e308b31201e39118335b4d21c73e12e1351397d8dd0ac6e81a7e4e73c5e40cd7daceb52fb27e5508ea9a5f0196a284860a88c9e1b164540a635de8e3e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ceb88aa9ef34fd0ec3d02165fdc58cdb

    SHA1

    1d805b398248e4afa2c3b2a3b716aa8a1505268d

    SHA256

    667aa004d288ac0a2bd7091e275ce2e4a3f4a57da0917b42fb349f1aaf82a4bc

    SHA512

    36c2842e6f78e6cbfd710eef82403a4a41522d8e17219dd65f4ce9548702e9474112e74d685aa94e61d7c0afc51efe810c360e0dfe6d0caa7643858804ab20cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c367493b87b2e220af4e662d29750902

    SHA1

    bfab684c7ba82e7e2079ba4d54f347431c23d56e

    SHA256

    2bfa954f2808f870aa1e644a63cdd4e8640825d09980092600620d54f505c4dd

    SHA512

    3662e065251411bd4f1c56132a127d2e6f7b4713c7bf970530e9d2ba1c08635111a2ee8a7ce30bf0fd7841342c437b2e7af0176010fffdf1659f2ceeedf87a4e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    496cc29ef80719dad75af83b811b07c0

    SHA1

    278e8b7508e60ed83c4f17e7ca5bcb14fae42a9c

    SHA256

    8b2a8b99e809758d6943afae68c36f90e8399f997b6c61774ced66d9d2cf14c5

    SHA512

    4b14bbf06dbd2d2cb9f6b6c7cb029fe6ed9eeae21e1cc63daa5e446bba9a075dc668f5d997537dfaf535ccc5fbc90074801d6176a807d55a0ecccd5aabadb335

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ef437a691589fc57053c1d882b652df9

    SHA1

    31ae532d2780d443675992ae21e1672e3b2757f8

    SHA256

    2d1f1353577499b4808530c145a376ab66a21f5201f64dca026cdf1bd2f478c6

    SHA512

    e5ad2ae80636c0ac05c9ed648536fca773ccd3a6b68f65e2ae9c2dd93e2cf6bb7391ef68e343b128f7c4e0c26b3913755cb641073ea5e0dbb4a74cd37ec96a9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    45b5b3bd8f8499e1344291aafc1de992

    SHA1

    bfac2dba126c2bf0228af296bb2fa6818ec9828d

    SHA256

    5467115effe5fb767cd62ec8936a047ad3704c2e0f4caf359fabd9ab6cdab0fa

    SHA512

    a57e58d57bf352abbdc9722718362a8606eef8566921c460ee1b762c80cd50929e9679419e6958c19045794e644b0214f542c51a26fe90821d4949d63661b4b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    09dcb897fabfff8c2c7285ddd22bc2ad

    SHA1

    52e69161382e34eddaeba342c0df5235a5f13083

    SHA256

    e422a12b633fbb5d5fb5ae03c2f7b38d85e25130a83b12d2eed3feafd644f2ea

    SHA512

    e1b9f759c954c5e767211cb63b313438f99b7fa52e53c8158c03d8eb3a8301e43ea9fab7605c3dd8378817de1aee46428cbe43d0efcef7fa3c95309a4ceee4a9

  • C:\Users\Admin\AppData\Local\Temp\Cab1354.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab1440.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1464.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b