Analysis

  • max time kernel
    149s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 04:33

General

  • Target

    a3d4c2ab3239fec0fdafe77e1cd528a5_JaffaCakes118.html

  • Size

    19KB

  • MD5

    a3d4c2ab3239fec0fdafe77e1cd528a5

  • SHA1

    4b085aa058b12858ad82ab4dece3caa461c7d528

  • SHA256

    8183bd2d08fa1b0fc624139cadae186eede50be41a9c1ec000e97f034db85b32

  • SHA512

    e9b179fcae715d66ca2e931ed835448b1efba039c5183f09f75307c781fe984c7f82461427a13902165d0ff5948b6687d202a04ffc592ba5c41e923699d59cfa

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAI/R1BNV4033/3F01KOzUnjBhMykc82qDB8:SIMd0I5nvHBsv/axDB8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3d4c2ab3239fec0fdafe77e1cd528a5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2168
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2168 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2536

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4088e4932e1bf0ea78f802f396e81365

    SHA1

    3e693314a81666eaaf9e3293bc241cbbcafde779

    SHA256

    aa97520979f686db44011e92ea65d45133dc73a4487aed4269e01661723e55bc

    SHA512

    453c153717ba29ae04d8d1e192dccb5c308e1cb3584dce820b02234be253e95e664ddcff127ecd7f42dbf8dcb921c1310713d9c832efa7966664107a94f6faac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    60df2aefe84e8a20bce2566aee7591ee

    SHA1

    38d3c07bdc88e334504eb3fd70ea8dd960eff8e6

    SHA256

    5360229c4f538071dd3c54972e40464a8b03cf38b9ae106bb927be2395523f95

    SHA512

    fcf651d2ffcfcf537ba1a64e5a0a8d049acd5da8a0b427123ed36ea23b7ca92c325d6c3a2ed1be41ffa736dce888a640cdd9f8db830f95aeb904242f0a449c2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7dc838f582d495b4382ba1568db7db15

    SHA1

    4e22e984d88fa265bbccbe22fd9c20cdf84a05d5

    SHA256

    0e126da88299257bc478be84141953ec8a950adb4607dbe26341c65e68935b69

    SHA512

    99738d9f25e9df87e37238daa98582237bb635d54d258c39d4114e23c15fccfdbc6cfa2f5a0fec92ecb3152160e8796d9924854997986d24466db3ac64f50c5e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e1589a69a6091871b847cd8fadbcf306

    SHA1

    139694eebd30f982a07d33b314e423b71a4d1258

    SHA256

    a7ddca95297083278adde091604192d228608bad39d469aed2fc2b7cd612f04d

    SHA512

    40e1777bf004e315499e41860fbf37b8ad1f9b140476b2eacca39437097b632a624494cce862fb372c658198e80c2c31718426f2791cd5f6520348387bdd64f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    602e0a37c6679497a4fdaba52f7ad348

    SHA1

    8e9b96c24fcf0414da30e7c51820409c9fb06ceb

    SHA256

    9416dac18174da48bf3880ffc493cf932050a7782b104ac4b1ea30cc1dc42ec8

    SHA512

    719cca688c6ceebd94141cf5737fc4cd04ebd8f3cf358ccb5f13aa42cf0d638fd95c8fc24c39be2b44028a7f211ca03864ddf5569dd5e934633ab204a798335b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    58725157c1adc5ece6ac064e20f9efd1

    SHA1

    7a85d4cefe122af65021b6eff5030d3e02bd9081

    SHA256

    af918642496654be285a2d7ab9adc84d1210d9f86aca621b99e56c1968fc5715

    SHA512

    b4814c2c28c4c8b5d5b076242d7a769b194834f834795eda283a3623c36b12ff4adfdf4d7670ed7f9e369a26445d8d7e81d608caa9dbaf36fce966a0d98751ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c5efecdef99f502b5aa1769c1f58da30

    SHA1

    ad50e08b03377a2654d4dbc821183dff911d4c84

    SHA256

    79bee675b272361b990c9fc8398cd857c1e18e24c5ecbc5aa8a22969f15a6d1d

    SHA512

    056d13b81bb74d8ef4b8e3c127427f03dd638b24b132756dfab54fd7d1c5ea4ef4e38fc71fb18c9f76be10f213807c97aa8a35354c897b4817207076936582c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    78f1291e968919d581e2a32101590970

    SHA1

    ae2dd762b1acb435a32fd3ae2639c61cd9488cea

    SHA256

    e4462d15d0f9e73877e19e47e3ff712acb9727a83d1573d753f7dc801345b0f0

    SHA512

    b81e55003864aa36a9dbc984b285d8bbbb244d6079e32484189e9d061c429b3f3e72194e183aebbc96ff28f0655058bc71c3d917eab68a3e9320f0e57556e710

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    96c76ffbffcb1d61340c28ee29dde5a2

    SHA1

    a9c9a2fbcfd021bfc7b25164b57d0095400901db

    SHA256

    de01a5b2a1d257fa1442d37b07fa7295063f76b3b5b47f712078dd0e3527a0b1

    SHA512

    5cb46e732be8a5bf7ce05a8fbfb0f124794eddac9d7ec26fc9675c3eb0901844f57725feaade4313cbdf600341df863503c32b2598f317cca23ca23057742a2d

  • C:\Users\Admin\AppData\Local\Temp\Cab1E4C.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab1F48.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1F5C.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b