Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 04:36

General

  • Target

    a3d69c212c75c2d92daf8745795c84a0_JaffaCakes118.html

  • Size

    27KB

  • MD5

    a3d69c212c75c2d92daf8745795c84a0

  • SHA1

    75eb50fcf1c48970a8b58abcb992a06a90330903

  • SHA256

    fb0a98f13b6b7502c69070209a901db454c352bf63789ffbff59c7df2e6bd5b4

  • SHA512

    a76b7518d3f7122a383e42dfabe35bcc6a06e96be7a84d5915970ae43391943cfa9398fda4df40d67eaf763da81f21ffb8bd7a5cad8f18b7de1e21ed5618eae0

  • SSDEEP

    192:uqCXXUb5nq+nQjxn5Q/JnQie8Nn2MtnQOkEnt77nQTbnxnQWCJVevo7NtbFo+Nze:nEQ/wM2ygcgW2R

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3d69c212c75c2d92daf8745795c84a0_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1156
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1156 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2916

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4cc1b278c1b5716b53029f581e2deb95

    SHA1

    4611dff73a228aa87cb740edc3dc3637f77fee04

    SHA256

    1133857013aa84092cadbaed7348a4023223880ae6627d1eb4ec68e59e6f9296

    SHA512

    55cf90fb57f237c7fef4ebb5f805933f7f3b5add3067dd276113125c9f42a5320e61b5529831767edd5c3f84d2376243f0d20ec1a94424bcddc243cf99a8d037

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a57ba0b3cc791165a32b68f5ce6d5c9f

    SHA1

    ddc970d6609efb7748673eea272826f6d0ba3b87

    SHA256

    de88a7a564fc84adcb1a8d3da6f45b03e42e52cb6fdcf975aa2b7b4f9e38c75a

    SHA512

    3c3f342e7fd6b68b42a3e8789a67b946110d4dcb98b6146e47ac300cb097ef2b65597f9156878ef377f7257fe4e547345a330f48712673093d08d3824e5a37e1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    936ee29d969752fa8caf08bf2e6e5b5b

    SHA1

    40fd640ee764978ecdd5584f9666eae5953e250f

    SHA256

    9d2d76a419bb0c71fe8be40ea984e96884d35a8e78a7c4f7985113238276eb98

    SHA512

    4e6b8d262bce5a195960c27ce4d03415990c13e05a2c3594206897c61ce1efdeb9317eafce14b511d120f6b79e6e3a52aa499e9962d24a63b38a9435c36b2dd9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ddab27254143893eabde098a77366816

    SHA1

    e150621efc15ceb876b4dfed3b71d384f42d9c01

    SHA256

    85eb5333bb1649ab88366d93ec77bd3040b7767e032d5634b20754491481d047

    SHA512

    69e5d9479eafd5b661920b2e67a734fc25c8998a73511d2bb9498c94cf9259fafdbb18e45c8b94756d44489f626519eb99a7487394fc63c5a9b199a1d880c827

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd32f83e87b65c42d5117e68651081f7

    SHA1

    59d4848e94fc520f902827ca535585d95f0c01ec

    SHA256

    66301234ebc43264049549163cb8f117a27b7b1392f3d7b013ff6c71ebd01134

    SHA512

    4df276309a94f95d80e4b8a82e7697f55da49dee7458f9c8217907d7504cadcf948c37bdce3875c6b3d21a989e4ad04daedaf5324b1a048a196b4e619c121010

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fa98eff660262313bb4fbc423af5829f

    SHA1

    4b8898212d8f95f50d32e7f6821e4988b59671c9

    SHA256

    8f06c4411f6ea3108bb94ef0fdceccd54e8cd5324af88e9f6b405b8fff908daa

    SHA512

    f798a25d84ddf0d0e12b3cf1f3e71726cc20c631411f341350a4d78873b0ca6171063280ad507768d09e9ac8dc44e8ec73265206c626769f66bd3e97360ac17c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f47a4889d6e86af8fc2d3bbdd35c02ab

    SHA1

    d5ca005ccab9804b34e4261547e49665483dc3fb

    SHA256

    5dcb3723c9f6eb70df2aa30901c0aa36923eef4b5736cec8cfc1f317fc743267

    SHA512

    9ff3f8d9808efb8f258a1c58926976bd28b72ff77f65a284c3ad890c4c8135fc90f13b6870898ed71d6e26b29bd62bbb5c973da0eae01a8ea93e8b563107a099

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36f88c6ad10d34c4433df7a49831769a

    SHA1

    43ffaf8804c7e0bfcea1ed2321d0f782fa549cc0

    SHA256

    01c8e5dfd93ac630e11ee6b3c9df6c4547db5381b82b84e8cb36859fb84948bc

    SHA512

    e3dbb896394e1ed6f990644d7c8fd54af0ec39764c3ffd31aa667c35976c4a87419ecbaf4faa28646af80bce8bb53765ab4bd18a401561f8688e8a6868293e86

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e168bae14dccf05e847e7d003b4b125b

    SHA1

    5649f64745e24b34afd46cdc329a036a4643879f

    SHA256

    8cd36936ebeb28d87e25a754a41bf70c11a35dccd513b4723ed52792d35c9774

    SHA512

    1961a53cdccea5ac07e8312ee44c80355b426f355f112fbb951c6bb574f721ad256eac7919c8d94fd8027030b554de34a25f191327f0773d94376d210e13b59a

  • C:\Users\Admin\AppData\Local\Temp\Cab550.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\Tar5F3.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b