Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 04:39

General

  • Target

    a3d8f20ae741a418d9ee7f3b3c033603_JaffaCakes118.html

  • Size

    23KB

  • MD5

    a3d8f20ae741a418d9ee7f3b3c033603

  • SHA1

    0bdcb6835797b70e3ab84760304de14603e05e24

  • SHA256

    618b7adba9430e817f667f54a31fd46cb321177d04ecb6b8fbaafeadeef8b9d6

  • SHA512

    515e0c8242a096b58f6c3899c5ab0f0ae8b62158cfcca8e82f0a5bd92f15b914efdee313b819ecc1b66323f35f8605a8f82e7ef365a06d47e5fcb12b98f141a7

  • SSDEEP

    192:uW/8b5npinQjxn5Q/knQieHNnPnQOkEntg2nQTbnlnQBCnQtnwMBnqnYnQ7tncYL:EQ/x9W

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3d8f20ae741a418d9ee7f3b3c033603_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2204
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2204 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3068

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    021ddf4cb44d2a452e5069087809a65c

    SHA1

    20ffc1522e227b5f39dcd8696d9c04f886885031

    SHA256

    271f6e2d09c577d6b6b1b6abd11f8c879ded8512869e92dd0b540110e3436a80

    SHA512

    962733d1aba7446bd8753a0de87d070785cd6cf4e50ce80d5baee1d4ab552dbfc72558c5686d88cf6ab69c7244961fc401fa92f66d141294cce8339f4d0b67eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    28e5f4530db063a7d39641520fce382b

    SHA1

    6ffa3afeb7f7cd3708d6d060e4a79a8d508e328c

    SHA256

    3b749ebab944ae8709f3af72a8ac38917c772e368e4b1f4a6f32596ce78c614e

    SHA512

    7e54856a647215b0cf63e06dc28d3c0ae68f59082d829a30a98965cce194f0f53828914324d0c3d6d16a9c5abd353ad300d4d36c7c7d71821ed66efc37551635

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    223ec06db5db9cf25d4c5224c7e70e3b

    SHA1

    d1e2e85652667a15af2ac621518af8dc14c7a607

    SHA256

    4d7a9142cc99cdc62e0bf8a8dc887c4dc1229e9da2462d79d85e6f4ffa311e3a

    SHA512

    84fb2f9d9bce1f8b28b84c0ccda7bf18981ae9a99a749adb2994337686003747a925c65814625dd39957e5afab20d0cdcf7d12c824bfb2556657f002aff71f7c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    31fe47d0318f139b5af4d6854fabc402

    SHA1

    0830b09077d9855f83a4b22ad8975afc24160088

    SHA256

    c2cbb2c71168b2e9efb1ccd83d4d4fd59e49b03600a30784b258d8170b7a398c

    SHA512

    9f3774542674d389b3d69714e64d9bf033e82b8ae8dfc335228590053093296f589bc6acd139bce51305361a3411e917603673639b08b624abf1c8ededd95377

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d3200de982068ab59425ef3f0e018ad5

    SHA1

    754cb206df3b6e7c9556cfe96011f10137900de7

    SHA256

    f9139e59d014fe2d207797734e758708db81117b0237f95696a3c17f6481c93f

    SHA512

    468294b2145c8f134cc283f84a8c3a9815d7a19951c461e5ea13dc18e322c22e9e34a91794e687b60b943fa2542cfeb7eee33bd61d87c0b0102fed9bbb7ec290

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4ad21eb5eeead98d8f7dd8f3488c8da5

    SHA1

    eae991e49921b455fc658273972e74bd620efb01

    SHA256

    4af86d7339304722106628687b7b998f3dcfb5e58a766095513583fb80eb4eac

    SHA512

    4ed93565f7cbb02de6425f28704062c40b5c2cb2336f7e994d68f8ceb6209dd126254fbc5e025dda53da92ed1ccb44fe86ba45f1d7d02027081b9d2cdb121392

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d8c3307b904aed32075da6a759a472f4

    SHA1

    69c510de661b7b2acda34b14614c250441232551

    SHA256

    a77db8266a5ed2f3f0421144849d24ef0625f3237be2f1bbc64c46b6bfdf8719

    SHA512

    781c37b9bb47852c503e09ba76d83eb28cc5d75478ae61e216a93317bd066866b3b25a946ecbe9d854de1c0fe43a7a72af95bbcc98f4f2a26abbf004e37cfb2f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    11031c8a35c91bbc1b3b44adc02cecba

    SHA1

    1855634a06eca3fda4488e2a3f57cf599a532850

    SHA256

    a35ba3de66a5ca1e594482cfc82990560998f8f944783fecb0e42f598dcd60c1

    SHA512

    5fd6ca009b0be24158b2fcea8791212e7ac2b3090a6cc5eb783df08a8d66e6dcd266d32c6074960b89daa11d84a65b380ec378720e3661321f9718c8de84561b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    93bb182d63dbd008801e81dd28070d12

    SHA1

    1adefeed939982be9776485d61fcf0f17373df50

    SHA256

    57693fd03a319ccea74e9c71d7240c1b8512e523defd9750ab6feb1b62851184

    SHA512

    8c2c64fb2dd8adffdc4bb5b9f22c7bf5fbf45aaa55daab1dab3629ce3c73954294dbced938447c9503de47bbc09c8665fce42bd66f6070a5c94d96db8135f119

  • C:\Users\Admin\AppData\Local\Temp\Cab7477.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar7518.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b