Analysis

  • max time kernel
    141s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 05:06

General

  • Target

    a3ea6fd06ecb7c0304a749a8280c01bc_JaffaCakes118.html

  • Size

    47KB

  • MD5

    a3ea6fd06ecb7c0304a749a8280c01bc

  • SHA1

    a50df735e76f2af50aff9c9f167d9d6a1e4292c3

  • SHA256

    7c0d38f717c3381594c98fe48c91ec919b880faa4ae16adf457f926a5639e537

  • SHA512

    ea98ad2656e51a9a2b59ee4051f9d5aa0000d95229dd4a8d61992271c6a75c0f4dceb673ec7629e85aea744da93e943d2b28f1e85942dcb63096b3ba2756ae00

  • SSDEEP

    768:KyavgwSbp2kXnL1tPk7RsHB7p1nvzWpVxCjW2hfvCWNM2zyK:Kyav9SbpNZZk7RsHDh2CVpCWNM2OK

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3ea6fd06ecb7c0304a749a8280c01bc_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2056
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2056 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2940

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a74287164e676b9b8229e9433c40e7a7

    SHA1

    0a47c564e4f98a372e9e03ed5b68483cfec6a9e5

    SHA256

    766b4266185eca10955b04182a9979552fea0276ac896f0c310cadd3d702ade1

    SHA512

    2228b4904bbcd98d4cc513ca72dc73112f8d86acdcc44223234a96d1c3a5a1ab4ae6d876f466344cdb726296eddcea442d890ed09d6dea63a8eac335420f1f48

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aa8c58303942e04838ee8b85ebe00944

    SHA1

    f2c7a3bebf92acfa40e91e117f648e56ffed60df

    SHA256

    6ab166d6cb9d467955c6da56b87e114976b82bd40fa7ad928797e6a18ea26832

    SHA512

    4dedae0ccad8ddb5a668b206d37819f6094c8eabb94bd704ba2c4ae122c40744496f79ba662c9f69d1ffcaafc5669cfb2d7ba16394d9f23ac928ef1b165ed5c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a92bd66072568a19c5da018b1772073c

    SHA1

    696f12821f1eabc1802e68fa1c60a00c559b868e

    SHA256

    1853a1f0a5472237605e663f70fd1977bfbe98849ae00bb6c384c9ff36757197

    SHA512

    fecb98056a3603d741c00c56179531dd0a85471c8c230cdc8d60a37c8c012c944579ed61ed929f52722eca5c5493268013567291f6c8c09d959d9625fdd47411

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd9db620a7e7f9cc240957ac72a9cfac

    SHA1

    183aadc372202be8e9d8038308c79f6329c28182

    SHA256

    77447e48347768fe7fdca4232ccccb95a3134d33b88aee4d6366d83753e65ee8

    SHA512

    cf1910faec617375a1af970a1fe24f569c34fdcfc6e5fe7485a9dfc8b6aad9a0dd4c0d54f7a0ade20fc6e5da9614bbdc276e93b27bedf127902299d096df5207

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d0b5bd050a7fad42c869841b1922863d

    SHA1

    01d4bd53d20d5b5c3986f790dc25527ecbf971ea

    SHA256

    45e828556b28c887ff87caf5efb8f9581f24109145ae303992699dbf5fe97d23

    SHA512

    c0ea44ed0f5c937c4cf04cc5a44c1057e44c04d25c2cd4c9cda2c0945ee01b6e6377c5d22b16a03d2f3cca3ea85ac69cba6c9f7157fda462fe2943e9e3d12357

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f0c2f7bc982fbbc1e66370e8fd0b0f1f

    SHA1

    f4621a85ec8d1e745d1117dba0ffe2296a94dc3a

    SHA256

    f570705ffd6c582b4739d012d53c05c4d95ea869acc6beb37f1e01dec1bfa630

    SHA512

    bcc5d950b44f36b798f8399cf65663d4f2a4ed98addc8eb3f343cbade06d87bfe4e8d13dce5e2774b00c8f94646bfb81b09dbeffbbaf40add3f6f90aa279c7db

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0aea5b9605f2b65911902a9a58d7ca03

    SHA1

    5b681d9dc2d2c6b7a078ab7a8dab0fc21898bb1b

    SHA256

    6a7d27b73d48c94efef5edd3803d445dab4ed9af0e167ef29436d0e1fe822b98

    SHA512

    6ab96338d8ee54f88af2e2bc5e56fad2d0f8a3fb5c8d1c378847550e1c8cf22d5fc54eba223fafa6e447314f157eaa4a5d1adb0181c97135ebd7208b4774a0df

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e1a3122032fe1bb54885a3c9e3c912cc

    SHA1

    b8f162a73e4ee160d156ce965552ca885bbb59d1

    SHA256

    b8ee4cab8fb8bb26fc4efd13a4b65d04156effbf879cce054611767cdd8bddd1

    SHA512

    2f90944891b27f3def34517c7da577e7113ddd098914f31677ab74a3c8cb7fff587d9b450e3ee1391b3fdcf6d01cda5e5fb7944dc3613ecd6ad7e5f2b26bb8a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aa31fd5cd8bb3cbd4c5f0099bc72fffa

    SHA1

    7c67c87b77925f297301a099427ed486c03af9fe

    SHA256

    9bf153f2b4642fbddf3e5467a01a8a1918dcf2629da26acec988b2edc0c4c78a

    SHA512

    7934acb389a320ea719079658da93c851e416d069a1a18c6b67be17bde7f1c67be8ab28dcf6305619c23bfabb00bf79cb18c82e3eb449b784b4d9673d8db5acc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed50cb8552df23dfa80f0411c46104bc

    SHA1

    0f065a7d557f530153ef94753674866f7118ed11

    SHA256

    0e22fe4429a87b529b6aba119df1c8a5e69133a60c8aca6074f541805df238ef

    SHA512

    772f6b979e768e76b0bd65ce242783ed96bb03417eab2a87f7faac66d182b4a63498bf9d807f7114be6b18c1651004c873f0014918637aae4610e2d5ed9d369f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f6bafaaaada13b72e29f4781b998e0a8

    SHA1

    e3a1551727f80c19a4eacb4c45a283b38171c438

    SHA256

    f2f2aca6a7276d0e5ae30ff032830a5f3fe999f021adacee53847ba8f0ed7a4e

    SHA512

    1a81b67cca64282ba44d60ac454d8df5030aaa476240a38161071b87487724c6fac255a47c9edf5c8807eaf099e7c872c573469c6346c5b56c310582d5514fa2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd8def3f1a92f0279769a3f74befca38

    SHA1

    f487b5fc760f12cdc3d562ab5355c7e5f5e9eba0

    SHA256

    5e6c5bc7bd48a876c88d6c494768df4a0911b52daffff476ab305503ff364d87

    SHA512

    618c578d6d6e532773f43abc5b635466d1de6355c778e2c2716269dd1e41467c487fea81806e59c449de23d1f7739318ace8b5501e553c9a9adb80433c58e517

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bc59ce3109097fa56707b77ce9bc85e6

    SHA1

    522372aed80980adb2ec976e17a56c03c470c2cb

    SHA256

    18e7949ed17cbe6d1cd414ecf51aaf955f593af58c903b516a22d8a150dda513

    SHA512

    7eaa15369485ec90012abda1a8fcb76dd97e0c069097cbc63ad74e76330e977574a5a026b7f2d2c61d8b494d590dc1c43ef35eac164fd4d0b871a59f631af8e1

  • C:\Users\Admin\AppData\Local\Temp\Cab39F6.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar3AB6.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b