Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 05:06

General

  • Target

    a3ead675e3e431176b41369c8b801712_JaffaCakes118.html

  • Size

    73KB

  • MD5

    a3ead675e3e431176b41369c8b801712

  • SHA1

    3ea604cdd7a479960c2913afb7c44b0b6aa61c91

  • SHA256

    74fe944cfb45aa2920d4b19c1d4318def83f0663cbbba22d33ce83a5f16a878c

  • SHA512

    1b2fc31b3543dba365800c764596b8b8a18dcc1bad13f3fe2875101e50d2c51445b62a7b5dfd9a9c4735c6c5380f2cc8d4af58702940b8177f3f76240ff5c367

  • SSDEEP

    1536:O6bil3cm6xnPqxHGxPMqf2FvithXHXRRby3oTgBJJpv3:O6bil0xnPqxHGVzOxHj

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3ead675e3e431176b41369c8b801712_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2436
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2436 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2088

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    40362ac672807d5c84c3c9b9aecb9a02

    SHA1

    91a7a8c318a30ca7be45b49b1f511980eacbef86

    SHA256

    91efc3d1f2dc97e6651a7bf694271ccbb73f7b5742f735d8af447ef94fd7c4b2

    SHA512

    a21a8db54929920b9b992de2c2c858b04d555ef593b172b7a1cb8267c4e464aed5fa82d2566df78aa39efe598c0ee3f8569797275f08dc20ba76ef7f370794cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    46e1a4e352fc6d8154578618d125c6ce

    SHA1

    6434350de33a2fab2547e1b70eb68478518adf24

    SHA256

    0bd1a9055619ee6edc0efcc302968cdcfd769b58512f833c5d4687a186ecc36c

    SHA512

    c37c8b5446b6733a0f54de61f10ab375efb7950d772658555bdc464be79b2a8362c4d145e57f8e2287b0678045028619091478c4416366ed4e32d098cc967f77

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    12cf21651b5432f88d6786c2ed4e2b3d

    SHA1

    e12676d82c8c55cb1fcfd6d5c6db3865052e89f3

    SHA256

    e4e15a3b4ee2e1144da9b56a021a63fb7d5cccc7c250ae9e42f1c3075d1e090a

    SHA512

    32bc76aafdcc2af66f7276e5e17aa3b0d7bcb3103a07cea11de46ed7df015fbb8acb4be413edcba97ada79b1763f61a0314a63e28261c9ea532c7165da0c5cb8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0b32046d6ee8944f87f3d147eb4ceff8

    SHA1

    3fcdc58fff183f1140cd34a56129c9677a201667

    SHA256

    11a7d5f9be42dfc49a5256dc43ed5b04611f85a9ccbf6d372a8cf488dadb4d45

    SHA512

    761198ee0106aba15484da9dd57bb99da8a5719a976cf2a42106f2561578e0c7e8f381f7a09d84e5cafb2c569c84c770e8705ea91e54bcbf9ba029ec9db04586

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    66615b656b7a62df6b498212aaec9dfd

    SHA1

    1649c03a18aab4e3b87220628e43815a0b11e240

    SHA256

    7fee2df9ec8aed68b026b933f304ae67fe8ed5defee89b7b4fea1bc93001f4d0

    SHA512

    fd62dfc986abdbe6d9020cf2ef1b4658bec5b0226decd131f550684b5b4aa710f46213ceccf963388933f0855648c4a4ba2e1aa01940211c7f282654dee5712c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc57338751be2232b8794f70f6f1baea

    SHA1

    0db9b72ba8155028ec0b30bde3cdab0f0897d1ec

    SHA256

    ae2344157c71ffe2b398d83826248949c06e850fc64af51073c1c5d1cfacdd75

    SHA512

    56e7f06b51c6e112f6319201d6bb9e20edabac8b9423f684ae368a1490ff777c7ce90b7817186727b2f8d709a98eba38e0172126a22a8035772ce082f4f09112

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e7fc3b660d45fa876737ed8126f1f001

    SHA1

    9dcb60128b6b2f4e849aa22d19323d079c906ba1

    SHA256

    3bb0f92592e4cbd2b5a44bd565c9e400660e0ea6bc1c2b2ae23c2ad55938962a

    SHA512

    3c48143005c703ca1f8aafba0281ae9958b01692d1455ddfbc61078a09b9531616986ce3fcfc68b20ee7845ecb45dbe82097e78783d695ae9e90a30d36591402

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    00d79c1b9ebb53118c9285e4020a58e5

    SHA1

    e3fd0d029cb6c544ca19aed121103957297292d7

    SHA256

    962e23fa5de16fb768cb096c289a2e579f574917111df4ed7d86c895b55ace5f

    SHA512

    60c49eb299d0f6b920084dc75d079b6fdf35436c57dbfa401e51b986f5b916ea542a2be7e58fbe9d016464f9db1adb2189c1c5cea9ceac1e416cd9f8ba972428

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bb9cdf3c1bf030f4b79d3429aa833eed

    SHA1

    17b694a6b129e11fc2599d14c56916c0ad0041ae

    SHA256

    b3486120f8fd4dd6628e2e318ebeca5bef465c3db55912b27f5b476a1d9d2b61

    SHA512

    d99b261ed981d82221c62f68c0678770a27db4372497b6343133623d9a17ab5df6ee8fa019b0e7e214941bf8a935df83dba8d5278ea3bfee29ef7d6c5427245f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7c2656d60e6cbc065cbf11ee018530d6

    SHA1

    0f5d6e91814a8e4bffa3c51b2408d28676e850f7

    SHA256

    2a0fc186164c7b3080e47061f23ac7bca3c576f22034fc9ade42b416c7092d27

    SHA512

    2d7de218e9d98613ad7a91c662978d02f13f3910cb34de7f939d6f41f6cb08a2c25ed61c8d869769e4c78006c52804e212295c7c324dc053f420b00b29e19402

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    858a8f0a3dba1fd1aea3a7da9dc2a8e1

    SHA1

    952ed64c56bec7a18027b43094605acd77228538

    SHA256

    169d661e710d66c94080f7eab971f1b7d473226d6500b70742bf8c5e6cd58c6a

    SHA512

    851378afb1dc5c759d6b5e2feb40376af8b14460d013ede08c0ce4b86e3df0ac91b0fc46798a47a645c0b7cc9e4f169297bb8291491df99d7e5a0a845f137bf7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    32a2f4b8b174aa854beeb279835b990b

    SHA1

    72740c9a1f6e4c275cf0226fed6f496353f7e822

    SHA256

    c9de370d51c99c6b14d7db567c328460a87705114e44970d71a1d8a047e4630a

    SHA512

    a4b690af7a840e5500f558d88c06cecc5616691207a3d3813cdc512b5e976458817b93bc535432657df489655cc17ae5afa3704203426e3f1c2027338579fdf8

  • C:\Users\Admin\AppData\Local\Temp\Cab5AFE.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar5BBC.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b