Analysis

  • max time kernel
    150s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 05:06

General

  • Target

    a3eaea01d9d7acaeb671bbcd1f221059_JaffaCakes118.html

  • Size

    23KB

  • MD5

    a3eaea01d9d7acaeb671bbcd1f221059

  • SHA1

    c17b3903e55bb62154250df5ffccaa15b69da1d5

  • SHA256

    c8f208bbc67f3283f5cf11dcce4d05c0c6225e6ae31810a2d7864dc8d9092090

  • SHA512

    6cec93af928ffb23d493b620bbe36cdebecd02f0651b62a2f85d87f428004f23a28e801884db08f0b1b92531353d5cb5910f5c44879b672c3bc71fe49648b3b9

  • SSDEEP

    192:uWjkb5nK+nQjxn5Q/lnQie4NnWnQOkEntTfnQTbnhnQCCnQtKwMBYqnYnQ7tnWYg:DQ/4qJ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a3eaea01d9d7acaeb671bbcd1f221059_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1732
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1732 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2832

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    382ff2a5465740e96dd616aaf89f4cf1

    SHA1

    3e725f87b7797eda553a1846e25ce4fcfb5da1b3

    SHA256

    81c13c1d85ac8c6dfb957128f2db4356b918a98556e40b549431ae92b96924fc

    SHA512

    06a0152aaf63d1e35bb31c6206f148c48889fca334d404c516d8e51f7cadb93df19601b1984da5bbf557cd8e9b3d41625afb1afd1e7d4bc27ff377c993e20589

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e226af3c379bb7b060f4f17b06bfcb67

    SHA1

    524b21c6d71897e5cfcc3327f2f0c026f0ca0985

    SHA256

    54585a719a9b0d5a2d96d68e5f249db752f26dbe8ed715b30a640b1cc2a98396

    SHA512

    d4bee1e6ad2862ebe520f64a6e6b6e48ffadfdfc2b184244f8c4cd29a8f106c272e84184690bc2e639356d6655733e1cb44d1ca45958202ee7d1ea5959c10479

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    542547fef1214c20066818cf1f40341e

    SHA1

    513caa3257660286b71af8f01405a5ab00d7d6f5

    SHA256

    932056e1092d67c2d7b1d98cd7b6f21c8f6170afd242afc023246caba136b028

    SHA512

    651810b293505feea54254ec445482294038d5cdb467781ffc73cbcd49d833b1de2398d5504b5dfa4e2f8b94108760e58099baf105d6d370cce0925b196f0954

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e12ccdada12824a362fb31f04590d36c

    SHA1

    6abacbf9d8371d6cd89d5b57a1330390716078b0

    SHA256

    b9dbae857342f853193bc43c8a3bb88d702ceee6b53b8fc960f85fcbbdca03b1

    SHA512

    515216ffd36de31bd5be4bb13f7f248aed30e32f060acfaa4c88de9fcd1706dd7f2bd559dd97f53070c909ff772b02c7e3415d6a43542720976b6b25fcfee975

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e2ee4d0d0fb9535646123a4a8f00616e

    SHA1

    b929ecf0623ccbc7751e19b0a173d32b341f90f7

    SHA256

    d9375222d90350e3c7b588d8183ff30e3aad5851574f601aea4adba612bf729d

    SHA512

    9d939a2c37100eaf3b51f95a6af7a79325300e34235a1fea9b47d224a51098a3ee85ba4a30ec1396adb559d770b90017324235ab52218dfceaf3667bcf60f2dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2811549f19d3f87151516ce2a6150cdf

    SHA1

    86a817d182c72d0344f64cab17eaa1f00b8977fd

    SHA256

    90887e95cb6562584e406bfbe9f3d46bf0ad249e2996c3a7a25b0ab362825e1a

    SHA512

    4555f48bf8be10981de9df739c3d23669ef7692a61a101cab5caa29c364ad1669280089e34a640ad3c5a5e3c2938f30488d5bfe69ba396a527b60f8d84529b92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c2432f0b2647e73ed89fa0a4d3ea76b2

    SHA1

    8e94996ff7e75c0d52c13cdfbdfad4bc26d02e02

    SHA256

    7ee212d1c465ec61a0390a6d6322e5d9d6a31bbd2512067386c8c1af1b485e5a

    SHA512

    954259f83959e1d1334389191aaa079ea38f0d4debcb296682f5bc7d77b6d7c3b9b20aca7b79a9363cb487c1a0aee9c3664d803bae235a03f6dd7e2aede074f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d85cab950968fdbc48c9b44bd4d621cf

    SHA1

    ef1a5bf847b0d5f39c40891fb98fb72d9829b640

    SHA256

    d5038fc157a17660e00fdc69188a1b42525df25cb17a903bce574769ac7acfc2

    SHA512

    43c372cb3336bde05cb5568feef6b8aff3e91b3a65004c668cbfd1dc9fb6cbf485aa2cccdde5ebc05537435eafd98244b932e2caffa026be05b3b15a7a68ffd3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    70337ec407a5dd981933c3e1b75abaa9

    SHA1

    5a3960d5b47c49aed8fcc6ac0d26934e6b4b61de

    SHA256

    5979047d69b7cf3ebfe0aea7b8dc640f920189babd9edad40d7c395b7e98e499

    SHA512

    9e18c82514181733c3bc18fdd517d8ad2224538bb5ad0836ae23f84ac0b920816b17e0cfac01c928f54565fe3d45bb3db874075b2c7f80f0021c1092b0f2bae9

  • C:\Users\Admin\AppData\Local\Temp\Cab5073.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar50F3.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b