Analysis

  • max time kernel
    150s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 06:17

General

  • Target

    a4299010a718760bed056b20394c91b4_JaffaCakes118.html

  • Size

    27KB

  • MD5

    a4299010a718760bed056b20394c91b4

  • SHA1

    ac9e0a3fcf10d7fd0593b27810745e191400c21d

  • SHA256

    717b24246586fef822244f81b828ca5fe855f4a4b75b85509b04116587205656

  • SHA512

    41a2f698a4cc2a93dcd3a14cfd1e12d40b46c73ba3525d314906ac4b6ac4bccabff4d5339d9b6cefcd2fdf7d40cf4e351a4734a313fed50d60236b8f56ab981c

  • SSDEEP

    192:uwTsb5nvinQjxn5Q/2nQietNnunQOkEntOwnQTbnVnQ9e1tm6uz/RQl7MBNqnYn5:WQ/0EXK/4SrzF

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4299010a718760bed056b20394c91b4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1696
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1696 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:936

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dfb5aaeb123afe21d1afa1a3811bf2ed

    SHA1

    bfc60f403c41ff66876bd2c1d3090351c393a8e2

    SHA256

    56e4773888cb269a6226f7d5a1ab9e3e7cba66300eb0d573fc0efff7d85b0d46

    SHA512

    7526f6ac6d54d85e5b41cb78754fe52f9aed86483095d9a8fe984de0ac39f29a4eba8fbb70fd000124ab95f7b8a179307bbbe54f51e1a975894020ea1c02bfea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f745629f8fe95b7481ccde01ec429cdd

    SHA1

    3c77f2e2b828e232bb7d4394fd6ad5f91f6d74fe

    SHA256

    9f0d4a1f43b84aae636666c3a7309e94c5de6111fc4cc7b53a09e4755bdfa355

    SHA512

    35f887c9522d1b9ee4d03d5b948c326195a00edbe3c688d9468eb0e5bcfcf73d5d845de92333ff5d3cf6163bf0fe8f42f46f53d73eb61e93a00a4ae0619a8451

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    18cbaa5026e562c370a5ca156a914335

    SHA1

    b5e9b0e01b725e977e806c96d1754ba0371be4c4

    SHA256

    70be4857f333a8cb7b58979691a09c9cf6747157d94530e4ae8b10273ca11c64

    SHA512

    21deb9e28a55caf460816f2b00d87467a517a02ee79198fbf6a2c6e6a986b8ec73d468e07e6707225fb4c9660c4f978654334f12fda310f92a672e99445c5aaa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1798e48f2bbf44f98a7a53e67cea775d

    SHA1

    e8c72b61a813510b652fe1ba69e76c47222d3730

    SHA256

    44f2eff42a5b93789d083d5f0dd4c9241226ec8377558036d993f1fc89f7cc9e

    SHA512

    89b4714ce235b20cfba9aa92917a744b767c8106474c9d2b5aff51568018894fe2cb61c6b02aba8937ad0fc90c8ec99883d5d44ae0e8aae57ebbf929dcbdc760

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5933627202865b734fe610718d259cf4

    SHA1

    27f8716f2601e155b29bcb4304eb39023e96c342

    SHA256

    736153bf6e2a4a4cf075653091465b97c6404c378690ea9331fd0c6831646b69

    SHA512

    a9cedbf9dde631e17259a60fc2fb8ed209621e929efe3c2a4b5d5716f5d77cf0de19525e536a6e933698a399c1682f6981bc3399afd7352eda31635c93c97abd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    21c939d561f8026cd28c674aa9dc9048

    SHA1

    dad74b8cb62ee65ed72e2a5d6120b2e8a9df410b

    SHA256

    01aa9e1b1c5b972b3f9ae502aeae34ab738f449e8b823eff13ea9766fed55165

    SHA512

    fbde3456fe621b470f33e95c6e074b88382bf9ef11f47a90745899dc62a9938b6e8aecd874a5bc7bda62c5528e8b6e72290dccd63489f0f91fabfc554d676a09

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9cf8437a1a64962dd75107e075dc18e4

    SHA1

    3d4c16cb428ac909e518c4fa17c691a9898f49d9

    SHA256

    5ce2f864bcafbf93a8cc23a680a6a03dc669fa310593c2e6d3b827f237195379

    SHA512

    658b9b21ee08b87353b9db73a265099ea7bc7a6a2685f038f492e3d0676cedab75b0f7943aa2629a09e54faccdd9b9d03a75039ca8b7aacbd1e2844057f96601

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0f9d57951015098b76e72645639e0c0c

    SHA1

    6d61a0b0dac37ea037b6ac9d71c01e40f1bb074e

    SHA256

    72f926fb1bc67039a10c10ee924d62e8aff535ed172f727d0785de749e91b99b

    SHA512

    aba9f55f35d5678b25e56f919327b4eec3e411b62008d3d238d725bbc205077dda65c696952ec89f565e9b07a24711ce0ead7cfc753369e2fb6080c9db655e60

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    269a96d2ff65f49122e2849d39d53d32

    SHA1

    c2d68d86babfb3f72d22c320fac169fc8f524352

    SHA256

    9541e526df3b03680c8b8b3872b26b524990ea3f47bcdc2179b6c73ffc9f19d5

    SHA512

    e8867f2c28f3b04e0c591ff695d833af2ca89e8fe2e6ae07f8e527a6257f066f1960d54fb1fa48e52504f88d76f193de5865ace190af811148145b4db872303c

  • C:\Users\Admin\AppData\Local\Temp\Cab65D7.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar6676.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b