Analysis

  • max time kernel
    150s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 06:18

General

  • Target

    a42b20c50b25512793776ab2c4424bb6_JaffaCakes118.html

  • Size

    26KB

  • MD5

    a42b20c50b25512793776ab2c4424bb6

  • SHA1

    e585a88a6414df6567ab714f41c4f78aa5be69ac

  • SHA256

    1e492f534bd681907e9d8ab292bee739b002d1a1495b9659ac791501ec37ff60

  • SHA512

    2ce1cf4779a0e7f6bb39233dd4bacbc58915fb3f07425f01e1ff9affb6e02b45a758c44543cb1b4e7a94c0d55db387a36f4c096b5387bf4587b5698a43bbd13f

  • SSDEEP

    192:uq971GwtbBtb5nPSnQjxn5Q/WnQielNnSnQOkEntuonQTbn1nQ1CJVevo7NtQFov:nHGobBvQ/Uygcfj7v

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a42b20c50b25512793776ab2c4424bb6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1968
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1968 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2152

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1831e25bf2340fd05dd1198e7df61084

    SHA1

    a00629111f5a3590dcc627f1a6c5d3a90fec0e39

    SHA256

    de500d8c54cc864e89ac4621996b1555e00542338fbd08f15dccdae13bdc2a79

    SHA512

    c6a972cde0bb9835df6c0a3672c605fe9df82b464ac4dee959d19672ccc41d917eb7df90c2da8934cf87da1625ec830c85452da0fdf3ae9199cca27c1708dde7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    62275dea28674bc0cb3a1ac31007241a

    SHA1

    ab9129a5893538ecdbd2bcde173238ea0e0ff2bb

    SHA256

    42e3bdfc91129110824d239197877c38b3bce8cfa679148fa2d19d0d45427fcb

    SHA512

    b808a40921711b6b01eb22e7ed8374a056e1040be90486791ea61268da4f8a0a3a5ac7d1aa8109adf1188ccd4fc985094f722fb05a425dd96ffe3872766a891a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c18b3651afa9c35af83fd3323bfa0c58

    SHA1

    90f6daba9db0140c676da17fb3fb5c100b51290d

    SHA256

    7bd36fe6faad5adcd20bcc2eda8f8fa1b818506feef994ac774b8aadddf01372

    SHA512

    8cf7a8c88eeed8ed78414f50ca518e0bcdcd2556345fc2f37350fd4381a62e3ddbdb3dc18075af40595ab1be78c04c9838bc42ac110c919f09940a28991b2f47

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    55a87057526c87b4592bb33a97660e40

    SHA1

    2a70e61d4923878e7ed47ec0c53b812197173949

    SHA256

    ec800206c3319e938d0ee0ae322a87597a1c9fc32ba9d9649a564cfeb46041c2

    SHA512

    26e036ca7c55753f6c1523393e6bc71406249ae36a67f97cf6214a5e8c16a18f4afd527d689592695803ac9f86f5c7b327e94bf00b6c99dd6f9f029d12daa72e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0ce0c7c2700d303b06c9a15e41392190

    SHA1

    b1e9523f43ed38bca9fc0b61ea666385a48566f4

    SHA256

    d90671dd60e4b416576336cbd3627d06666470c24553467cbdc9fe76ee49f00b

    SHA512

    93f4853cd75ab9312a1174def1960f4275e56c07f7f887075ddbee8f3a441816d87b745c1597d35339edf58e125da1fa69b60a7516ab68db3c039a15ad14ac82

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    50e7b86616d188375658be1b3b144976

    SHA1

    edd02efbd7666ff4bf539c811f08cbc106044968

    SHA256

    b4307714166f6f817fd3ac0acb42f53d872e18085dcfa0ae47d5f4059648c048

    SHA512

    04d29738373e8d876ef5b0e6aaf16530d9ed9b1532ef29fb12d26d4967b71f45902871bfa5ba681a825416dc4674b58b89e9271c272b82271dfc8ffeca576c2e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5fe70098215ef66523db8b9e78f5de12

    SHA1

    e629fb4c5dd70bda1a93d64a9c40e37e26d2415c

    SHA256

    fb4dc0b997b9ac90018b2e2860b890b66902c1289a6581768e841c994d8d24e0

    SHA512

    2c2c14dd45acb2d3256126b901c80f9ba91cf4cd031fffc1f9a56c3b8ca8aed19ad1a6c4d4826ac5ae96191150e335ba407dfc609d051ee700c04ddf2a0cb26f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b95152fa8d89a2e58fb1e7b4ac75c0f9

    SHA1

    d7c6c4b642a7ef72ffac757e79e46bca62cd18b1

    SHA256

    d0e19bb2e409d1aebb39c9b00bd66343e4d71bdef44f924aed15aefe0b02927d

    SHA512

    7dea47c21ff14d2d39216eb33205fe58e30581564e3c4055ff984f893412a40cb4e08850168a92b3fdd7e24a847a1738a8a0b0b92748ba3354e65792b9a09168

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a30721fabb43ad4287b805d015f27588

    SHA1

    2e9d9e4cc8f8d660e292cbd83c02db937bc54468

    SHA256

    f728844be8736f6ac6d39e92b4f8cd283d4eb11b49fb48bddb04ba29763c67f3

    SHA512

    32a11da31a9b054cfd3c2b5c92115ff2bde989d8d2d660679dfb816109aad443c9c8b63fd45564bb9f5deed94e24109773d5f2b45fd899a360937977b6008582

  • C:\Users\Admin\AppData\Local\Temp\Cab66A1.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar676F.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b