Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 06:18

General

  • Target

    a42a59579c80b4cfdbad7423ff9cb3fc_JaffaCakes118.html

  • Size

    23KB

  • MD5

    a42a59579c80b4cfdbad7423ff9cb3fc

  • SHA1

    e9a7943349c03551a0619e67feb25f7e8558da3a

  • SHA256

    b12d1a0c4326df73e6c8339a6b6c1dd06f93f18890a7a91a097e0c8cda9886b8

  • SHA512

    2f7bf17281dbcbbb8121dc520cb01342eab861dd5c522ed5f2b2d547652ef83d8a9bf5d44ad72e9a4c95f6a657498ba8ee64c018b6f56a0202a7d2e248493d6b

  • SSDEEP

    192:NbaZmoo1VkrqY2xb5nOZMp9A1MdMF+kwnQjLntQ/lE5nQiezYnPCCnQOkrntfEJY:OdogvQ/lbQOT

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a42a59579c80b4cfdbad7423ff9cb3fc_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2940
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2940 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1032

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    051d8cf76c9e462bbb1ab8f458a3a797

    SHA1

    f305ca0eb01f1a20589af6bccd93743ae72f2e4c

    SHA256

    2488a73a04a601348ad095f2e7bd61db0919f6c7f6ce436a1145e4c70a22ba9a

    SHA512

    7e2400cfc94c233fc5c9541e9b03f5eb1ffb7d460f3047f09166ef8d64bc844f043cd3e61383f698922ec4b0d5f18a9535652b41182c46ba68138bb75b261d84

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c4c35872270b69e7a054be129c8579be

    SHA1

    b1e44fb04dc5195dd3fa68450713532e6faa829a

    SHA256

    6551e192e3ab6ff25326455c3bab472784445f12c79cbb34bef8af763abcc85a

    SHA512

    1c6305aecea413bbc663c46d0db17bdb1a62d059722732e496d80cf0dda9df034f3f5763fa1ec6ad637d127c6bb894045c6c214fe5d4690cbc137ec90abcd5ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0a5122ab622d1f5186a14d56570f9bc9

    SHA1

    d4059c0d5ad89197b25e64442d6af5ff007df05c

    SHA256

    5642a264a431594844bb9b981bbcf280fbc8421c1625e16ea88fe3001a9a8cc6

    SHA512

    72bc6b4c901a89bea1fc3eb4dc7d60d44f184466be3bb639f4c44aa711d4af7382503a877f0917a30f9cc6f889a351763c0fd0930afce85cd24acf752b21bb02

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e322545ae168ec27494afddd0d2b0a69

    SHA1

    9d0077bd50c6e950cb4184a35c451916e7ea962d

    SHA256

    cfd2fc0d9564aa1dfab717d4bb05eb8300baeab185ce1a899b9e57f24fd81d88

    SHA512

    39485978c5dfe5e0837dd0f3285d3a6292da54c8ed5415829e201ee90031c02b02d8c1736ae617a320e0d84fc432cb8cba048f174c0b9c06355a23d616806867

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    df4dc9d82598514fbf35d2ed6cce7b28

    SHA1

    9c1854c7bcb108043d15cd4b2af91bc869919f51

    SHA256

    df3eece20a98217b0ee12a7d5ba6e1d54fd63aec5c64c454dd958bafca8ecd88

    SHA512

    a749726620a3287476fe538871917006144f86c5afb91fcfa68c68ccbbf4dd91f5cf26cd2347e5617ae79d8ff19f5ed53e296f425187d416cff86f5cd47c8485

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5e41b8f4c5abc8209c68dcce53ac8a03

    SHA1

    ff0917ddcaa4765d662e7ad2119607c95fe18e2a

    SHA256

    e6f7cc088a6442356d934d0894f26a61733e1a4a35dd3cade8eb9e134eeb9d96

    SHA512

    35acc34535d14fc67a4b9f0c6b73e149a1b1caf45ff5d2f604ea2237526a739509cd6705ed5fe0ca2fd33cbf656b7e4fcfbb337c2da4bfa1495673c2149b2df6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e306b8eede5bf099f7c326f0fbc3436c

    SHA1

    dfcf01c9a963e6df4c132e75a8c65570d27b4bc6

    SHA256

    1fab902668b4a332981a006103cc13319f4c95d8560e0c648ccdc4eafb22be0b

    SHA512

    08ee6ef4d25d7c5f082d46054a43dc9468eef023231f8d8ca91ac618de71cc4ec811a98905727ae120b085b1083b1309f6b81f1e43c3a26bcc49bc4cf30a5874

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aa2118c0a345493241c9e4d46095b62a

    SHA1

    44e3a38dbce39dda3b79ce6ba581944d689d7c5f

    SHA256

    163ee340139384888a9daf9cd0b09293d3062947c806b909f792c034d4a3150a

    SHA512

    4e457c8e3823970a90e7ec4681f3c2c6bf3895b293c3d7b21c44f1d79372b412a73ee76ee5c3ae4593de280dcdf11085ab98a815f082b14391b207d0b54a9f4b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd125cd91a6d98f27dc42d9ce5f0dc6f

    SHA1

    17d96023b192a722d937cd81c999a79df7f61318

    SHA256

    c8aa9d4b3ecfe232af7150e60193368b5f3daccdbb54bbfb30961fa5bc75a48a

    SHA512

    16f16fa53cb76220933b25304415eec4bfd6ad3fbf5199e1cb6679e426d41306b9669deb28bfd4c92cc773af6da643ceba158468550fad0eb2f9a501bbc5502f

  • C:\Users\Admin\AppData\Local\Temp\CabC23.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarD24.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b