Analysis

  • max time kernel
    130s
  • max time network
    133s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 06:19

General

  • Target

    a42badc8b99f1ae5b12d8ad0e973c449_JaffaCakes118.html

  • Size

    31KB

  • MD5

    a42badc8b99f1ae5b12d8ad0e973c449

  • SHA1

    c92da6f8bf4281ff0e6ca313df4cdab07c249308

  • SHA256

    4a1238cabe84d66cf5bc34eb748a697082bef63660c22f76d24e648adacf4118

  • SHA512

    eb08d0603fc98810159c1312e5fe66cc0988dfc063d45289c53368bd709b1c37279a7d4e4758a6c19cd1b212720eb72b533c52b7961f2f28b371415f42b13801

  • SSDEEP

    384:Srd/mscacHcicTc6c+YSrHx84JNliFzY0OCa5K2yPk2dd7+2U:S9pmr0xVrO4JniVYz5K27O7i

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a42badc8b99f1ae5b12d8ad0e973c449_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1192
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1192 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2992

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    10e3fc57e402df9b065477c31b9c3a0b

    SHA1

    84e23bd96fc9a38c9e273da8114704c2105d4367

    SHA256

    fc3c5a7861ffe2d2034434c7b6a92239a888ca14d4974b2b3f826ee61c75088e

    SHA512

    121f4798c73ef4d6db035bb72b959528a00aaf2baf15b4781fb81a56c45acb70da485873d7e3ed13e75bea53412a5df49889f429e2932abd58bdf0b0a3f50489

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4ac25b2b83a8fe503c80827d8a547457

    SHA1

    c76381f8424322df6b6d1101d52158cdf112be74

    SHA256

    650b7850bb68918e914b103f2646454b52bbf60b6d61176fbcbc060894bfffa3

    SHA512

    3fd56d6a3151d0034affa87c7a691f45375232cea6f20cb810bf08f6e0ba1cf82bf62416cc52d0620cedd125cfad99e8e0821e90237ccbd7577a1a50c1056d5f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b15c49c843da6801f3e099c84f6ca3f

    SHA1

    d7e05c83f2fc42b9c5ad4601c7ba5c158eed828e

    SHA256

    9a3a5bc50ab589862d6977e9c5614a4d312b2287f9831630e174d694f9671568

    SHA512

    5db78116e4c8c88185190288ebd714bae95816c606f137616bd2d502acb076795fa2917df2d308d560eae06cec8fd098571dd6cb0e0f6e6a785eab2dfc2b800c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5689269c04befb658b99edf85cc263c9

    SHA1

    548d53369ffe1a75c486bec7d6a45af712ad613b

    SHA256

    38b9e842b33bddf56f34045249fd00448093b05aacb2c91a1aa0c47225e8291e

    SHA512

    f6480c8c102be913b55fcf5993ba5fe01c2be19914870fed07e2537e47b741db447bfcd5af060ab82d6cd66fb00ae1de3c35a887f73f8ad54ea0759d65d5040b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    07b4a083272aaa892d04c388e8213be3

    SHA1

    e7a0d97f34a61642237e96edd60e59482bb0db5d

    SHA256

    1bf43169a4d6e6860648fb10628caa8276d78c32ed54f99c391a1418334f3156

    SHA512

    06d0eb374d793af3f5f3e95aeb2e3f7550e91d4fc1f31e643152a0e5438ee769d8673a27fafe2547de752fe92f398b1a2069e89c128489839525617d9e392387

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e49c13edee736969a816352b926f39c8

    SHA1

    d39d9b57551f7438c92a4023389adaea9504be69

    SHA256

    ff402341bf4d20c9ec8d6460c649874debfc6dfb0923399be4213c21c1f2504d

    SHA512

    77415ddeed063be5952e7d2ecf63ac7706be32b06e137faa41dda51135e1fc940f5c1d0000b57027dd63b241ed6e049dc713250008660c2cb7602096178443e2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9cb4e77ba109df23e01e649a743dcdf

    SHA1

    b966a5926c3da983cfa19026e992218df6694014

    SHA256

    87460d234241fa106e5290de413134d49a971866d1577b9f94dd44d9bdc714ea

    SHA512

    35bfd0224295ebbec5c02b48badefecf9a77af7ebe9882577a1dd3fa626a321ed6464e1138479e755c0038b7a32b3841f66cff69264acfe657bef40665b938bf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    17af111d3baeeed179c9d1b926a928e5

    SHA1

    4bb8730b6e35dcbedc806ab9862cc844f05fa659

    SHA256

    0dcfa0e93203158ab4baea6d4ae691c1db36a095b7de493134ffa91d87372376

    SHA512

    3bb1fb15e3e463b811dd1c2611dd46c632c63d1625ebe7ef25060ebd6349fc34fd97bbdf75526c931249ffa18b1cdef4c34925d49b2b4a7390dd67e11ef36b85

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    397f4d4edb30a0a987c11494e86e5b22

    SHA1

    d3115b20505dbec54cd204ce855770a0d6044559

    SHA256

    3e7b4e3eb10345546e4fa02efcff32e3bc23baa6341dc0429a8b12cce60a1117

    SHA512

    132399f65a0e78960bcccea1bf2c0412fc96bee39e8e5ee5d89adfac13ada7b6a5a1c321d9e0e3a51c6c18728894fc97f9bfff6c42ebeeabf0ed72368cb8d5ca

  • C:\Users\Admin\AppData\Local\Temp\Cab5A03.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar5AF2.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b