Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 06:25

General

  • Target

    a430bcfcad085f0fc4f94f6d98a5fd31_JaffaCakes118.html

  • Size

    43KB

  • MD5

    a430bcfcad085f0fc4f94f6d98a5fd31

  • SHA1

    e5816a09327d1ab755c4546aec76a550a9bfe2ae

  • SHA256

    5878eb9d713a684a3513326e58fb1cb288068b025d12d090c5b6d2f30809b7a8

  • SHA512

    e7491252cc75909f732be3f0650a228d9bf92a12b10b7e038ab9c2e4b8870b151661e6317c19a15ac98e1e5524e6742c5bb7c273f7a9e2adacbb218ba18de699

  • SSDEEP

    768:1I+vbG2+0MGi+vZGIikHhGRGXiOgOeGBGlGslstjFOs/wOenz:K+vt+0U+v5ikH/iOgOPFnYOu

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a430bcfcad085f0fc4f94f6d98a5fd31_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2392
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2392 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2172

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dcb081ad7a59029b56d647efa53f8846

    SHA1

    75e64e0723a4813869f86c6fc25d3e4199a61a81

    SHA256

    41ab5420bb3cfc35fcf37c6380cf998a91cd8261f7a1b83f9e191f93acda2a6a

    SHA512

    4c83b0f1d80f9b64f8cc5c2c7d3b7a9564075720397314aef871546c6b1578cccd6a93293180024c9cda33a4cefced373563fac85cf542d95929e18b38a1bec4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fc87d0fc38a2fa764e3957b67cd232c4

    SHA1

    d9b7747bd23e4321ce032a59c3ad0a1a52c999bf

    SHA256

    afc12346910301f605f340810ba1b6332cce15d7d507cd1ad0bb3bda5ffbd61b

    SHA512

    e2a9fd5bc3ff5f4438825de547dbe3d12c073fa16a734f7ac0df9dfc220b2dcd466a23df8d1a41505a869a1ea9db58b480aced6c81adc55ebed3e81fff84eb8b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d099a5a0e701edb0c5a727f678a7bbf4

    SHA1

    777b80be19d4311eb177d34bef898a89b19597b2

    SHA256

    66a160127e819bd02636517e2b99c8bb95f16ea772e2a1e3d8c92b9fdc91f01b

    SHA512

    4db8ff1aabdf99691296d412e1624d34f3608c7a4684fa90f004e2647527325ce7db94f4b151108af3bc932499f429c4a743ed42181a2d7ef70ded3d73b1db0b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fd948fde857710ca82541126815565ca

    SHA1

    d8e607711c85560a53bf0f5158e028baa7d48e6f

    SHA256

    bd007444ca3f7f57b535da796498ff68742ae16856fa332b7351324ad414e1da

    SHA512

    d6e1dcec99a7fc175a151a621ab7410b7f21ae3e06ae9b236d7f7f79ee313f0aa856f92a8bee32c4b6ee46b8a5eb3de01427c021f2ad8ee99a42bdf7e2e8f687

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1cb6c0b03f29ce8d052a37005524c0cb

    SHA1

    336fbaaecbbaa960316d5142dd4a19bd60424b5e

    SHA256

    2e1de641ff6664c581b19d15bee2ad6a201f7df6b585292474701a71d1e7b1bd

    SHA512

    faacd00c69e90b87c8f6de480c1d7e051159b5f7efe8918e12fe09d88e9085cad18debc724f6e400d4115578cfa7b97ae1ce2cd4301cd8053341328d73e4c7b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9579999e38a1323a1cd9ef79ab8bbe4c

    SHA1

    1861eb99a356a3d50e643d5b9717d4a5b04fbfb4

    SHA256

    d49975b1974298d0db8201c6bbcfc5af57dff9a94d6b87197a7b9c4c0176bc97

    SHA512

    3cd88e8b6c957d2064a466b31c51a2a538d3cc2ab5ae1f265fd8522178325ed84314d2a407c85d437b658856f6d607cecc966e753501c80a9e5e849055d98d43

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8810ba1f1a5baccf39d5db387dfa3b89

    SHA1

    bff23d8e5d3f68e0b68c6d3173fd8745cfd7ca61

    SHA256

    39feff3d70bf27dda81fc3a12a9fe938038ce2a277b6764b0ae9b4461652aa6f

    SHA512

    4198bb27dc37cd536d8f93d376f0ef31922d55e44fa604ab92b38818bf0b645bd23e1711f61ee35ed400f79e1d9b552d919b5096e0a5924a0d7f52f2c6945d81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7995626d0242ca7dcaff8bad1c6879ed

    SHA1

    3f5b88fc5f03a66f240f33179ba75f53b2d6c5a5

    SHA256

    aa4222f5cf39edb851aeb713a12eead747b6b1f85ec9fe24a8fc77eb2152c8b8

    SHA512

    769e1f8c14a891dc9a66487c1e5866750af57c6b5d8ed25c5d84ebcbeac7bab5b14e52a084c7c12721c70a81c636e90ac302c1b4d28b8c37eef50a2b124f6759

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a20df3e5d62c97df488b8d1857fad09d

    SHA1

    14ae0a18b911eaf1e45bc9e5269b8d2980eac9e8

    SHA256

    58bd8fb12124ab89e3f838ef5ab4cd10be89746f21fe88fb2f285e87ea93b0ee

    SHA512

    0428114550dc216f7a249a2cb1b59268380fa4e5589ab12305c9688b476f5be8fdb954a0a09dba8caa0a1ef5663e1689f059e989c009f3b0cd965ad97b193a28

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6f6625756f3fd4306b2fd34821d5fef6

    SHA1

    0c0907c52223c835262450b49ddc2472769fbf6c

    SHA256

    d7ca4dde6cbce55172e28352fbf414b4643d236ddccab5d234b329a53137dd89

    SHA512

    00696e0586ad7ff91931c12b1f9d3768e16732e9703ebefbd646523cf9c41e5e9a6f64b90da57bafbd7e562a543bf5f360671652493503e22d00e242f6345aea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1d287e424917993fe949eca86c4697e0

    SHA1

    5fcbee9575974d924a3f61a4fc95ae96a5fcc4bb

    SHA256

    37a8f551b70b990d704e95dd22b67c9d52ca015fc8b0600f7acb7f8f4e9f4c33

    SHA512

    cfae48faf8ccb98eae9e591d2808e15d8937d98b8dc39ccc63386788caaa3c467dbebe11e7c11a97a0f96ce62e407f1b079c6c7798abc81fc2b037f8dfaa4b49

  • C:\Users\Admin\AppData\Local\Temp\Cab4AC8.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar4B67.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b