Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 06:26

General

  • Target

    a43190d2401ce9936d7ac6592698d771_JaffaCakes118.html

  • Size

    17KB

  • MD5

    a43190d2401ce9936d7ac6592698d771

  • SHA1

    ac308ffe5c48a650e4d7d52680f1bd0cbbcdb131

  • SHA256

    6ae501373dab23e73eb0195ada99a10d75424134b35d54b515ba4d182749fa90

  • SHA512

    35aa7d95f35245f3005c4c654e751dcd4a1c4ed62e7f630753f70b7de3812b44474677bc89b5c5c5743a4662fbdd1ef8e66074d8704efd6e4df07b95578db755

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAIV4fzUnjBhZT82qDB8:SIMd0I5nvHhsvZIxDB8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a43190d2401ce9936d7ac6592698d771_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2184
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2184 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2124

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5dc51d04982731aac41778fc93a629ac

    SHA1

    3ffb51d656c989145fa36d0ad14cb246c554bd9a

    SHA256

    9000a0caab4d399eb7b449f0f6a66638636f8e123dae404043e9f9641ec1f3b7

    SHA512

    e7071218e7ce5e49638a6ee1c9f75158540559a47dd9e7de4fcaec9a0ae45c63ab2fab3acd00f97dfc625a3668f4a8cc7779cbfd5f3e3207c7f015afd34a7e52

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    783cd00bc8dd58398a02997ba58e0954

    SHA1

    f7ba2591fb74c5704c57c146edbe90b80a1a157c

    SHA256

    fe7c43ca3e132921bf02eae76d54a6e95f92f70e1ba1421d6665f4c673c1ac73

    SHA512

    e80d1ff482faf67670ec415b29c344dc57e7e026b5ab7289ab1e52d61685ac5bf8ec07cdb087de3645334cdc2655e7b34d73a40a0fe954a9bb7ff61cbbc08d43

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7de731439e0818bc71f3eadf8a7c9088

    SHA1

    238d0a0cf9835fec92f6dd2a95a67eeb6f99ba97

    SHA256

    3406dcb59310d97138ca92fa14a02ca19099fc667ad6f3cbd981910ee59a2a31

    SHA512

    2b6820e6b5835b568045540d87745d560f4d13eb8ad7e4a498877d360b79b6049cdf975c4d0564cd41c4078672611c72cdbc637d9c9b523845318623959b0937

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6addeb9f576502f801b16739b1588fc6

    SHA1

    c4049103fb6d1c7ea1f21ee3d10813f2b47917ac

    SHA256

    383085f10572218b0477e077ffc9e40425bef24d6a126686f857d25ba027697f

    SHA512

    ec5d6fa066e9f9ddc03797062f119dcf05203b51ffd441a78299ad6488729e521099f932d5631a8016fc6996071e3b637e4c2114c5c7ba41595878dfddc0948c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4bf8ecfe09b7117cd2992ce9c89e187f

    SHA1

    e634c5f195d8d770c757d1beed7c5f68fbd74b07

    SHA256

    e9cba87fbc6484277f8694fc780b6cac036d615ff596e51d455d510dcb13118d

    SHA512

    759100d0e89fbf7fdd32fadc5ab6bfc984ebac965f195b32dd88f5b41be54544f91ca0d180e804ea3a312c314120183ebfa71c35605393eaa61350873c6c7917

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    619f1e2f05244d86e2dee7b05341b542

    SHA1

    4f8402fa2a57cd8dbe0f605efdd4311b9bb91872

    SHA256

    ab5ae695eb4236f51801c5a189e614e887dab34925b2062916a7d83a4167d1ef

    SHA512

    fa97003b5d163ecc97416c40105de0f001ccf9231c8182f266d53894b4d7a396e552844219ccd9e570f5a56b1287cb64a61cef49dda0f0298a510e43012a44a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a1810fc7a5bd0dd6a3cde41fbad6cdbe

    SHA1

    3e6e4aa8d797d03d3f9744dc9333eac6af123154

    SHA256

    c925269a99eaef3ee47890821fe0ce6356796786c367a654192d7f0356f49a24

    SHA512

    e7bff0ea0bbf6ab015a88ea37173dabdf8f5f2609972a4261a67023a3df58b5e96c87e5c891eca63d6423d4070b539054525c41c6837622ed42c4deabc47d652

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    73d3f5786d880e957e45dd69bfde7059

    SHA1

    43ad6a3c524861cfdacfe691659d99fc9a816a00

    SHA256

    781ace3b592ecb471df8c9afcb08d9922f3a981797ace61b8c35095f1070792f

    SHA512

    7f023a6c1f7f1e68546de599b3d5dba989508628f95192d6c87e1529c4b2cbf635aa53f9602c08505bf53dd68d80aa4abb65306bf6cbb59fb16678f826069315

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8f72315ffa6d95da1a881b81be2251c7

    SHA1

    0c2bfae3baebaecb2fa6030cdce6c4893bf073e6

    SHA256

    ff73767556bd95ee10330e374064f54abcaf013e6fd2953e998b870fc7cff4cd

    SHA512

    e8c68207ecc65891afe2f4343f0dda3044ce90e48336620cdfab8c423875e7727850361a0904af0c7ec9a25025cea3b0fb07907e51165a52de5c0f8fba062469

  • C:\Users\Admin\AppData\Local\Temp\Cab6B72.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar6C11.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b