Analysis

  • max time kernel
    150s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 06:28

General

  • Target

    a43336aa7d07a4bad74aad391f27af7a_JaffaCakes118.html

  • Size

    22KB

  • MD5

    a43336aa7d07a4bad74aad391f27af7a

  • SHA1

    ea22db6a6fb9df9caf21bdf8c2c5adb9512527dd

  • SHA256

    0235e7bdd3db325038f402a9d5486b9ff842f46926ce0b7efd7e5714251330a9

  • SHA512

    075391721684304882d816bfe62f313db7c282c969b013e6116020e3824632d366c8ee1eb155a5a575a84f866b6164da2e6578ae70a1ac9aac56107b4e61f5a6

  • SSDEEP

    192:uwHub5nvENnnQjxn5Q/TnQieCNnxnQOkEntBpnQTbnxnQmSpxN5xHMBiqnYnQ7tf:QQ/U2xU/0u

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a43336aa7d07a4bad74aad391f27af7a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:836
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:836 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2016

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    84c3baa1db654a2fa0ba731e298f2024

    SHA1

    99018a32220eb63813d55a6be88e4b9fc27774c7

    SHA256

    52f1c6c9f745e7c70a078a933729ee432559481e27599b127bf6fc6c4042f068

    SHA512

    267aed175ae73130429ea335d9ddb658ecf64f93e52d3e2e66ef1ae9b2f146b5c22107cfa74f77776f628d0d0631e7d07e043ddcc104d5d0a775f609221f472a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b40c42acaa4466b7e311b8a5a11b6872

    SHA1

    73859980c38802706ff6145e35d20422cb1a04eb

    SHA256

    5b84e4db13aa023e364a12430ea6415219702d14f77e498ed3b6b4a389b4fe5c

    SHA512

    7cf808184d1eabd0186ff6176e9f6e6f19b2587a6a2e0540289cbc7a6299412566a7abb402575a9c420e251f3ca573d74722cbea4449c785e51ffbd558a3d924

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    18de073dec958f3ec0cc9633474f1177

    SHA1

    ebc448180e9f31242d3aacdb948fd6a4aff4d1a0

    SHA256

    77983e7848c7b9e3016f1eedf611096cf7ba111b2ccb2c2ae3dc0c92760d712d

    SHA512

    cacef74117dc5cc6a071164b5bb21e904ad577f79b10ba4eb2cd175092d1b14346b2037d8301efca31599040513be14b97fe442576dd5dfd0de043ea240d1cb3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b8fedb2a2f62e8dacaf1ab348aef92f9

    SHA1

    9f366ad2b1885fef9457869ae669fec6d624b1cd

    SHA256

    897cbb02a7bfadec583cd8315337057e756c6cefe93fcbde5029710c33cf0380

    SHA512

    33bd5bf85df7d2a39f4900793f27a9f9af52593e1135a0833311fb765a9ee2d8740737d239974592fd4337ed1e74753bf3925a1b1c8e78640df43fdd7f3a7f87

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    15f238b49071fe1264fb64febdf1b556

    SHA1

    f0ab027ca89b77e7ea7a980ad24657c49e0590ba

    SHA256

    e569da97d8e8ab639d8445b36dd50e3d0ac2ce0c2db25b0fef2a1b15012cf459

    SHA512

    d272985323ee3b74f2cdf0b6c9b3e8e2643c95adfc59acc0d82f0a69a228041e9ab79011b31abc31523597afb4ea64ea2d6014ccb273e9b26b78836507fb406b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ff812775df79c557712fc083fe06cc1

    SHA1

    788fa0d7b2e6b5f4b99748a572fa6a84d9137059

    SHA256

    70e26fe77c684695266989188218737240e6a6da6cb97b1d12316ee1da214c11

    SHA512

    5f1e34659e7e799d72c19293f5b455d19c1b022bbd2c1bf37881d7f8ab3b301ff5d8f9523a7785367f43282fbc1b3e66c56a2e4d254e1b3940e9e10191172e34

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cf7b812bbdbd5770fabea944bf27b595

    SHA1

    ac1d2f4c3c36f8bd313ae30b834dee7ecf7b612a

    SHA256

    013e9c1e655ecef763faf33b6605203ff7ec1a25acaed3698d8245e7c6d7c227

    SHA512

    dec60dc723e918d62d77b79875cd721b5edac52bd4f5ae14cf9c52b6226fea7def6b2d6df4dc0a4d072097218a6cc0c4497fda3f21954a1c6be6457b50fcbcb7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d3cb3be9aeba648b765855d54d7b0fce

    SHA1

    dfffe40ba6eac04d8678a5f298cd100b7b92ffcd

    SHA256

    231f3666c4cc6ab3f01a965c42479d25fb1faf4904c744cb35c904ed0d7a1295

    SHA512

    11c956487fa3354d93f87ce198ac237ff42cb2b69b4738ede716acdf599fd9102b8dfaaf26ead442fa05e908337934cbe229c6810c6ff280cd06fca446184d32

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    314f2481d0169d70212020943eda6278

    SHA1

    3b30c658f7310f5b626938c37ab133a729c731cc

    SHA256

    f47369c8a192fce2c9a8d6d133a2d84ff10b7e2b3e58e92568e2e23039627d93

    SHA512

    2300469a9717e13fc7de5a6e3c5f1701837165774cd16f18670af22154be1a79a9ceeac3e156abcab8b7e317671bb1042f8ca5c76ee74674a666bbb1ec45466c

  • C:\Users\Admin\AppData\Local\Temp\Cab6B22.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar6BD2.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b