Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 06:28

General

  • Target

    a433626b866007a09e0a0d539c63cd6c_JaffaCakes118.html

  • Size

    36KB

  • MD5

    a433626b866007a09e0a0d539c63cd6c

  • SHA1

    180b113bba7ed93098a48d50c5b34b1bc3e26153

  • SHA256

    7fbcbc37eb80ccb16750e79af46e85ee75fbef154dbf3f7bdf310ae9f7653e20

  • SHA512

    e1a1fa0c72305366f53ad55664f3751d60bae3af1256352d061cf02b0f800d4ffb35ca6719a792a6e4387615ee63f6008978315cec539768613f3cdcc8a7a25d

  • SSDEEP

    384:wQ/t+B+Iuy89ZNnauV6SB7gqgEs17tPwvBxOo:mY5F5s17t4pxx

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a433626b866007a09e0a0d539c63cd6c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2852
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2852 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3008

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    557219c338038580e387238f9a909f05

    SHA1

    fb2684580a8924aa13421fae15a3edf48b11bf15

    SHA256

    3be6229c248ca405f79c22774d3ad61d9665fdac15a04f088a5fee8e8ce65448

    SHA512

    6a0cb7c6ba4229df943e176a7cac11245a8006962dd0ce247cb4b7527bed065a1116bdc7ca0cca8b037f5cbd57f82a6051080b2ef8f5e891cce85cea4f5f93c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c99ca2b38752d433bcdd15f3784c88c5

    SHA1

    03e7d45fa19178ffa062c9cb304db00302253a0b

    SHA256

    f52a5a638a846c1b66aaaad39d9922bbf92a1a704d84f625967c5ceadd8641e7

    SHA512

    e2c99ed75984d33c9339c9cfd583fce2c12790ad2a1347104f1277bfb9c81593d770b43cdfc376d15743ebabdc0df737efc9e0be20841dceaac12e5b76046fc7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    903e979b7a740f0259cb192a262c9596

    SHA1

    d75b6c58f7a517e78ac9119c0bbf7dc32a4de963

    SHA256

    dfe35c5447ad604ba3b681c5080e59efb11cae224100ef286cd5eaa802a7a396

    SHA512

    8421018c737b3c06457a74d92a45e0819fff5942cd7922e3b558db2614d3e60c3964b83c22c11a83dac660440cd6a0a330880ec865bd825d02845855e1a5665a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63847d615635582da3d0f6ef5d3606cd

    SHA1

    c0a0ee4f27c5f2e9dca034d0e7931bb76eaa581b

    SHA256

    fd367e59bd472427fe2dec5d6e3c263cba835abfc2a02e1508eb50d4229320cd

    SHA512

    21bdbe69ee6d01ebc0228f76f2ac1997e03e852d4c8ee028bcfd229b00b2a5b538fa4f78e37336f0e58fad414417fee88b51f64aa5349a61f30f1ea160dbd54a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fad65a54dadae2cd5867ad06d2d58da2

    SHA1

    11a9dbdf84a2fc2a8745405b962d4f09caeebb3a

    SHA256

    f1280d5816580fe60bae077a99334eaaa0e27c0995b1295e000711461918c594

    SHA512

    b04de60415b6375278faee337d09eee561fdc017d4b7d80934fd9185868c0bbbb1f19c893a1f7e63ca6a0de1754aedfa7bacc90809cea5361bc3fde1697fac02

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9f2b7b8242f7fdd3e7887b77d79cbea1

    SHA1

    e6584db9834d187a166fce72309887346c256e22

    SHA256

    d263fdbb4fdcd068c400188c76d55b84ac35df395b5585561d775e64924d35da

    SHA512

    741e73029cc05419e923d186e91419038a9c8289c388456d98503183f0492483c4d13073c97cbe14de0b0af2935e7316846a61e2b980bccfc53b140f6950ed1e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    187b4dbe851fef07f59b0b58cca7008f

    SHA1

    5f223d626e3f5d4ded0ec5067369bab264a390ca

    SHA256

    3fb1a0f5afa600de4a3b951b9d764e4f7cc519a7cbb36ff08a869550642866b1

    SHA512

    2ecdc4124e0251c292d0c7107f9a737c6f3f904cddc54462bef42c69cc5b28e4c6b8724e429deeb8f464500ca97bdb8bd56cc2e057bb34814972a5f2942e2db4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a345e9a789afff017741ae9243bea42c

    SHA1

    aa1b4f9c182f94f7cdbbe90c414eaea0ec27876a

    SHA256

    33bf95c996f5cf9419a05d1734dff857a991c89685124bb4e79d1a78efacf4dd

    SHA512

    a09afac3b1b088e9ae35be2be29af820e76be224d6150061ee23036676b35b888cb99fb1903d064d12e20a760f0b0ec9b20ff2bfa1f9816df5ed0664a2c8297e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e928c0c438d48b95bfaed3441272a52f

    SHA1

    7fe805a375445ccb1998e473ebb571315323aef8

    SHA256

    568cc84f547dd2beb8850b08f95af306806c11eed8c29202f69acc6327c6ddf6

    SHA512

    44e0cd1f76ac5ac69b81d10600ea4b3da981c428496f0fffc8d79b40bf00fc1085b66c0fd1e7c8eb7ad7ed476ac0e37aa362abc9d301213e0fe0c8c5c09a4f1d

  • C:\Users\Admin\AppData\Local\Temp\Cab5D2F.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar5DEE.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b