Analysis

  • max time kernel
    150s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 06:28

General

  • Target

    a4336285db081fd0ae265173def96bf6_JaffaCakes118.html

  • Size

    23KB

  • MD5

    a4336285db081fd0ae265173def96bf6

  • SHA1

    f02dc5f0d507c26fea2120ba5920b05fdfb5551c

  • SHA256

    c21339cf5690fd4ea99568ebde50ffb78fd1ef4e5d146d201d77471dceecdf0e

  • SHA512

    452ecd63a02437ee10e04991ede2454884f1f3c230362e1fcfaf927dd3290e29d3cf4e0c8bf28be29338775479880f2839d21baead3f0f966e8f51a3ac8b7ca6

  • SSDEEP

    192:uW3Mb5ncqnQjxn5Q/PnQiemNn4nQOkEnthhnQTbnNnQQCnQt0wMBGqnYnQ7tnOYP:ZQ/ake

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4336285db081fd0ae265173def96bf6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2404
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2404 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1252

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    72e6eb9eecc14d4c91ba4828e07aff5a

    SHA1

    de4bcc6acba7d041066c3eaa62d5d4f860277444

    SHA256

    2463c78c175154c8355daec7ccbe5d7ac0607bb4da208e9820dfaa720698d97b

    SHA512

    361dc18e6c36548ceecfd08d72e9f2238a93dfd6f5ee02fb0fd84897ce9f87e48ea9a3ece141e7450f8a1ec92555281205378f42f8d49a5aea89a01649aec2a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    605a64a8961e55088edb765cdaee4fe0

    SHA1

    0c65d335c3ab3ae2117585619769da0e773d3bbb

    SHA256

    a8074273b806c0de62d4fd738bf2d09a837101065106509df0ab05006791c261

    SHA512

    768f702a8b395d23f997a503552c801689e28aadac595c22e8014dd4194a8eecbc7ca2e4c9b091cf70dffa6d4994cb5a807faad3a717ff1c4fc638fd0243ad5a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    da453d50f88565f9ca5e4ac3d8482786

    SHA1

    0f6e1eb15dca5cc03355621c6ce04d18b32627c4

    SHA256

    cf6150850df03a79c980951b5069f623fd555b9ce2d8110c28dab94f6fd918fb

    SHA512

    70dbe2ed75c0835508377f9212aa8deb53253b5ec27cf0377348320481a62fda4828af44c8af87ba6cca410ad123c289785c6302ba680c9896c1cd1b971cc92d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    40352514587eaa3682b2e598d1437dc0

    SHA1

    f1bc148db708d6ea653de68a9f323fdd6133b457

    SHA256

    146edabffe5926e23d21a71fb5ffe9c645bb8dcee9abae01cc5e625319acb331

    SHA512

    4b090f075fdecb8bc40f86cd0a44004ea1639c4e2cb25ba98ecd47123ff3157f762a6b1000761335e7510b4655ba78cfde14ecae34c879982d0831f942d5f5ca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a352aa573090f2846d72127ce11ef73

    SHA1

    2c060c31c663b56d27e70c96dfb520adc013e61e

    SHA256

    2dc43fa3f89a8c8715aa10737c96c6d1d50039a467a1fcfff4f461442cf2a082

    SHA512

    6dd3dfb59b8e58d1efec08a5190dd0cbd7084bd7adfa75b92a8c939ef07ce4acef1c769bb0eb80c5867cad426b44346e6a177b42bda17555e32ba688b8b7ce6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9f0da8afd771fd80544879a918cdca92

    SHA1

    451bea602a8f862bb8fda8440b4eeb9d755edcbb

    SHA256

    caaedc27f7cd3c000cf373efab588892980b169f450c1c8834bfbcc807ab5cef

    SHA512

    5606d33c9193ee5c71ff3e91b5ab0ae9f6531e3191cc6c01a35bc00529e7397cc88de5e123b3f8ecf017925c593a4ca914b71c3dd05e5a429f44f62cecbb80a0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b30ad7abac863af4bf3e24e7eadf7ea1

    SHA1

    473c24694a99fd907162b944e9ca4697e203e725

    SHA256

    890545566faf76c9a693024f7d1fdc50c74ed2981a21a04882ec0d9cdd98f73e

    SHA512

    7f4e0a10392a7a4cd42ce7948a3fa5f8e6599042829b0f48da9fbabb1c3258c0fd82f3351bdf3b6660c15d98e9d3ea38de953b769b8bcdfcc80330ac3ebd9e06

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    000d195b7734b8159d2ef33ada7d83a7

    SHA1

    2a6517a1115274fd93e85ef8832ae9cb6b30fc85

    SHA256

    cf195f90f71118daba088032575cd171a531a6bf3a120c15f5875bdfe2491756

    SHA512

    a007337af4dec4d817fe0a7567a62288442baa07e06b76d657df407773ae4838dfc7e59a8b4be7b643d2e75d932ae9d6cbfb2798eaee81b0294d7cc7d844016e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d734f86e22f720017b89a66c162ecd6

    SHA1

    a25c969df4957e2ad7b806af605a2398bd87db30

    SHA256

    a4c775989cf6965e06d7ba2531cb034b752b2edb01df548bb82c3565125978d1

    SHA512

    e1a103d0a35f65b562e5b33fb4f6c1db904b62251e7d46cc34f0a730c75dbf2e3e9865def6b6f55499cd4e940d1829a3f4107eb4bc214685678208a97cb0adfd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1dd57be8d2dde37246d41c29594f11e8

    SHA1

    1331a1b1cb8b05983c7a0ffb4d00dc3f1886c6d6

    SHA256

    1be085ffbf41a565330c55b5498150f6d55d4b81824325702afd14aa0f7205a3

    SHA512

    63661aa85cade60343691f78f3517e88f1548c92ce15d9be40bc9b5a3086743a85057cfdb35170ca6cc8682eace964fd71c2f116d531e9fac6bca68e48bda07f

  • C:\Users\Admin\AppData\Local\Temp\Cab5987.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar5A26.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b