Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 07:32

General

  • Target

    a4708def756dec83b3d6c8468cb887b2_JaffaCakes118.html

  • Size

    27KB

  • MD5

    a4708def756dec83b3d6c8468cb887b2

  • SHA1

    e490aadea7cbe53f8bb68a1c58f036bbd068d10f

  • SHA256

    98195426cda27c5ab10a00f84e23e196be28ef35d10b6132a5568607b179a533

  • SHA512

    6ef77d86e1787c72cca5fc7c4b748ddd72eb9cfa3dc75a75152ad906f35c8b4653da4a732ceb07257446880dcb64b75cd0f39363e8c01aa49fef1c35515742df

  • SSDEEP

    384:G4YVLu5VWRwUMAFO5joBt7Q/j1N3yZ7mWJCcWPs6h9idm0mnsQe1Gj2h5KSH5yWn:/qTs9e

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4708def756dec83b3d6c8468cb887b2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1916
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1916 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2748

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    06d274212d14634cffee1fb781448eb9

    SHA1

    cdcc2416e8879209a3a9cf18628e5b58896b67ba

    SHA256

    dbb6380db17139955e7aa2f5919b3b9bd4571b0dfbd59dc9a05b38b84c36455b

    SHA512

    7c15004c35100c5f5f475dbf61b591eeeb334bff7070638e525ecfb840e5f2666d4c901dead988946abfea3347f8e33f86af2a9cc1f285570776df0c56178ff6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c010fd5b37a791e70fb2d03088e00402

    SHA1

    48a3491493e0f3f79cade96f3688371eda3da43a

    SHA256

    7adf67a2fb657bfec6a944e75fb1f8c43d3da7996fb9e2c3169e75032f8d885a

    SHA512

    2ffd4329d2006493df95555f0e2acf365171950a70b892a4e38466558c884e90ef12c9d2076325d63e8a5da9f03460609ed4603ade91f2cb095ad998c972893c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e8ca559f2839ee89dde17447d8672e14

    SHA1

    7cdd09c3bbb50ed97ebf4fdaa757b724bc480667

    SHA256

    cc047581bcd62ea48ec7005f106b67421f2269b23eadc7c906a7271cad6e1406

    SHA512

    37848b9821647c22bfaa827d474ac9a655f5f8e3b5a0f5ac3e24ec65f9106e76651b4691fa40061ef6a2788191b30b6c9f310b7237142d1d3e73d0e3a44e52c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    900efba25b29511de5990e7a84d2efcf

    SHA1

    541aad0e34a5b093b31c82e883de2d3c72c62d9e

    SHA256

    98c424abc49ff7d6774136049794b05a9e5b4c7b1d54b5f5c66fbfa6cbe64899

    SHA512

    a00642f00a2520790ae8aa4e49121ce680cf6f0acf3a32f321e0f5c8608168c73f71ef52785be69437071b97ba67c7f403e2ec480b84a8ad052303770d013795

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    56dd006eb8797b193d227cf10256e0c4

    SHA1

    cb33fe40d3220bce0c7ca0348d0d5d8366adc528

    SHA256

    041792176b87e61fb961044ef3d3a2ed3cfd2bdad653e92829454292f7e2e101

    SHA512

    009bd9632a5dfb7c78646360a7adea95db8a64cc19356959cd09af2e17b7b9676e8a1f50bf1350c7534a32b868c415e5e03b180800a7982646007a68f382fb0b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f256197cc4d99705c14f707b67489667

    SHA1

    fb19a29669369df56598de281a6f1540199333d2

    SHA256

    6b874e78009ae0f98d441843730c5b6db289fcec59422e34b19c555810c4667a

    SHA512

    0a8ae17085fcd2f43b2645c0a52287527a8a4c452f95e786965db279913fc673e224443abd9ba9b15a5507b262992ded9bd63e5e95c3aee288e468fc709452db

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1e59c05a71d93713e78872b1cc79d246

    SHA1

    eaa7ac5599b919074d96c736312b25a3a74ec280

    SHA256

    52c1d5f2714c463211707bc27a25209810824c0cece2d977b1fe5cc9d92466ba

    SHA512

    30cd7bbfbb4223b6f30a3e51bc2c3b559e0314d433b97db8516c8c115b2100d984dda3da21db13136041faa88448392500e566a35d168da1264ddad63f4de384

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    537a565d4791a71fb017abcbdf7c8173

    SHA1

    11f891429ff769243302d75484210e95bc2685dd

    SHA256

    c5ec7f3c6a022cf040c2afda76d90cf4c2309f09238ef942d48a2b81d7d69dac

    SHA512

    22bb47d0d5bf134750cda01bd085e655042ff0d2a31c54a1e705a282cdf8fcb0dd3160e282d75033eb0737e21cbb0a200bafe10884d7e5b28fd451d1823ba7a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3500465965bcc99874cd24326a78b8b

    SHA1

    9c4113ef2f396bd257dd36486fa3317bfe95e9fe

    SHA256

    a48bce57c45a4c8cb45eac97a9f8b8d47d29fab2db3c3681d4a517eebb757f81

    SHA512

    db799a77b5ef3506bcdd622055b4bc42e975d5bcec471fb83d9b4d51777030512c3152ab020469cc395a0a34efaeb61f118782a9e7d9ef772b8cd318ed569085

  • C:\Users\Admin\AppData\Local\Temp\Cab9501.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar95B2.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b