Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 07:32

General

  • Target

    a471486310ee1c71e5c818b9e23a4495_JaffaCakes118.html

  • Size

    33KB

  • MD5

    a471486310ee1c71e5c818b9e23a4495

  • SHA1

    483b517193bcb382f3dcf8a88ed6bb6812a37b36

  • SHA256

    f7a1416aad54133254249a767512adb0fd25f8a90d3ca350898130e76e7a15fe

  • SHA512

    2e83810307f5025d2e6b49c117dd6e5602c01511b76bb7c9fde18798d3e14da2d4059a70894cd439e7777886bec02265901308546caf5c1db4fe0da4da6d63b0

  • SSDEEP

    192:R+6o+JPTb5nYnQjLntQ/rnQiebnHnQOkrntJanQTbnSnQUhsdwVBwVWwVQoSTwVJ:w6ow5Q/VWpoSG

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a471486310ee1c71e5c818b9e23a4495_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2224
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2224 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2024

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5da1c56055b9df31f229bc7bd66313d1

    SHA1

    03b05a77060ded91fe7234469afb867dd2965156

    SHA256

    ae899619b039d587003d396328f12715710968f0cc29075c0b62f5f52d93920a

    SHA512

    53e712c287fbf7f690aadbdad0a9f3be71bc3b216f1ac64aec14a2abffc0d39b2293294f6379d280f4280514cce8966a375bd14c9effb8697b19672d541557e2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf1063c241033a5b8dc06da42d05a87e

    SHA1

    fadbe541f4419343b11c0eb819f3e90560d3f5fb

    SHA256

    3c5034e95bf6c0df2721286d38e04b787f3a6b1038347203039e42f526a50a10

    SHA512

    62e808f953144b5e78353eb048480208c7bddd152e4d2e5eb4abcf633622de65592b377cf14ca68f0a13071e527da64ea031da7e901e5065743217f0193e3b7f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ddc62f06224aa5e6609a877d9ce492ef

    SHA1

    4c7d02bc13092592f385f2a394b5b0c9fbecca16

    SHA256

    35ebdd27749257b48a6e42b1e230bec2735f450cd555079dd9c655b6c41dc413

    SHA512

    999b5eca5b4a1e3db56b5c3fcb0fb846b0a3039358216f4b41f4161ca72156861e57ff952161c3b84d576fb3c494690e944ae4cbbd1e3382550883c78189c612

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e9588cd45633f240bb525121fa9f1f27

    SHA1

    6fb0ae714da6ddc8f13728c18a9bfc7eee3c59ba

    SHA256

    3ef6516ea8fdf6622bd36b987f242d070530f4efea082172ee527fef0d7d7fa6

    SHA512

    82f37b9b4855305f1a6b53dcdce4ab3a5fe37078b8ff0ce6a342b9dabbfd15333a50faf12f3debd0dff861b85ec1af5ecb8bd38804cd98c7eb162c450bdf0acc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b1462b338b05b3ec3f847bb6e2eca56b

    SHA1

    832cc7043f2435de6f45747e55ae8f873afb5eb4

    SHA256

    811f8446f3e4457638baf86c73ecc2e364c74a39b450552fd3f5049779d9acf7

    SHA512

    95dbc9f26e403cd9d49049ef12e5c19299e1f54f08377f721120a8ae2ae788fb18e162d661db8995af38652c6dfe70d9920e46a0809a524799467c321a34a40d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    32f8ed4736ddee67ee5846134d89700f

    SHA1

    8deb755dfaf731e1923f42c9bf4e8f756fd861c2

    SHA256

    969f6a94346e688f5fe44c12aee89c5351a07e03edb3d52ce637dfbd0b1fe3f5

    SHA512

    9ae1cd585f1d2b133734e746e24dd9491e902f548bd64d5b2a3f93a0ed3a7550755839713bcc40a846e9dd079e98a0fd1859438bb29eec85cc48e8d7caa27425

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    93697cba0b64f5401cb3f8cc53e7cfd1

    SHA1

    c72041fb5752a42e3a8a865fa139a4c4eec7defd

    SHA256

    4ab2b9d99f829a6c7d9c825613cd1fe3205f2b164b76e106fd131e55aa958da4

    SHA512

    bf6fcbe8b3d426ef5098daafdfa2efeda3453bbc65ccd7c7a2b1926c496d3af15e449c2830078c6cb852bfd2ec357e2e804686efd03063048b278cbf5f8031cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c2931b7f74720254d421619a1608cc82

    SHA1

    365a5389eaae3de2341627dac08bd73625d73569

    SHA256

    4014406085e2d82c3e285438c6ea687cf91ea183095a6225635e6e96116594b7

    SHA512

    0862be6f36f785007f40fe10fcabaebd4e94fbeb17d91d66098686f67734d0e29eec9b258e3f165f183aab9fb48c5cb686716340d3c16c88f18be224cbb4f909

  • C:\Users\Admin\AppData\Local\Temp\Cab56C8.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar5768.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b