Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 07:37

General

  • Target

    a475db7a09f9c54b69daab7f7abec3d6_JaffaCakes118.html

  • Size

    23KB

  • MD5

    a475db7a09f9c54b69daab7f7abec3d6

  • SHA1

    a11a890f39a927f6b9836d3a749f66969bce5a7e

  • SHA256

    3e1068ea69c2a5d8acd95e9b7ca2386ec8c6e1937cecde1a42364101606a3ae1

  • SHA512

    3f6203506428842c377b32dda2a8db8c00cf1f4019fa8cedae158c531e9338708d4f82e7d559c0c3e89e173b253adb58bf80fcb39db35a05625777484743273e

  • SSDEEP

    192:uwH8b5nu2nQjxn5Q/1nQieINnQnQOkEntLznQTbnxnQHGLnLnQt2qMBoqnYnQ7tV:bQ/0GvyG

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a475db7a09f9c54b69daab7f7abec3d6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2932
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2932 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3044

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f9ab3a6fa5f35e6393ed03f00fa830ea

    SHA1

    ebb82d72121434850acb08539b2ad6344389561d

    SHA256

    900984c33a6614e1dd953474a3abc869e59a2f2a418406b29a098c4dd10b844f

    SHA512

    e955c4a8f1bedb5c32830312d4ac005d9c250fbb43412b04f43ddb4c57c00706f65dce96df90ec53b3bf3cd90dc6fbadf631180869814491eb5dd8766cfc61f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0d0fa350290879ace616069dfc9ae92d

    SHA1

    a239d9868f94603129e681099b33bd03060eba73

    SHA256

    1d60ae5a690e4e910d73bd30e2cb08141cf48e7a95ac14f0e7ce6d31332e415f

    SHA512

    2b3845e09863795ab89f0044cf78c7086c85956c228350a856c91678e5a0be12141252d57b99929443ac5eec5c0696041ebc6574a6054649b96aa458ec3a197f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a17fdf0cfc687610f3ff2c54007387d5

    SHA1

    b3a2aff440f00f93126fbb4177c883614ed12f8f

    SHA256

    ae2633eafab63c58dcc355025c2ada492ec3573973f0f962d6717b287e1ac0fb

    SHA512

    01b33fa374721d151797bbcad3943e191d720d3cbae0dc31ec9d1946d836ec5503d6c547062b7014534734e1a6788cad13bd024290a97fd413b6de4259bb7600

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a39821e492deb22e5cee1f8311f4495

    SHA1

    25aaec526fdb1cbf8bf5dd2cf043cc14aa5081de

    SHA256

    093fc5202b91505d5363a548d6affe49baef534ff3df3ff0e46544b0604b7a87

    SHA512

    f914c852baeaba87b6a68f186f12e912146295a985cf7b6ceb337d6636276e7ef0402e55af900bf005bc67ddd1789bf963727add8f988b635087d0019763396b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    73ed99a25b82e365c2a32b2d9da3d651

    SHA1

    ffe4a1880904cd2a53886346ec06fac907c9bdd0

    SHA256

    1098749b80aefe7b327508d736b4c48110a4704c486b200e671970a14a5aa2a2

    SHA512

    20b225cd67382c74bc7cb2086da79293b1556f61d9c0502121a037d0ff9dad38d7394c0d514fe2434611b3504583af762dbfa35bc5696ca584e1828f46b24441

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e0524f8c197eff4f4b7843d032b2855d

    SHA1

    65227b4004e72430a48ee55494dc4b2c0762c955

    SHA256

    a97bc3ba7c6f6d645551b8afb280b466275a90f1a2e66c94c6849309bf453ebf

    SHA512

    16e4726c0812ea7db23dd79b551539fdcf6302543cb122ac8ae25eeb6a8b56cecb149a27cef1accc751a0e2b2c9b7cc335d6943db14a031bc5862465fd3db737

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    888f37565a4ee363b972e2353d3032f2

    SHA1

    a6be6a001ac9a3a0cbe45749749d425419c32f0f

    SHA256

    1a00d84c7b46e7f48785614657e0c0410a381453257571599ef8e12ba30221cf

    SHA512

    5bc4f32bf381dbcbfd7cf263e7c6c0e8fe8ccbaf3f737375640f369a8a648502bef9abc855909803d0fa277279fc49fe08bb6f162ec70fc9631d06cf533310a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b90f1819fa68a9630cc0cd800ca3fecf

    SHA1

    04e5c39966f5107e83844c35ab6e0f17c91c30c9

    SHA256

    a46648405b4eb1ff1034158b2e9df8659a7e3b13a1df233e57e2ba7beae9ae9b

    SHA512

    ecbade9212a11230ed4c6bba1c6b2322031dcc259d50a8037e167e50a26ff88689c91d14d73500d3d537a7d012d44d9c2ab334ded7ee43f122a095e8c8cd4c9f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5c75234b10c96e8368f088be8c9bc8b3

    SHA1

    7de458b654e842e565a566bc5388744e48d9802b

    SHA256

    7cb722d15c6fd825229dff10581a53848c04feb971ef2b5d249fe7fd99541483

    SHA512

    b8a00385b40be80f20773056b908324c53f3690b3c5f4fea1f4f21aefc611af226e82f0daf71b7934a080ea50e8e1b32eb8a36681d6189e5247e72bf1b83ab66

  • C:\Users\Admin\AppData\Local\Temp\Cab9964.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar9A03.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b