Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 07:37

General

  • Target

    a475354ef686a34205cc22d60a444a79_JaffaCakes118.html

  • Size

    27KB

  • MD5

    a475354ef686a34205cc22d60a444a79

  • SHA1

    ab209ab643b60e069285a37e2c3a64bdf33b2fe1

  • SHA256

    f0001a5ce64a96b0b0a9f07b69fa8094b5ad292fc0a87bf6847ce450dd5960e9

  • SHA512

    479d1a00ce38ae8850de11c1d21f7c9031eadbc3d8ebe6c765f75c04159363f757dd71cb312daaadd481460be7cee457a054021c620fbbb4975c41797070b84f

  • SSDEEP

    192:uwzEb5nZinQjxn5Q/4nQiezNn/nQOkEntoanQTbnVnQ9e7Hm6uflXQl7MBTqnYnT:YQ/Du52lGSxak

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a475354ef686a34205cc22d60a444a79_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2224
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2224 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2908

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6f14767f4582bffb52497d3b91d7eee1

    SHA1

    08f9fc6189ab4fc0cfeefb6f0a759cab8a341763

    SHA256

    3dd026bae1b4c25aa66748de07be763114b6dcca482b058a789b03eff4292b80

    SHA512

    c7d0b0e1f0ca181da5722f7a8d5bc85d07b22d13cc51fd53cdb055ee33590b1a56aea50201becf88eb4c1547416d61eedb6b58363b4e52566ae8bb9a5c5da300

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    92c429d683e76c607db3c2b1d2814dfa

    SHA1

    8ba40f57789f16179b02b296ed8756c26a0dda20

    SHA256

    95e13b486f8786429e85cf0c8cf3b8f8bdfdf284b545af39342916eecfa890ab

    SHA512

    2ab1c3c66e218781f54448856d243eaf1241c5240a25178bd07d2752c9b4ca5f55a928625944c761cea31557150d8e6a9790c4597ab0e5ad66b600a210d3fe3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eb155cd4457154972930cb0915cdda21

    SHA1

    1a938f273aa81229f50d55775b3f1696e8d24cf0

    SHA256

    cc1774ba6e70bce3d5e8e906eaa5da3bee569d93766f7cd4b93be3dde978f844

    SHA512

    5c2bfddba95ef187a7b9d2ca1b9b08b9dd76d4e80e54bfb2b8630186bc78e89169a9db0dcc4a55c7ee890a5963a64a0f0502a76ebbd4297bd719c6806c92ed71

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed04cf6945df2086ba421f7c44834886

    SHA1

    de3105d3802637debeaf28747655f0848f6b4fe5

    SHA256

    5780fd09f6b0440e0aed62e4341f6b63c7580420874a778f8f95161ee42f687d

    SHA512

    e292124e0db7d4985c42c988636739520b8818d58c6ba6c8bf3543cab8cfe62a7e7ff28123e7be97bf03c7523ba6452299b2b5988fac968a742eb464f3d85427

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2aa6c876a2fc06711bafec7ddf384794

    SHA1

    7a645a00d388bd9ccb9bad4585f34edf8418ee81

    SHA256

    550e6be4a6827e110a5b6d491912ae4dc980be6cdf58f9a640dbee66567dc504

    SHA512

    39992d49af9711d8975ed5d1697a68c22c1fb926fcbd6dc89b74d66de2d98c56843ccedce73416bd0b2d039b6cb0f661a0d562caac343f6c8b9c1bc60e1ef7a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3550698ddb9a0afec58d879d6fd3de0e

    SHA1

    beb76e628f3d46a46eb033f35991e4b800b506d7

    SHA256

    726b75f8c4a48cd8d9e0a3f78586eccd691619c6e71fe96c3fdab6a33bda5bdc

    SHA512

    fc5d7da788873dc223d91d56e91ff842d3004a5db9603b36a3662fb9a5ae88c2afccf60b2133076849adbc8bb68c9721e7267b62d99cd397803c41f39a84b70f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a51c2daf1bd6ff39569850f30f5db6d3

    SHA1

    aa9292537c41df71fdc0343c2ba7afeabd74e4a8

    SHA256

    2f680b256d038649208dd92fc510e6dab03e5eb26662826ed899de010d7c0051

    SHA512

    6b71301a5fc326d6e786c759c4a96b59669e64d6b019ff2aca518fd1d83a5fe5ccf7144f2eda5afd7915252c808fee97ad3e2cede68a74c34a34da0b93b5ce85

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    635c08a6e38e88eab4ba6eddfcf2ff33

    SHA1

    1fe0e4bbf5447e97cb37d294ed16ffa0c7fc982b

    SHA256

    594fc0bc07de25a364377c3b04cd2676be6a8c6436ea8c611d44b6d508dbe1ba

    SHA512

    17cfdd1a1b480d8c5d86b7a157db5b919cf417e1b233fa0159b8798217081c9bf9cf8449eb7db1df0a06e162cc834b5c416d772a12fedfa2511772a579b5b96d

  • C:\Users\Admin\AppData\Local\Temp\Cab55EE.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar568E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b