Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 07:38

General

  • Target

    a4765911eb1602de686e1d22972b518a_JaffaCakes118.html

  • Size

    31KB

  • MD5

    a4765911eb1602de686e1d22972b518a

  • SHA1

    7bb62a67e6c6946578a2390921c15f9f176608aa

  • SHA256

    9230778272b8f344970ab1011f92e85ea1bf09ef767053a023e328ed2c4526a3

  • SHA512

    4c1e25f3807c4d9818ae98e3e825fe215bd5c1344eedd7c25f3c73c33ffef6614ed84ac60063f0e183a00221b43ddc4c60751cf4051e4a41661c9e0bc1f69858

  • SSDEEP

    192:uwH5Cb5ngl3GnQjxn5Q/mnQie1NnVSInQOkEntm0nQTbnRnQmSwxXFZ2z221WVQ1:bQ/7CHxXFZp211fpCc

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4765911eb1602de686e1d22972b518a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3040
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3040 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1680

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e87a609d66c1e8d89b321d655d9cd3b3

    SHA1

    7e7f473d9106c5585faca4d99fc458dec716dd70

    SHA256

    67646241892744341c65ecea5748ca508cf7f62d47659cd498f5dc10616330d8

    SHA512

    7875bdbc672103160d872706e4e15a00cc57f75adab71c970bc78543b9b7a1266ee688fc1d9be8c729c30e7e8e75c1eec6332d2451fbbeb5dd60553e9421a5b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a7a3a180da564f25f3b3d9bdb04efe53

    SHA1

    600cc5c3fe605c4b2df361d1361e0d206b427d6a

    SHA256

    1e710bb605983222ee5c49eeca7970f5202cef171cd97b1a0b16b5a781a33f1c

    SHA512

    a658dde89fc28e6e0478d6410dea156fc96da1b9a2c10f894c41998c093d190a6dc265e1cb6b2fc05e16eaedf64a90b68e343f42c5589845020c7eece9168579

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7dfb0f3ce56362acd4df84be385cc7c8

    SHA1

    bd47f5df88f5d1702219336a1e99e3f651f9e3aa

    SHA256

    358c387fdd12930e095ef4df293fa16ceaaa544b566afd2e738e36d2608a6f22

    SHA512

    05a4f66c8ca740310649d1cedcbb5109fb4a6d101047462ca2b1bc850e9f714a82e48af173759781f15c0b8cff00cfa157a09454558e86402cf94a7b22730ac0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3ca2c7bd268eeaa2cdf2d5e8fdd76392

    SHA1

    a6afb2d81456b0276d61dedc083acccbf8595440

    SHA256

    cae0a168cb72edd90b6592eb776d720e8237749f1530fe2316ceb1a9623946cc

    SHA512

    eabcf6b6a421e6939fd81779913800b85adb8793b89d6fcb534723bb1a2f79ddfc85daa6d4363a0cb3bf7fe57ed6e3470d31e248681f394bfee8729feb941b2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a85d69e642381597adf5e3cf396cf497

    SHA1

    0fed7b83c1914471acbcf402d322cfcf0b73da33

    SHA256

    08c218ddd0edfca307ab89398ee21573d8594465b4611b3f471e1bbc8f50c2fd

    SHA512

    4f6654a83945c7cd0f2421191340110aeb0a203d776962a07780c5b1210bcf557b632687a20112d45609cd4e54692681ffddb14bb9536a8067fccbbde8553154

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    194e72bff8492823ea08c97161a53859

    SHA1

    a7df256a6e214bf761314b0247a04caf749a41a3

    SHA256

    84990215fb4579cc15724dd9bc7e94a3d822d26d025fe91acf06f98e071e5deb

    SHA512

    1f41190889e66b80589c5c9aa9c93461e86eb9570f1974c4250fb492449c85ec3398b3c515418ec7b2d570d7c7a9b12ebf52dbedb34ab15de6f519c985631f83

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    df836203d79ae497ac1946d11428d4e9

    SHA1

    b7bee7a05353e2356a06e113e5a83c0705174636

    SHA256

    40be9b27f11c274674be7edf3aa5e8534a44577eda597749ab09b680d003989e

    SHA512

    d83c25833a44f042408f771b0f0963a500297a5dc5da56c2a206e0a708183b1d6db30353f6665ec82db780c09e0bc8264a8e8cf2b25fbaeeaaa5a851fe6314c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    06f92ff8021392c900690a243aab1458

    SHA1

    267e663fc8c1594f23faa991b926571ff5ab482f

    SHA256

    f66f81262af384dc06e8924dd20447bdb4e8a67ea7be436434e9659eb946ac34

    SHA512

    9a8926c6a15fe401d39e931607d09999e00bacb04fb5dd65c3465c8b2e10612257be5433bd16bf83e73bbb5787ce12193d027281876d48da5527ec8675e8f014

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ddb35797ddb21a91c39982f908a50051

    SHA1

    f0888a121d2b1c7f1a634bb0a1b7516bbde37cfd

    SHA256

    cecbc983a4cc84315a46884d4c8294e604fc20cd4ff721c296a123cca45a3d2c

    SHA512

    e3cb7d5e020a703a9ffddadf073b1041a5bbe50dad91a6c18f50fa17f9a39d68c1dc9d157cde955e8120a7e313e343dc8ce8e2dd26a4f72eecd7c30aa4597a98

  • C:\Users\Admin\AppData\Local\Temp\Cab15B2.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\Tar1677.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b