Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 10:05

General

  • Target

    a4ffb1dd5bfe649e38ab15694d601549_JaffaCakes118.html

  • Size

    26KB

  • MD5

    a4ffb1dd5bfe649e38ab15694d601549

  • SHA1

    589306aa6a2d5080c1bdf49f79b6e70c2aa6812c

  • SHA256

    19972722d9aa013b4bace80591a4e3d915e4dd3e5dd6b7df920f554dc9f29272

  • SHA512

    a6c9076a012ad3495e5f3023845bd2916e8932e6d80ecfbcc77b3b0c98399903cdfca23828dc06e8526db2b32e472e5870f87439888f2db2e9217954bc6a1ae3

  • SSDEEP

    384:n/F0ux9qIdn+t8+YI/izzU598Q/4fO9LNbswGygczRF3ElqFC1hfJ7EhJKCMYA:nI2L

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4ffb1dd5bfe649e38ab15694d601549_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1960
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1960 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2060

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e72a6ba2f33827d085d59a980e1e1ddb

    SHA1

    8126f5503e426911168d6c407b1571de6f36beaa

    SHA256

    836991d86fc7b879ef3279d9e497dd2d02060994b2bde60085e5d5b9c8f1e2e0

    SHA512

    ea1f7858e4ec31e602a64c09792646b9c21741e405195fd25ecefb5e590bfd0bda09197e66d1f120955544ea64957c77f6af9893b006a2e7bb3de9a5d5a3df0c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c1ff74e6eb45a43452f1b20cda54f4d2

    SHA1

    29a2b35d55ad48bec10e77c817d82cad7ed5146e

    SHA256

    35287d3254b42c385b00938d0d539ebb4294998606d414bb4c95e5a48136e7af

    SHA512

    938abb48e173364322308585d202c4f1f63f5f7d0541afa013eba7a11e5a157fb399cf69ca70f381db62f8ee5179f7585593be882ebb775a665ff70afad08692

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1b60da4eee4ced9ed4544d4b59d63ea5

    SHA1

    556d112abfacd3689f4e7939a3fd0ba1411fdeb5

    SHA256

    7ff0727a972d2a75baca02ead9c857c46ddcd530ff2b5fda433f1023ad367a65

    SHA512

    90171c50375bc89ed17c7d3618d65e329209e57966ec63ce749bfc4cec716b109c667e2032e91de76f9992241e2777f5c29e856cc8a71b972e315c5150fdb19f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    089626e84a4e7ad661d05e7cd182a930

    SHA1

    23385fd3fd853cf2f6bb3d7c2bd7d4e82e6e9382

    SHA256

    e4f7048e06f5d0522e038e93e2af89d9eed1686adc519fa8fa510f69cfe8993a

    SHA512

    600ddb2792ed56f806336fc8c5b33c078f42ce45fa1bcad4be132b828e5a870b10343dbef2de85d42fb3ed969b8b8f57ffcd6603e6960f2d4b297b684597c969

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d89b2ebe957444a3c106c4643ddb520

    SHA1

    2110787cc81fe8a07cd5bfc74811fa7fc5a8e7be

    SHA256

    7fd665a43b8796df742294ed483fc6e52f9b69ae24c670eeefa248c19df08ac7

    SHA512

    1480d7452666dd5a913b54336c52dd55a8848f1194271426b4a9b4adfc340c458d146d5d43ac76074223bbf85d7a3f41c7e437a91ed3d0b46241d75e38e9efbf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2974322a01152e1e2e5f8cae475a9ee0

    SHA1

    f1fc389e3aa99502c680fd9aac797839d73ca229

    SHA256

    96b1cc0b0df876e15a01b882bfa040622f62c2b6e643e3873b0cae8d1a7a2547

    SHA512

    cee2854f6fd7fd93d4dcd201108090cfcbe56f31faec702caf2168206016c16ad60dd2d6b4eca6081a19a3d1302fed5d4c67ed6816fab5ac524e232870d429a3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3289c8afac93432e611a8c0af95ae996

    SHA1

    cff4cf5e5bc72bd3e35a36307d5bfaa1cb29df09

    SHA256

    2eac541eaa55e97c4d4aa68522da2599c906fe0695694819644f68bff1ae46a1

    SHA512

    e86511564a5aee70643b9fa98e30cf8af5d5f419f7851b65a15693860c7a29a19894d9c275256795ec32239b83a0ef216997922301cfa19cd271dff59ab10672

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    147aeed7b806a417dcbc2dcfc681edd8

    SHA1

    908d645061e19f7d32767f7fa6c06cc1de4a04b5

    SHA256

    95e7089bad2737a3d502ab78cadad8660c37be37820f15bfd9c07f0bb7f0d84d

    SHA512

    be9495d5c94fe1f8d39d241df8cb949f683def2dfc8b0585580f34a823fd2efaf2899e3b15f5e029970b6fe4a7d9e8ce68f4cf883360b07e8e975287827837d5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    abc4fb570921bc21d0d0c887b6dca843

    SHA1

    b94847f25a1704fb28658c6a3bb5052ffeff8cad

    SHA256

    76488e133e9c39fab6a353a32bed8cdfbf0337a3f6efb9511177f0532acae723

    SHA512

    0e4753b97d7e491fc00a87b62229bb687eb38e4658e334ef463140dbb4a4f56aabde4c85edca910bc52408b1469c8aa1cae89a4d67c82b495f7e57ca17af2d53

  • C:\Users\Admin\AppData\Local\Temp\Cab19C9.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1A97.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b