Analysis

  • max time kernel
    150s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 10:05

General

  • Target

    a4ff2c307ad10b78dd64e16e352266a3_JaffaCakes118.html

  • Size

    20KB

  • MD5

    a4ff2c307ad10b78dd64e16e352266a3

  • SHA1

    135e616f6ed88f0f027917641d50fa38f55d9bb1

  • SHA256

    b7df791cc3ec4eed688a258cd59056a3715daf228f65f83598c12de81f1f8ca9

  • SHA512

    c4bd0255f7ad912109f28cffb9f85781d1ac1636df85eabfd695cd17b1949b777d72dbcdb6479bf9af6563cf371cc3a5c6532c2d92810c27c5a3786a19c03dd1

  • SSDEEP

    192:uWzrb5nranQjxn5Q/3nQie2NnnnQOkEntxdnQTbn9nQPCnQtswMBWqnYnQ5bNnl9:JQ/Mi6

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4ff2c307ad10b78dd64e16e352266a3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2984
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2984 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2676

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b5cc954065676f3a6202a91d5cfbce59

    SHA1

    606cae0eb7037477c58054aaf7872f600efe552f

    SHA256

    d8a78fe76ace4f3d01c196175397a58694f4afd70f58f911a1cebc3f09436164

    SHA512

    286be1084a05a84505150f1354c3ced399dbec73c7bc08e7d0fe462b0ee5172176fe9485d8e26adf8e8e34f8297c1366a27e031241eee484a99590fc7e2f2a3b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b0a11945007a9437cf08e272ebb3c826

    SHA1

    261e0a5e45c243a106d1ca653f8b906dfa4d3828

    SHA256

    49f928d9200d015fbbd77d766ef940476d7d6a1bda5fe35f88d73c517cf610d7

    SHA512

    621a3e23e5ac6014bafadbbd94e6933777a19d1ac3049f3f9adc6e21e427827d8d897b5b1b551195c691e1d6c5a67e99e66ef99b3848f3ea33d131e014867f8a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    173a90ee0a6bc65b1f116b120e98b529

    SHA1

    4df899a0dd2df5ac8d87fca00431b5c2f1c8f4d8

    SHA256

    74ed34118affadbf62dee30522eb1fa34b2d9435f2e52405acda2142890c3796

    SHA512

    324bf5b32ffea39d0948e6dd286c93d14a803712e7b3e01af551f2ff41ed0390fc16d88a057e843fd1b7ba09b648168239109e0164b54305e78f59b3203ca11f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fe254363255157ae7566284aa6ea2f82

    SHA1

    5aa74fc8bfcf29b943cfc074b15d51a4ef0327f0

    SHA256

    7d422ae07b37bfe9f053117b15aacaf82555e1f885cd64e636b7f0a0ec203dda

    SHA512

    1cbb07349e68bcc738d1e66cdd8d7ea61c12f745419e93d51b3fb3942bebb6232e35f0fbd6c7e13cdfb6996179f8400126b920653775857bd5750b6d6aaa7c46

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ba37fa8b0ffb0285cfd10f9ca25c117

    SHA1

    f68f968668021b6833da9320a11426f925b8b5d5

    SHA256

    f80edb7450e2ef3fd5158d0d1143c1e85b1b22382b43b2831f1779ef1bc9996b

    SHA512

    27da047fc605d08bd6b7b1dcef468059d92ccdee9992bc6dbfa7e16cdfe875d868624a1730e2436f0fc100e0b18fe9621a257adc67814c89652a2e8bff705304

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2a54db9c28aa0dfe70c3bb2d57a3b8df

    SHA1

    8ea5b32885a62ce389e7e8c5d1895abb2657a18f

    SHA256

    a7e98a3082c0b87368739e86446ad09769672d555e21f59111f6f33a639af274

    SHA512

    53753dc780c4978027c301935fbccf8ad9b7a9eafc9456f57214fac160cdffa6ed0c3395b2a56b43fc9e9f10617853879834c0b74c2c7748059f93b22042199e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3f2d049c44aa15c0a0218079e52272fc

    SHA1

    b6ed10e4909f111b262d3462b2bfb20a55c7c559

    SHA256

    d7479c03753b89339a238f0c866f91f1cddc6ab07d371761cb9a3dd8437e9787

    SHA512

    6ed1f88eadfa77669ae18c466861e278345bdb81f159c72e2a76991c51496a4b98330258de54d168b0e97fcba0c4aa4512f8b55ed542a0e4ea3a34524d0a8aa8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    48f02212a96aedf3a65dbe8cd66e8105

    SHA1

    629e89b2d5ac385e94f7c09a12da4c0bed307c42

    SHA256

    5601f83ad6c50c71fef9b11b22e6d2d5b6b1e578ee5712df4d008cdbb150bac6

    SHA512

    fe9471b4a22012b866cd6d3e4132020566258b6dbdc40db28b32835ce76789be64c8bed2ffed1d9b3823339721d83e3b5cf5bf6c4dc2e4acb7d7af853bee3c96

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    17401bc520c86be450eab7bd8fde0469

    SHA1

    72d265cf0ac08951fb5898f2dea72f56116c0211

    SHA256

    4fe778615ae16fe246c733f9b945d1ec555da22153abf347353be44adbc67981

    SHA512

    27ab65e56db4b7c5f6134ea1990dcfb8a08a0a3f0287e86809996b2b40aa5c2d047914cba78968e2b4d4218acba4308cadfe4faf45551fb51f775f51851c3be5

  • C:\Users\Admin\AppData\Local\Temp\Cab5C43.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar5D71.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b