Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 10:05

General

  • Target

    a4ff5fb7ad5b99ff158eba0354188fe6_JaffaCakes118.html

  • Size

    23KB

  • MD5

    a4ff5fb7ad5b99ff158eba0354188fe6

  • SHA1

    3dabdcfec38add27f74e010efec1934f7c7d3c8b

  • SHA256

    c559f64a964d3fda2b426d8c00f0a7ce69899f2314ae8bd7cf5ceb27e9777751

  • SHA512

    649a4e70288c12b8a7f6259086daa6c4faa1abe0c715a74c3e4823d3ad7bbe9ea7f55882dddb7fc7d693ab1a7878ea9883d8acb76e02307e4ef5d45cf9837045

  • SSDEEP

    192:uwrub5n7qnQjxn5Q/anQieBNn7nQOkEnt2AnQTbn1nQKdjtvMBhqnYnQ7tnYYCnZ:cQ/IinL

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4ff5fb7ad5b99ff158eba0354188fe6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1800
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1800 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2332

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    51a755a186ea9ab4d640375905921562

    SHA1

    ef21ce471268d68b474125d24c1b2a79e7008325

    SHA256

    2e465149be3650dffe2c77054ef84d90a5253c325045e2aa788b1143f6506e22

    SHA512

    2bcc99de264d6cd90133ef099a1e22a993c304b1a52372ad41d389d658898ef4525e8e01a17ff6a035f8dc5371337004e710c3dc2d8aa8c1b5b474c508ba294d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd10466d60862151ac7c00930c7c7b9d

    SHA1

    c28fd6028852be4a56a78e62937904726a17d6eb

    SHA256

    aa95a7a82500c04472b360c916c8e71e51ab4962a458aff57bbfb073f49cf2cf

    SHA512

    2a520a43f004cd1063c8ffdfc223cd5ce5c1d80360ef36c4c40b18ab0b1563b132e14b0040244f476cc85c050d6fbf97d2c888d2697dfdb6d70fa39367e9ed9e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7ca70f60637d52adc9c55e743aa57fbb

    SHA1

    2d1f849fa6c7a52c66fc41d4423f22c5221b2b31

    SHA256

    16b65512743104a808d38594e011679af535723c6b72111505ea826e8c57346d

    SHA512

    a2e130b0627676d7a8fb34c6c8f57279584f5a75de612ef991585b73708b146cf37e1a2d5e1a095bf18843c30c64a73b853dae4fc1f19ad120276c5d10be6e05

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    48ad323f902e24ed3919cc739e6aaaaa

    SHA1

    93d539068fc0f4a7127680f51f754237ce7eab12

    SHA256

    ec590bc5f55386146d61013b9b47056282bde81335b0029b97d9138b3edd3fa3

    SHA512

    6134f7de5df0dd047d074799ff0dab4aa539dcb0e5f46be15a5984a0c0343a57387a1940fb8d10f129a75012a6c1067d5fbc5c281bbf2e81a7dffc805db5478a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    263f67d14cdb19588d28a25d33f699c7

    SHA1

    5ced51c4e6aab41563ddd84cd3d84886228ad216

    SHA256

    1fa3f01965a4e348f76de96a93abd20f16ba5e99ac0e20bb18262f5704c97ef3

    SHA512

    51fa54c88bbf5e7e452c447386415929e51f2beaa9234cf63674f0f924558c9908f9947a7e95b9387fa490abd12217d82ac48bced36b7c1fbf6b9709c6b0c93b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e675ee99399993d8da0711a1b4fd6da

    SHA1

    3359b7fbc7b8dede03c570cb06f6451736faf41c

    SHA256

    f11ef6fab848d566b781f8f4a75511af3938934624b5d33ba8819584cedb179b

    SHA512

    8b2c5c0dac64ec027672bbc3e95347c5556a5af90976c776cfa70f66b75102bbbc8ef8f7ceee3683616f2f90a8b5e62f30457ee748b8502b19761656d6200f92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f1724f1c2d7d807007f370b96676f3d4

    SHA1

    ddabb27ddc903b22aa69961db52eb844ca5c1c9b

    SHA256

    0b4a7aef57d99d3fa3163d5d13ac9d2eaa472a93395cd5fe0191f5b39ac67d2d

    SHA512

    3bd5d62bf11d526684abcda553feec27ce14dcf011eac407bd2edc50d4470ba63bb2db8ea83187562c09575155d544b6ee4f3a905e5801ce8dcc90043e1c9c55

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3bba66ff6df401c046c53f84bcc7a164

    SHA1

    06fd6f790b01d70c12c7bfced60470ec86aa8197

    SHA256

    f7f3a79415c25f49e6dc7fce0b47bcce7c63d1f4780332557defb58f3878ad5a

    SHA512

    4344dde69c2f66f237b03518ad9277360502541d8644e43ae3f2da257da40c94a0fd8012f76a2845df5de8f941f1370e9afba35cc4ff763cae9169879e3f8149

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    31296a8d74513dbebce8b3bde34bd681

    SHA1

    dc6896639e06b12e56713cba9077121987bac7c2

    SHA256

    d50b19a43a238bf4dd362792a2fb7fc743254f93bb2079780cd479f45eb44c5c

    SHA512

    23a831ff61154f5622984f8ebbc3f296722755224d236a4c61ec4272a7a7d80dd3fd081911caf93e35f36cbeedf3f18735fee1e9c722d797c6c328ed7c175d18

  • C:\Users\Admin\AppData\Local\Temp\Cab1142.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar1233.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b