Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 09:26

General

  • Target

    a4d7f5f08b1ee23f6d1a8ed9a99e5502_JaffaCakes118.html

  • Size

    24KB

  • MD5

    a4d7f5f08b1ee23f6d1a8ed9a99e5502

  • SHA1

    5e7bfc59992df8b1c173b13dabc53a9d28284f2f

  • SHA256

    5cf0bdb2d58e118a262691242a54b76872bc48d8ebdec0180940006364c0c4ab

  • SHA512

    3cbab927fe45aad16863992adccebdcc858d9135725c2068f7742423ea08fc0747670411223235870fe265443446dddaa87a2e6f523481b94b756587df53d742

  • SSDEEP

    192:uqN7HRb5nW7unQjxn5Q/fnQieZNnRnQOkEntFYnQTbn75nQeCJVevo7NtIFo+Nzk:nIQ/0ygcnnBH

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a4d7f5f08b1ee23f6d1a8ed9a99e5502_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:288
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:288 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1652

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    76243ed06f6de400d40f5c9d016e6874

    SHA1

    f783c5746f63f9d9ee2110abd06fafa414c1bde5

    SHA256

    0f0c870eb7a4b3563639416f531edea3a76cbf8806a5e007be8f2589056eca0d

    SHA512

    57477ad0e9b1d0e6601b8175e1d68cf927d7e7dcdc071dd5a2386525cfe86e76182d7c833788ed65ed4cac031760aa89368425e1e6bf179dd4b4f43077050f16

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    562a922f788fcd9a07ebc5bfbab74937

    SHA1

    c90a159829e39a8bae43521a682f81df18856219

    SHA256

    65b8e4a331ecd05e1c6b151002cf1f00bf27afd491c93872be576cad7a4c3ca1

    SHA512

    f3b941c3077b1e000eb4c3efbf0ebf4c631494c7039b298e6738bf441c2f4287b2b4a177b6fc315f19277bd3b49d582cb25c17d828f058ea49f2082e34a8c093

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    49636e70deab3b10b0bdc0c92f74dcbb

    SHA1

    18708008738da6334463c039c4dca04aca9c4dc4

    SHA256

    ad4ae4e93d5c67787a1726ef9c3662bae0ffcfe85b81b6c007428093fc8616ea

    SHA512

    be80045a36e85cb226e7b28adcc141c5df02036aa44e3bb375289c32fdf143188a5bf5caedac71b2559c228f473ef88b1a5ebfb21bb4b71593292e2e5f77d2db

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fdb853623f362687a67e88d7e5e6f01e

    SHA1

    09911b740f4525792a07114784bcc7a1e641ae73

    SHA256

    3c7e0ac93dc7a71dd1683cc376bf0015d39dd0628a1ddf5151ddad3f13cc1722

    SHA512

    edfb79774157263f9c691af1c252e2039a085c8b15eea47e06db17dfc0a51c2cb925276184bc5687b1271bd06c3eb2684df170574abebeb698493bcac546adaf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    00ceff71710ca91679b83e6c35e4eb22

    SHA1

    f234865e241e39410651d01e6ce7e7937e1cfc7d

    SHA256

    bd843db20c61b955b180555fc09be5b93223e86ae207ac9a12119cc4b98f9a7e

    SHA512

    4db9a5646892f601f9f02251251381d6b06b9367ea9bae381c3fbb74ac015ba4da98f8fcd72076336482b5e8b967dc828fcad4652bcc926a61231cc286621aea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36c061bec1c118c7130e0b65e5ddeaa5

    SHA1

    5518dfc466324c5f035a61f7e681ac0bfcae50e9

    SHA256

    7c0814583a2c9ccaba1191fbad944f4a3d8fc0dfd5e1d00c3869942b6cc34760

    SHA512

    0c77d2fde8792226326f8d53f3236c99fdcd9928df2db0fbaf6f4c3910cda35b27b38d641fc105158aad84d47ac7d686fcb40d61802bb3d033b08d1f0c18584b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7c166f1a904edf262ef62f811a4d779a

    SHA1

    153592812a06568c40b183071a15b22e7461ef6f

    SHA256

    c2b7259a01d3dedf2d9789908352bcb85724e2d564991a2443291a708344dd1d

    SHA512

    4139a723afbaa830b3a7ba377d8e1b889912f8f228d411bd9f87d5ff0b27bb4c9722de23c617991d9b0c7ba838a0209133c17c9ce47805c8999d8b2df7a7b862

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    24a1dcbd9038aabc94dd5d27a8263e4d

    SHA1

    16a9e69dee2851a3c41d24d12ab3821099ff30c7

    SHA256

    b8cd1c68d2acea454c526338d904291ec29f937e6037384b519dfcba81e4c316

    SHA512

    ebc9b8ee9b1fa7fa9bdd24bd88ca419eb19815d9fbb1a750950298f8d27324cb68fe874a0d1057fb0cb5e10e880da3e7bfaa313b9befc133699510c35fbe4d96

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ad86eb942b96b9b6ef74e21de1e3f526

    SHA1

    c6f8ce6bf545ba9c26f5c0ea7104960444a403be

    SHA256

    5d76c12f4d8a88ce8f3d440f7059dbb8016bfd220704c112d33935f6f465760d

    SHA512

    53748fbf1d8f0ae3274e42aaab301ae07a70afce7edd40a05964babc3495ea3806908085a1e73e4fed38d63a62fa5e70188355e882499a9456c219a878256977

  • C:\Users\Admin\AppData\Local\Temp\CabC90.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarD20.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b