Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 13:16

General

  • Target

    a5baf0a93fc41023c8ee567fd4e317d4_JaffaCakes118.html

  • Size

    34KB

  • MD5

    a5baf0a93fc41023c8ee567fd4e317d4

  • SHA1

    c5662531a6d2e8c772c82c4e8e5f1ef25e9a390f

  • SHA256

    dd27b025909fd71c313800031ef04925d6fa18a3660415e07e2d01cb9a9115fc

  • SHA512

    25e15df4c7a0ef154f228225b5cec36b7bfdf6f25ff4cf73a91bdfe0b6e8826e43a46c91a8574da12982983fdc2de016a3d12e6fb5bcd2898586f151a813bdb5

  • SSDEEP

    192:uwPKb5nGGnQjxn5Q/dnQieoNnUnQOkEntf/nQTbnJnQOgVcwqY0cwqYocwqYQCUS:VQ/3NE25CUQrga/thTym

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a5baf0a93fc41023c8ee567fd4e317d4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2176
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2176 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2356

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    915f3c8fd3dbe79a7b8b8b6413840b4b

    SHA1

    2619402eac4d30d2f2d758e942612f46767af2ff

    SHA256

    341f85c383cc79be803679c8be9de7bd80a32fbe03397883b8d4233708040038

    SHA512

    e5a59eea3a65ce6720e493ad786c41463c48bc8b3bbd584d8a6ae0feed906b893cfc3079562a0b840389f8621d91bcc4791bac64b991a54165e2cc03b0bdbc51

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    622ab04fa5ce8cf0e8aa550359ab08e9

    SHA1

    8a68b074cfc13a798f5363b21629b2c56bd49627

    SHA256

    4f7a13e433ab28f121a4ffbf4d52839a2cfd3f0686b80ab40d0a3460d829054a

    SHA512

    fd424d27fecba4d1b36787a8137c6e1b300ba8faffec79da55a15e46ba8a683b4fcef4fa59620d8e5697fa74948d26624da958109dc1b07ba60a6f1faa576613

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ff7890f85ac5e28d92ab7edd6e86844d

    SHA1

    ae65678acb01bf6091f49c68b2510b7cb9cb39a6

    SHA256

    530848773b3113ef8610ec4674a475ee19aa488ad33161f067dc09143817e5da

    SHA512

    c8db76dd32485552186c552c4c358071e01e6abe9d877fbe59e387e5fccce63a03713d6ae57ad0086f2c38ea195a0d4a4f3a77e932a93e92ae539fe49476f3e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    640cffdc40e046a5d3a31c7a4b5cca6d

    SHA1

    473b56d188d610dcd8380808b27799190762bf4d

    SHA256

    79465bf33b2cf6777a5c5e2697ab05388afe5677a17ffde2a7b355fc4202d6a1

    SHA512

    948721533eebccf0a9d12d4cc6ed5bea41661fd2c5cf07969e04511bf2c2cf9ceb387ef14a481bf2b2eee4ad0e0f917cbe107450a69d68084de2294bb542c6f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    addc0734693c0af04e2954ddc3e275a4

    SHA1

    7d5d6ddec690164da06b8e5a0f085984236f04e8

    SHA256

    fb9cfc84861692cb36080100be0de38ef21c4cd16f19f03b148bcb87a8b135dc

    SHA512

    02d01d6fbdc09c1c3097baf24c9ed800f811f06ce58ececb97d2eaf74cd2250b135a946d6d4f6afff8be9b6623d845317ad3e054cf490cbe3ac6b913a9bbfc82

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    70f033eee257b9db82eb2db0e05de30a

    SHA1

    2ac84b7f1d41acacba05a72af954bcad9a1bcf90

    SHA256

    6f600ed7443f34bc7bd2487cdd03950fa45e2108a285807c1bfbcdf79df46db6

    SHA512

    fab40acd9a1e39d17014d32010eeff1d2b8a58a3920e2ab5cc8578d370b79567fc6345e71a50f9f1922d25759740b53df5a6d7c3dd406c8b008a644143a6d987

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4fc44c22d13d6834b7eaf4d69610d473

    SHA1

    1d46b5ffe4f4386a1b49d16c555c69f310fc7bc7

    SHA256

    2ecf911191965d2809530091327f06a4352c6d63b2babc393155c91084d68788

    SHA512

    f71fdd46e14d0018fc1e35f1d7fa98baf4dd6bc96f5a206b2146204625219f18301783dac0c010b3cf2ca118cf139333298bebbe6c5e176d1e8b97540a57f7fa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    81fd5a69f3adf31bde72073d09863852

    SHA1

    be28ec48846f5be84a8379c806a939bf3bc6c6b4

    SHA256

    32ccd9727fe944ee5f04340ace94d7b0333fedb2381a98836c48c26047c9ce79

    SHA512

    96ab1c02572c5b14ccf98daab3d93e11b506d5fd45be3df52e2e72beb45f4d6f05801a000aedc684528dc39131a5c46f45378066ba4431fff43365d97c8c18dd

  • C:\Users\Admin\AppData\Local\Temp\CabB58.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarC78.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b