Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 14:07

General

  • Target

    a5f134a628896889b50ce9a7ee9dcd4b_JaffaCakes118.html

  • Size

    23KB

  • MD5

    a5f134a628896889b50ce9a7ee9dcd4b

  • SHA1

    a35fa411e728145b5924b43448e4cca9169dddcd

  • SHA256

    5e3249c123b1c2df16ee5944ff63cf4c7df15ee8c6db1cdd4a64d00b8255cdc3

  • SHA512

    10b9d6f399495993276f89e3c76ff49c6684184580d218a22b8f69bea54142f8229af13da1777badd2743619695bdba6344636cea0472d1dc3c36918707499b9

  • SSDEEP

    192:uWXIb5nQrmOnQjxn5Q/mnQieVNnFiInQOkEntGsnQTbnpnQPCnQtBwMB1qnYnQ7p:oQ/7X2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a5f134a628896889b50ce9a7ee9dcd4b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1976
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1976 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2948

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7d6ac20a4c490dad9df7c552f5d14b32

          SHA1

          010abdcfdf199d4e216c237bf866b8f70e99babc

          SHA256

          14539c0d08230fa1b970674deeb2ea9fa2b5d2a27fa905562bc9d031b9620c61

          SHA512

          d0ffaf3325f061ad175603c8ec47fe4eeb6751b98c1d100c34bc7e8469f0a2028f6ef1fcf932eec019c1c3c14e7e3b12f59aea9d5530446441d570175bbfac89

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          507e6549d90cab1f8c22af4b09451bf0

          SHA1

          c3a9cde217e333fe8a18e127d47e27dbe3934f41

          SHA256

          0afddd70fc0d2e4dba56131944d8b38b4ecf07f44642edb6152ac8642a987303

          SHA512

          69054ddc19e0f5b9e968e65929a90986587eccae20aa026616f3d8d7d0e35c03188e26bfefe5bd7a0c2f03459fa2a0194757f2ce33a0ee2102f33340fc9878a2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bebdde467e47ab592de95c665e8fb407

          SHA1

          f17f6e5f466334caa8aa711f1f9358b6ca453adb

          SHA256

          bd0aee6e3ef732d9f20fe150ad097012905ea3b022f43350f31cf3013d168d28

          SHA512

          a3520c529975ed52a1c0bbc7816812266d04aa0ff6239d0a329af2f58e89470127bfd54f369c5fe98df47fb52955b1716c1c3df6f2c2271b8c430fbbeed4f868

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          eede0117681122ddcad6727039205492

          SHA1

          6bb05f053878155a29d4ea8f83e1054991284b8c

          SHA256

          ad1cbc7cc04476a6227468045294d94956f3f4321ffbe191af89d5eacb04e7c5

          SHA512

          84521bd212684d61666c6506746929fa182c988bd6a9a7111793ec570158b57b0e35f14f0a91e77f808405e47bb7eced32e70d0acec04fdfb42bd5bbab425c9f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ef19c33f9efb8295a6eda976314fe8d6

          SHA1

          a7d19c50673e60cfad2d25ba5297ee9a7d45c785

          SHA256

          cdf81babcbdf10f6f8afb8dd61e8f2e62e370da7a07330db50317443a1edc7ab

          SHA512

          e5d5dbcc6fdca91ca447fe2e70ed56fee307316ecd37a4532a8f01a5e0cfc5e004dbc07a831a7e37ae5ce8401e9b3325401f01e9fbd943594a18abb976e422e5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a2d3dc5458f22f35e4c770fa356fb2fd

          SHA1

          1cf966a59ca1cdb6f4879a66d2c76eb912881571

          SHA256

          6cbb311b813d60902bd6826e138c002516e0b12dc520f6a53c6fdfc1ce331525

          SHA512

          c3560740d625ce22e16a01217e8076ce84b4ab06ba91a4d8117a17a8e69a42e0a119905e47f77dd01f83f70ee623da6d3ee493e7ad05648a792a82e71f11c810

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a9edcc83f95f79211b0b008b8852a629

          SHA1

          67b35e37ff6410cd1a170cf36440bd80eabf90c9

          SHA256

          835cdb5396d61d9b50553fc432258499d3745860d51e80a67ee97c871aa05aba

          SHA512

          1097f51c595bb0f3760f70c308cbb98fd16197b30888baade177ebe4a7202496dbe7ac8c49cad3b584fc29bdeef3b6eff4c9be4f4b76fb5a5f104510c190e407

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a51cc2cf792c75b3015bcef11d3cbf94

          SHA1

          0ab87c302432d338bb0bfdbefce893f6ccae9607

          SHA256

          76551423ab929df8543ad477b8047ddcca594eac0c74513f9c5cda1f04f64a33

          SHA512

          76e1a3f19da8704e8e2ed9ecb6f8ad625b995d0ca0ccde5a0d421402601b45f154aac207a6f0fc063421edffbabc6f3e648c883bf14b541419b7c1289a0a1f3b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          896d8d65f930d3fa3336a6ac42fca004

          SHA1

          c19554758e01c8a04e5839f4b2f937affa457d27

          SHA256

          a9da5f2791f366b673d24c7e9133961d311cac4a0f3d518b06029283c786c823

          SHA512

          1f12984652e51d62b0cf496e7e680f5a3d4db7f4b2972a60fba74d97a7804111224857c193d6f25442596cc6d3d264a3b0258d97bce403fea4df66502a09ca2c

        • C:\Users\Admin\AppData\Local\Temp\Cab36.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\CabFF46.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar48.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b