Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    14/06/2024, 01:02

General

  • Target

    a770cea7bcd22b6290720dfcddedac39_JaffaCakes118.html

  • Size

    461KB

  • MD5

    a770cea7bcd22b6290720dfcddedac39

  • SHA1

    af9e090dd2d86888f3f2b2dd9ae450093106cd4a

  • SHA256

    8f7691be5df3ed32003ad3b6762f947b58e853ba992837d839b958936993c751

  • SHA512

    69572bb4d8499787d69c3b4439bc1e787745242c74aaddf48f21e8b7140768fc2acb62c8c63febada3c7fc74ba7e060399cf4297d6122053875b480b6037dd94

  • SSDEEP

    6144:SQsMYod+X3oI+Y4sMYod+X3oI+YNsMYod+X3oI+YLsMYod+X3oI+YQ:v5d+X385d+X3f5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a770cea7bcd22b6290720dfcddedac39_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2912
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2912 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2848

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4c9b8ede0f73354eddd69eb21c33f562

          SHA1

          ca04ad059c11458ae6f6b1d9f39a96ea75b4640d

          SHA256

          177e1391e642d6eb61e751d09ed4275a7cff92892195c345c7b6355f6d53c318

          SHA512

          ea47eadb1af102fcbc58fd79006763b86c50ba4c740abb82997e29bf3dbac5819ef59588236f7bb2df2f4b8763213a0be68d0565be532b04078db315af0a47b3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b31f558c60363b1c1e71ea91ffe2607e

          SHA1

          0bad97c47203ab4004710c9b5447a6c431b8da6d

          SHA256

          bfa2a33c5f6abb8f66b67a70494aa931bde3ddc966733cac0f824e3d6abd90b6

          SHA512

          65930edd34f849e376e16ca77ead1a40a527cc39e5694c165ae923e6aec1b0dd214674a30a4aa6f8ef5fa1456fb28ce1b158e4104b6ebeced03f4d548b1e0f09

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d9181f7534f2590accdd5c3d4de7d151

          SHA1

          e7ef3e57dedcc301b98ac29703b5e736be6eeb4a

          SHA256

          5e753c040f4a9d54c9a4cb6fd0af0502c2e6a2c07a3ac2acaf958f9a5ea36579

          SHA512

          1b78de2b044b0cd6f4d9dff21993f666d3f2855a6258698c0377572afcb0131e38255d8a5c67b748f3150a10e4d0c1eaf073fadf2b6dd21fc0903a991479a799

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7a9377f37211fe7394f2c275e783a424

          SHA1

          cfb8a5a41badcd34f48c1085817cee6abe4da0ea

          SHA256

          fe9167ba162b6445db5c7c3bbecdf6983195079142046b82fff1091aacc11244

          SHA512

          11ea041d3ff828e408ef3d1f1003bb032ea001ef1b10c7993cb4c2fb78480a2a6eb28733d99855ddd98a259e9c4ddceb368f07b593a6366c88cdffe43d1ffcf2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          05e3c312ee0201fea7deacf5e63b0d4b

          SHA1

          615b521186e05c70ef6803a7b022a59f9abfdfd1

          SHA256

          c2f8523d28902cfb5ecf7b32790129d72d1bee974a65061445a040ba557df0a0

          SHA512

          d2a71be04d6584b3aad50e220c76300b7468a3fc0a380eae1e4f9ab97b6b0bf11fd0ccfa1e394952f91dbdcaf557498bac9bcdacde6e6398a52ff7f45909dff2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          44b323214bd830e376cb71e5803fc555

          SHA1

          959af6457e930e735cd8ff5ef04272861859b274

          SHA256

          0919fb27f0c65a539d906ad5cb4156df1070a03e026c78c2c2d78022802799aa

          SHA512

          6387b39d9686ee74b2a1167b9c23a096cdb7c7235725596f397e612f051b84bd955394a5a9ea9d0df8c9f37f1c5cbff759091374797848db7bdfbab8d9175d0f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b8b339e08660f7e9e4f44a941f381286

          SHA1

          8857c46788fc253db85668ba4d6aa4305eccd747

          SHA256

          c1cd2625d463454f103c97bf13fbd2141bc75b71c253ab42d7eec31dbb483458

          SHA512

          6b48be937f1b79d02e8be8ae05c2e7583fc65f057dc623a26fb7261802b45b4a4a7a374824418f6cd1171e79bd21201f8ee4cdb6fa6e4b0ea271549b9ea8f8f8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          086372af9d6e216036f817cc6bb0b8ec

          SHA1

          1f6be1043e82bd015519e715237a198a7b36cf5a

          SHA256

          a368f1744e57f5d255f9e42ad66cc9b3fa19aedba8ea62648a3972daa9160bdb

          SHA512

          a8b75c4d2442189e3e0376590dfbda980ac3808b8c5c7a28f06b4fcb8a4e794a367f35619bd12cd94fceacfe37b385de7b58ec5d6bc0ef0f3c550a01a3387bc3

        • C:\Users\Admin\AppData\Local\Temp\Cab42ED.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar43FD.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b