Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14/06/2024, 01:02

General

  • Target

    a77144461206357dd838f5236dfd78c4_JaffaCakes118.html

  • Size

    461KB

  • MD5

    a77144461206357dd838f5236dfd78c4

  • SHA1

    64e318afa16aadf337569f45015112fd4ee862cf

  • SHA256

    ea9a9a00ea9e75d6aac4abfd128d83311e04e2f96e8324286d42e1560fee5890

  • SHA512

    74aef9480b5370524be81284c4493f0ba6efb31d06ab443cd80b9e4b33d0f5affc9e436eba169269cac86aa1a2c3a3daba62f755ce691d582fe259a08b7c9504

  • SSDEEP

    6144:SksMYod+X3oI+YJsMYod+X3oI+Y3sMYod+X3oI+YLsMYod+X3oI+YQ:b5d+X3n5d+X3F5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a77144461206357dd838f5236dfd78c4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2236
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2236 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3044

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bb964bac298d0a257791408fcf9cc7ea

          SHA1

          161caacd806af90057c7c265640ea6b63f60fe95

          SHA256

          7ef31f89fd64218588851762b18fcef31d62015f0fbfcd237e4f858117d613fd

          SHA512

          c26e42b8be43038df049595720b5cd760eca311dae583a4c9242ea75a45805f2097f129981bda33105dc791028634cc2c4860079c8968df4f33dd299c7ad4207

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0feaa11c4fa22d6cb905fae3b0128d2e

          SHA1

          3a7f953ce10724e611eecd1978bce8d12f6fa18c

          SHA256

          024dd8547dabe86cc93ffe74bc8dd28283bfb88aec070f973a4db8bd7e26a789

          SHA512

          88871b0f47ea272cd4b2198b4972d77bacc0993f2edf3ae6b4fe6e7941e05e14c6b18ad9f0e89ebb8848730de2f0754cae86535dc1c89039609979ba5588318f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a2ecf6105f971090faea10c9cd3fcdf6

          SHA1

          09980981344eaee992d67b28c650918690732003

          SHA256

          27fdbe82b275673895d0c96ec980d2cac1605176bcebabde32c6720b35bc13c5

          SHA512

          dbeab05f903f8c36454736085bcf65768c173bbf0d849d82de68108562b562f6e3a027264b520a6a351e7b20b3f7178c52eb855ff68abef2bf060ac82c20a018

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          839765909b9ad0cb99d2ba57197de662

          SHA1

          970030e7163ff545c83e6841faeb6e24e6878508

          SHA256

          388245b7d93462640f86942a26ee271827901c1d57b5661de01c4e0eefc20179

          SHA512

          557f53714bae6e398f1deb0ff646a7ca78e7547a286affbf6ca47e6f916e17c1a708c3c454b8f9c9cc91bae8d71e61ed49560ee1eead8a29f28cbdab8a923261

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2d0f634a2caefb85c267ec2a618ec358

          SHA1

          515fae234b2692aa01c60079c107451fd3ea3147

          SHA256

          9b24d83e31e16e0ae6e7dfd6651834356877332e11c14366415ddac65707949e

          SHA512

          e2314866e949207d444195d2b129233538a1aa6013e9fd7714421145798127f7caaaf47f3390a0c044490e544ff9f1bc78bdf5993e2c063f123f3f70c5e69959

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5a2be07a2f71cf637da9f361f29ab37f

          SHA1

          a6a47b8a9bbd0bba0a6df5a8bce2cc1eab9c59cc

          SHA256

          9654a195de5049eb1896e493334617c44bac7114f46090aa1331eb9956d8805a

          SHA512

          9545ee738560b5864932f7184c912e5a7bf4a60963d2bec95979bc22556047966e57543a3d62e444f04bfd9639359f6c3b6926c3a530d48e52053938621d30b5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          06e4605355ae66d45d869076b49b2335

          SHA1

          3107102e154e945cd50010274e0928892327ed19

          SHA256

          07fda7c4fa1a1d7eab4647daf2a0cdd828ee5aaae138f6df722c70977ffb16fc

          SHA512

          8b2f8ec386c8e26b4b5d5d2fc876191c325a0c874cb971973cdbd60574fb9da97ff9f1872b82bbc631a60a3cc4202ded451ba8d233d45f545176f7971e881f58

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          338c4a6b6664b9ebe2aaf100d061d588

          SHA1

          1c3a5c503248560b7cc883fd9c1c9c0a115d9121

          SHA256

          cd2563a60cac3d07141cff85e743df9b963bcd40113b34c538707e477ee4da1e

          SHA512

          cdbfb542fcd6f14f07ad9956ab521f38902cec0911c719325a9ec11de58825fde36844bbf79bff5e2fce458a11af1a410805d02d032bfb5007a3df42b7819f77

        • C:\Users\Admin\AppData\Local\Temp\Cab6154.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Cab6231.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar6265.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b