Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    10-05-2024 00:13

General

  • Target

    2c62c0af5d15d4517151fc4e1ed9470b_JaffaCakes118.html

  • Size

    13KB

  • MD5

    2c62c0af5d15d4517151fc4e1ed9470b

  • SHA1

    a8000a644f621ffce5a87cce1cbdebcaf601e703

  • SHA256

    a7c7ba200777ecd984283a4148db4666b9ff3209e8e3c0609f49a35334227335

  • SHA512

    581ea6d3c66a075bb36b2d1e6fc384a5773bbdc3a27511cefe1b9dc1a352f6bb0451c9bab9841ea6388bc99177435e56e4b91e16e389c1a23aa5b6972c3e8c07

  • SSDEEP

    384:Cyiv3Yh1U/1zOPQFAi7ny1whavMZg23AAQEEoYmGyxH:Cyiv3Yhe1SPQFAi7nI0avMZBfEoY9IH

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2c62c0af5d15d4517151fc4e1ed9470b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2916
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2916 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2716

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0e93f2820a0bd7306f40464c05b9462d

    SHA1

    95c3f5c9dc25636e549bd89a17b29bcb06d4a894

    SHA256

    ee659ebfab4655fb993124582d3db93e8c7204a68888d7110ecd44081d599073

    SHA512

    2bd23327af5d9542a2f9037c6da01fd8995bc25f09b774e900d292055ea6e41c7353b28e077080aceb5705b03c16d891d4696d21b4aeaaffe5221e5880f8740f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6ad181670a4ff258d2bcd2e95ffde269

    SHA1

    2338ba0f918223c8bf700bf729c77988096bd85d

    SHA256

    26f12a346009b452d33b27c5976e24257e4a5166d8bb3c6bee895e066d6f160e

    SHA512

    6c208ed6dc601514146aa550edc69acf0dd6f6412826689b701cb83c604070adb532e6a787bf95ff144e6eb55a265e1ab4e34975175705ce1252ff9a469576d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ebb7d11b2200629082ad91af686de01f

    SHA1

    01e685449bb4f0091bb33b697d045bb073fbff8a

    SHA256

    b64135fa8dba2e2b757ad6333124093173dc112364afe47c31f1cbf871f73864

    SHA512

    f858afc08be77dee1bc12cb1fa096cb63f6717adf2abcacaae25a55716ac44438bd353d93c6b61960b9db46a9b477112f1abfc039d64ffa65e5b4ec31b754fb0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ec6aee84976aeea692607da473e7d1dc

    SHA1

    9d6f4217cfe0f720bd8c2ed7cc59bda39cbdc67d

    SHA256

    96a8ee3f207192af42b1e30ba51214919e25cee37edd63f10b49c43b4e4a2f6d

    SHA512

    340629406ffd78f1cbcc0b5720c5ab002e765aad04b3d4653c0626493dda93dfc190bd9c34296489e7ad1c2ec5e48e50fc78824727c8f386df9ca672188cc20c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    044fb3bfbbcd94a7f4918f4cff0e36bd

    SHA1

    5d3094e179bcbe7303c2c30dd216f1e2fa7e5b59

    SHA256

    75cdfe0f9bc77f4d6a0711cb263e6d00c9024f797a70071d801c7d629bd6cc6b

    SHA512

    7d73b29a6d7b802d8881694b279e75bfaeb8c4f5639e5bb53e8c2056796dc4c50f32ca1216780f4401581975a6bff2eaf8b09bef64f739e94a102d72e38869cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f66fbb48bdd197b1f7598029097ba9d4

    SHA1

    3198b8e79d61fdb5d9ea9706808354c7cc1ce687

    SHA256

    6944940bfa83e2d7e930b7b0687ac424c0736f16c26ee2d23bfd39c6e0e8b146

    SHA512

    2a36be608c0266b096eae4812fcb5112416e5a3863a2e31d8eb6831b3a0fc40952c422bfc68bccbc29a044905867fad523a5d51d2cf008084dba9b4bc1082cab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    326171a626a71b7029fd49b7d5eb5d83

    SHA1

    69d7fe3452fc97939f65db2a2fd20d74fb3ea95e

    SHA256

    c9c35fe86e6ed309c839c718abfceefc3b5591309334714862d151cea5efca1b

    SHA512

    fed28563da3bbad06139cf00ed82ad4123d988c677ca2b11a378c18c84b34306da26d5d87f7a73765e998ce47ebbef29af70e2a786e8f602a91b29a100f20932

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    cf0592aab22e90ac5a86f40ab8f545fc

    SHA1

    dee7363a31968de6c3453d9802a641554ed3840c

    SHA256

    8f9b733689181d816aeb77a47cde14d29bdf1f3de12fea3cf3482dae8e4e523b

    SHA512

    064d3e40c6c3975eb2cf8723bb6e3b11ae083fa66c735d8284c48a8cae5ff7677a44e40093bca12498b8cac5ce0945b518484f6c0c70404fecf70dc1a1b06c38

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    25477d08779e1ba6bfba4170c599cc35

    SHA1

    6898b19095e9d17b35db13dc41205f11ee228377

    SHA256

    9152ffcb7d3043c03f651f056112bd49f101cdc8d5326bcdc06578bf0914d866

    SHA512

    5f003da6a7a96b1fa5559ac2481138506e7c7b30b30b87a860e4ba159adfa72ef42fb558dfdb54b05d2351b9c3d92dab13d45b77caae5f83180dfe4fd1f9d02a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ede7b8789f9bd47379e9502595299016

    SHA1

    bd654319d260956d2a37dc2b373ce444de60e0ef

    SHA256

    41b8db149355c5031a508a8492ce24d66bc9578a65c59f24c9dfcd2f3d075f63

    SHA512

    fe900d8514f7218735bf8cdf8a45f2290c5753edbc9b2b03ee67809213ae60d48453d342ccb823521641bcddb195e85cff0f8406e56a80f7aee9402f0e023b1a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5ee112c9004dfd2f44d5873ad913c429

    SHA1

    768c25939ac2625c27aa9df3f4a383181c293aad

    SHA256

    319bf0099a0a989bab41d52b6824f0df341ec91b8138a78b11b84420b9717db1

    SHA512

    57dbd824b80fe17e987f9f934d565496b051901a6276d86e1ec1bda34be68a0056fba2ee04757f63e0b12c14ce4160fa594e01c975427b538fbad3bd7925092d

  • C:\Users\Admin\AppData\Local\Temp\Cab4425.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar487B.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a