Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 22:06

General

  • Target

    a29dd97770e7ed2c14368b8707a045e5_JaffaCakes118.html

  • Size

    23KB

  • MD5

    a29dd97770e7ed2c14368b8707a045e5

  • SHA1

    33e38daa3fdb20c29403943d0548eddc75fce996

  • SHA256

    4434761a2986ff006b4263ae88744443084e9768d8d0396be4aae8335d6a031c

  • SHA512

    691650b8670866bf22622b6bb30e17fcb91413430d47edfc4f0bbde601624936f8d5cba305c6e361c20f081c3b8e626c08b85345f914acf8c6cf84f7258ab250

  • SSDEEP

    192:uWPIb5nbGnQjxn5Q/qnQie5NnOnQOkEntSwnQTbnxnQTCnQtdwMBZqnYnQ7tn4YS:+Q/6bL

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a29dd97770e7ed2c14368b8707a045e5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2844
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2844 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2988

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    669c2558b83cdc533f59fc94fd4ee059

    SHA1

    37af0cfed94491ec9b5d62cd9e2a55d61591a9a0

    SHA256

    c139073186504ade9f4edd086df6a929d6f939819a4ae33f396eb077f4db2d65

    SHA512

    e5f0c060636b9508438840093dc612923fad16986796a83d5cd7a954f6f0a6befc1533ab988132ad625b97233eb0e5c8846782ea69aab12976b64a3ed63f7cee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6526805da7513ccc170051548fe43275

    SHA1

    4e6e9a9e9d7e4a3d7a1c47b8d6a315a0ef1e69f4

    SHA256

    8fdde4b7ba54c09deb1b8502ad9ca82c62102e7353d02f6e2db5b8d03687dfd0

    SHA512

    316eb89dfe288c4c15d416c0ee6dabe213e6164f8837903c7cdd94e8970937e29c2682c626efe654359d0a79e2f81f5edfc26772e491ed2ab86b7c9705289dec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    da91f88c17a0d9db88bc2e079c3b4b6a

    SHA1

    dec4757ebbc26534c9c48d59ede84220343f86bf

    SHA256

    e46897119d933b0e9376e50015e825928d74f2bc2eebb4f818eec9051f64c582

    SHA512

    14fd30767b3936685b276044180dfb202dbdcd6dd89b322c4f533a548795aa8e276869947fff4b49162c4786634d18f26c91edc653fa08986fc0977a441b928b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    517d0fe4f3996a6bf060c6ae404c1e71

    SHA1

    3d34bebee59c416003f50f1ce4ca248d0548b608

    SHA256

    4bf03ebdbfc5aa6066e232c146cc1f71a8def0f3b416ce70860f16367cf844ad

    SHA512

    62208073a4f36e8cb4d3c7c226808bb9c9e1e04d4b19c83f8a4bf3f7ea84bdfd1a25b4db6315177f73f5917ba183a7517edfa451cf0bab75caaa9ce7e0ff2f08

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2d9bce2c68deb2b2d9c13b0d2658a6e3

    SHA1

    52ccf214043fd2bf67f10018db026b60cd17c2f9

    SHA256

    00da5b6ce371a9172b6b96c6a9e34df85a8d51bfbca538d801a56d9187d68d3e

    SHA512

    624fb83baea38e3efab3d39d7e7ad18294f2fbe04a559a36d4af941eaa6085372099d89a56a4586f3b377c7cd05ba930c1a0bebc4ae0d753360b43e4be002a7b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ea38ef49a38dff0b089823d9d9e441c5

    SHA1

    940ba7260890bbca3200579e94243c86e3596c4b

    SHA256

    f02e82f5303305fb584a1e96cbfdf686fcb41b64e5f38ebe1325e44c3582cc0d

    SHA512

    534c9be0854047c8cf770e26269ad22579ffc34d3073dd38e0a082b24449be6de2ef127c0952cc61f91d9f41434cb8953673cae354606d7a4ee67e99d48a65a3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7d03ef7f53492a7a1a9c1e11313b8ce3

    SHA1

    2c1c9e25e86dd5e49f2d20a69b54503fc1e3b620

    SHA256

    30e469251e027c98f2c1da94f1533d2a947cc44eb831ab5f4f3182b36169cb7f

    SHA512

    c2094404ab2cd04e0a7eb74bcf7cb3f911084a263a46aa339c4fabbcf8fe6e6c2eeb13686485a157973520457a3b168294bb019273f3299a2b15188662ee7d43

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7f0c10ce91ebe4ac9a872f520e7720b6

    SHA1

    1e1f8d07bbb4655a9df61b5d82e4361cb5506fe2

    SHA256

    9e24e637174faeb3d69a98efb419a3b37581ef5419c84a1509d2fadd2a7f5c18

    SHA512

    5bfee874b7e59eff468a8013ee36435559655474c87ad369751bb972c78335abe9ef37d6754739451674bd03a1c0da8eea64acf0b7292dde7e5491815249d9ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b806cbb6ca47a695e83d3ee60bbb1507

    SHA1

    9dab621795675a3b61d14dc8bc2f85460d357944

    SHA256

    187515474ceaa1e2b82a78967f3169dae34fb7f29087393f75fa2a4f8bde8881

    SHA512

    db604cfb77fc622bb3a11ddbd01e18a8b7b093599ef8b7fe5f7ae4068e6029423fe467ac1fa9f0d746e207362c7ec68a9653ebe324554d490ae35fad957a8b65

  • C:\Users\Admin\AppData\Local\Temp\Cab1823.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar18C3.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b