Analysis

  • max time kernel
    136s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 22:06

General

  • Target

    a29e3924d5678922d73022da25fc3449_JaffaCakes118.html

  • Size

    139KB

  • MD5

    a29e3924d5678922d73022da25fc3449

  • SHA1

    3927065eadf363981b8998166557a95dd3006d65

  • SHA256

    5dc1e0e09623fc6578280b847850ae9aac1164e7399d49d847121a376905f669

  • SHA512

    91a716a9fab8b125d1584e7fad5603bac0a26db55634d7c97316a8b8a23ee141bf0a1245dbd70b571638c60ada52872c28458037780daf47cea36de72e86d4c2

  • SSDEEP

    1536:SeDttYD7TYvl75CKCyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3p:SeDVzAyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a29e3924d5678922d73022da25fc3449_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2248
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2248 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2916

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c62a1436324d7ce863213977ba72fd96

    SHA1

    8a6e82cf43d4e9cb18336b1a3befc463e9b62886

    SHA256

    887684df4723fb1296a6fe4323f71f5138d72c249aa47e0d221ed2640926e631

    SHA512

    f4dde65f89e5c8e819e7b476282229b144444bad97e1745cd80685dcecf521c1cc49aae6c967099dac1494c60b0f06165653dcf11d9881bb1d9a60a478acd8b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fdc75bd2d80848c888b6eb47cff8fd02

    SHA1

    782195a036ac89cf7db27de06a15e9d9c9abf962

    SHA256

    5971a21eb2b732ca0f4abde2dc3da59a6acfb3e9e3b1d31a9bdd07e3db8d1541

    SHA512

    f600dc69058be5fda6ba93f5a2eedbd574c574fbe6061ea8706df2f58d9a36c27d14c7b136be8244ca82f6504e48e40f00941f049bd2fefd6ce353d5e5ad7820

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ef4780a62a542eeb3bfe5b7a18c9f23f

    SHA1

    48d8609c90bd5965b6ef7bd46c75d858d50a42fd

    SHA256

    e0607d2ea0c450c628138332168f5b95124433ba838c85f6a82e5dd417457c7f

    SHA512

    b456a460d706e411d5f527dd3370268a698dbee9298b1a29006b0e1121d779aec28bba42c3f6a211c3ddc7c8bc793f1a3b312b62a6a290b0472a09856fb50666

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c147be98f470d5118beec49e9ac9b42b

    SHA1

    bd96ec622ce9cfa4dd1e095aef660f62102c1122

    SHA256

    a7de9fb67782aa15827b6ba772fa6abb974876f0256c4066d53ae8b872bf9ecc

    SHA512

    0dca968659099cace5ba4097ed7c40418ed0090594c8c177bd7eed96e29b3c440e04ecce5fc086e2cbc3ec264aac7fd3b62c03283aa29450643721aae38e4fa7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    20ff61083c47d44182535cd7023c7f2f

    SHA1

    001d825ed51719a35e880a7ea79719753f89c65f

    SHA256

    618c4dfc937db0e87ca3dc58b53d0cece11540f3444b97e9c81e6f1772401b30

    SHA512

    9568027e3f906520eca4a15245b4579f1dec32fa0115ba787c1696166d6b04b3db7485778a47961ddb8f86f0c08c016f37d2ad64b572ab944119ffda17df378d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a247458801a3d70d576c68a85367c037

    SHA1

    fe8a42b2ab2765000b043a03fcc6f6fafc2410e8

    SHA256

    cc6c264585a4d620cc1fd43dc8265e2882e161f6e3754f703081ae1d47ee85ee

    SHA512

    3f17f55970d5c8a30f920e8446c8e300da3061a157a781cca8feaee6438e1a9a9ce0f737404bd733f99587933d7768c868aa0408fc09fd91c4f1345a221d3a3b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    98d2ef390543493d5cadae82ef4c7f21

    SHA1

    704d01c4ac0fd315a20c428c32e2ec0559a646e5

    SHA256

    fd45f17d4a1a0b14507ce7c02ec79f3fb6e07adbfef0a248717dc28e5308be8b

    SHA512

    a6155fc9c1973ccf2c4ec0c2fee54499c972f9d371a5118b7610f6234546c4e7ba9fca6a93e0e23dd431b01809a019d3e0513b650f52442d44654fead6222710

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    90c10ec95ba177f65478f58d55ddb5eb

    SHA1

    a6c8a51ec805cc85920091abed0332c6358222c2

    SHA256

    7bdd5c0f1bef0b2c998731a3e38fa3fb00b86cb75095f4f4da4cba20694a6c48

    SHA512

    2951c5f7d550b45f4df472765fd27b65448954107da92fca4213a986a8c7c38e4a2378fbf22bed7ff8eda160726d3cb02b3c9c3d12369337c8f23dca94865d23

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cab4213c80e369670ff60319027ca4df

    SHA1

    b935c82cf8cb97eaa59d41bdffbab6212b70ac8f

    SHA256

    764ade717173411ea8a115cf83da79baf44f39fa0b12177af1c531a4c6f2c607

    SHA512

    fd1e8b381d3f26a65e0e088db905f85b34a60fa74b50d5ae7818e99504b298e54b322f5b17d09659832357e9bf6b71e2f327c02681d548a9246ea26afe964099

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c625b608b33af6fd147d040597bb03b7

    SHA1

    f146912c83cf0a8d12d6fd1722b516591e6e2357

    SHA256

    03464c1fc117c020ff6051b5bc70cfa92884a8d8ad683b8f78ddac73e2f6c512

    SHA512

    ea3d85bdf8cdaf3c7afe0418cca0e6dbdfbb41675377cb6f0e64d304d06ec2ca7366541941a07deda12242f3c63e3789cdd5bc0f6e4b27215fb940935e6db148

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\ads[1].htm

    Filesize

    114B

    MD5

    e89f75f918dbdcee28604d4e09dd71d7

    SHA1

    f9d9055e9878723a12063b47d4a1a5f58c3eb1e9

    SHA256

    6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023

    SHA512

    8df0ab2e3679b64a6174deff4259ae5680f88e3ae307e0ea2dfff88ec4ba14f3477c9fe3a5aa5da3a8e857601170a5108ed75f6d6975958ac7a314e4a336aed0

  • C:\Users\Admin\AppData\Local\Temp\Cab1630.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar1BE3.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b