Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 22:07

General

  • Target

    a29e6a647b2d670075d21314ac33dc32_JaffaCakes118.html

  • Size

    27KB

  • MD5

    a29e6a647b2d670075d21314ac33dc32

  • SHA1

    06fd23f0b22459546e5d2fd6386ca9964f24c3c2

  • SHA256

    1c57226808d3fdbe5d566fec9a3c1285e17a1edfcb89303f66ba6499dfb5ed07

  • SHA512

    c9b43be382b8d84f79aa26ef0d150e953d7c75d93de442422a4842cd91eb45f63c8643d8b11aa4722af04385a9777add86d27abd99eefeec8788a1d76cdc33cc

  • SSDEEP

    192:uw7sb5n1tInQjxn5Q/knQie3Nn2hynQOkEntkWnQTbnFnQ9ePsam6lHhDQl7MBXE:4VQ/ghWqllhaStWX

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a29e6a647b2d670075d21314ac33dc32_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2160
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2160 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2956

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0b9972bc0ce4a626281f30faa8128e65

    SHA1

    717f499d702c3ac2c96f5c2cbad31cb80b0ee60e

    SHA256

    c41ad7e91463312d92b951e46021276d655000431a1d276e451f99706908e55c

    SHA512

    f4f4939ea251fd3c1d3020e0fb2e04930f3dd796d417bea00b717d461e334af4d5071406551ebe7edb21762831891cadf905dc1cf746d76e853ba07e1d2dd207

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    075158b842e072d34695f73786a216d4

    SHA1

    abd21d759aa0c3be97bdd0cce88f0f84f2b458b8

    SHA256

    f6aca796e04b93df4c01d8bf650548e264b8f02f0f0d91c504f5f3814c002402

    SHA512

    ca3c4b5839cd0deb73d703d5259c3867465dac1e6899f46e17929c706c19a1d130e70b962f95cde34d4f38cbddbb447dc35ba1760acd2454e0b92a488054f237

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5db88c17debe61ceb2d64500ebd1173f

    SHA1

    ab319c976976b1377289f862103240ad9ff06f44

    SHA256

    d1f2cbac6d06909cd734d93dca0445f6c68a46c837d5ae1eb8870bd5e6c50f02

    SHA512

    48868d65f893e3f9a583cf2390002d398a7f734cdc07f2d8eb41d479ca0e7ae3a2ef279fe151c7abd499cce4298652e5efae6caa901dfb862c5cb4ffbb176fa9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4c1d43d8b5f7caf5cc36e9a8b38180ed

    SHA1

    94fcc5e32b0745e363741fec2eefe84673f1b932

    SHA256

    220e9e7aa4d41fa711c0b0c2f0654589458b8fa7fb789e1fa4b3633bac0a90e0

    SHA512

    eb6ad247541239be54ab4a24ce1df3c06a1d6c0a93dfb729fb7905e2699c01d3805cd2634c488a1ace70e034d08ba8c99ce03eb4ca1447b6f85dac45627c88b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    47b9d636ba8021495ab547cf10b67bd4

    SHA1

    38685c24ef71af74f1ccc2b79fd546fa4acf46f9

    SHA256

    26dca610bd4473f75040d5dfce59d44b183034f2177f66ac1646a3f575da22cc

    SHA512

    b3a33ad538f23247b8a98a73bc53fe84eb421cebe0a64539b29f43ec8f2926a7021b445941d0cf3bbda695f18b8c0654c7dbf34a6d2ecdce56a0eb92f69dc234

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5cf517d6dd8f5524705ad7bc48abb88b

    SHA1

    6f367bb442cd4f469a2f0cf654438fe71190dd91

    SHA256

    0fa4779ec0f1844dc958a3e8c4ebd78ddf233a79ed3a69aed16f6e04e45ab0d8

    SHA512

    1999fa7fe855e10e02a4d560e2b959bcd1b462565c2aa8afcf1f7d5535e8b4257d03c5183330168cd627a9d6f323d9a7439594c5d16c4a4d66fd2ac0d98a9797

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    75c9f6ce07952160b39e3c1fb70f6435

    SHA1

    d86908cf6062365f439fa8e3e4a58bb36ef9614e

    SHA256

    7c2b4d59ef2085133664ca484d63796bee9d9e74d450e9dbaf86f9f3f971ff33

    SHA512

    fa91baa115b87a8da678c5c338db9929599ff42ff22fe328fcf5a87913ec1503003b9f7c0ab6940b8086508fbf0d452205e9cab9bdfeb44bb5eaf3e214e4952f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    47b1b4b4a039ee506b070a89596005aa

    SHA1

    5832db4019bf74ff8014831140e543790365959d

    SHA256

    d2232cefa5b193e171e0d1730aca0c9ada65c8c13829ebb9fded12265f8a242c

    SHA512

    49ee88a6c4162a0b52b6aea3000270ed8c2d749182beb9ebf2a9dd312d36934acb23c8fd9b2a89c6261cd4ecca7473a5abe30ddcdfb689daec2957eccd3452d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    962b8fdbb190be506e1ad81edbadb33b

    SHA1

    e2c235654b5ca5d115b47290b344ed88ac7500aa

    SHA256

    b4f96b584bdb714f8ce50a0960a367bdd6a70aec5a072daebf9740a22837e814

    SHA512

    d24c69c911d6b7f3e57466e93ad208a606dc937584720dc0ebe59fdc9f3ac736f88d5fe6024e25093dd5b153931c4946c776966f3e04d455057b7ec647ca6694

  • C:\Users\Admin\AppData\Local\Temp\CabDD8.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarEC9.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b