Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 22:07

General

  • Target

    a29e89bab3faf2b508e9352d0339d9cc_JaffaCakes118.html

  • Size

    33KB

  • MD5

    a29e89bab3faf2b508e9352d0339d9cc

  • SHA1

    4afba71242d768e2ee716d292e45b5dcdce9028b

  • SHA256

    c948fd302f4cc96a468ad2c58dde1c45dd9d1ee8cb03b75e261ae22ceda64673

  • SHA512

    bb3262aee93dd89df8b751ddea8f4465d0088a9f3f8d5715fe1d31c64b45b8cddb327cd68f0b06d474665fefb3c9b240b34330f2f52d57f3b51cdc9be7e3d49c

  • SSDEEP

    192:uW7Ub5ntqrnnQjxn5Q/t/nQiegNndnQOkEntnz/nQTbn5nQQXC6AFJ+vkWa8O4Sx:4Q/S/8mtzVnuM1XHO0M

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a29e89bab3faf2b508e9352d0339d9cc_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2340
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2340 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3036

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f06c4fb14823f6f97c5c2358353ba36

    SHA1

    1bd1484c3c5d6db5eb562be1ab8e5bfa562f02e5

    SHA256

    8842ac4ab2d5e8bf7b9bd6a8d03b98b8584562bd92c3a8373a22f5df82471147

    SHA512

    7901c9aabadd2ef4cd6951c72a6525252afb0221a96d359d15919c413ececbf8b63780f69b4718a9d75b115c43d0fd7a34bcead8042466c102960a076c6c9a94

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7fc231fa1e928937cebd499991cea987

    SHA1

    0442ec08abfef46eec50f39d12768ac8bf04b471

    SHA256

    d6b822afba1f728a0cc89820785f61885816c9e6dd96dea5a9f52413848ae68a

    SHA512

    1a768429e45ed943bd94c8db41e71b33328bdd798bcbdf293a7f30697178de62f15c5ceff3986d1c1ae0b29221a0942059fb05adabd0726028e42ae549c005ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fd1a9af431c3db68c60405cac1b9643d

    SHA1

    cb4475f69c1ab45f31f76783a6aacf764896558d

    SHA256

    135d2841af655b38d4f8a7702d5107e0ffed860b2fbecc167a8743a657c62d80

    SHA512

    6ed8a7c5a2d8e775ae37e45feae3d898c32f75219740275f1a00367771f51c5bf65deab7b9006898664d6e925301807995ea8fdc9823c09b888ee1cb60162356

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    86db7ed0adcc2009abd39927cebea956

    SHA1

    ae9341203e8216eda6396817d7002e5a3adbb299

    SHA256

    c97140e561afe0a173ff6eda0ddc12b5525daedb211db88a58990302b24a470d

    SHA512

    4bbe1c5cadef62510f2ac6a24909b807ac8505b8aa7bfb95b5d24ba9980b595c6e27d4a7e5a18fe9a2a0dbef69ece9912e16bde8ee150763d4277395a262e029

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    273bc562f3a26f5e693a4865f55ad6e0

    SHA1

    1b5f4fd0a13a6a4d44d1e0e17a06046303131138

    SHA256

    f6d68e1d84387b2510e1f0bf8d6938e1b4394be7ae8c997578c1cf2f7cee78b5

    SHA512

    6f7282365e65156d203cce39ab1adaa1bc3ae6cdf0ddfdbdc1890b6550368b3337c9436c630f6eb95ccf3bcf74fea4867ca457fc6c93e9536c66b765835007a4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1040ae71df4bf458a3bbf66cb56a692d

    SHA1

    e7f0ccfcde09318d8e90a7f4711f9dd7d2ba0d0b

    SHA256

    f29f81fd8ac22a88a0e8ecd5094d9ebda7b5c5113717f8187105a2e98b1cdcec

    SHA512

    48965f0abdd3e948cbaf7a2879e8daf38eb797a7898fa48793c68fc0a573f030476581c239f30d808df457272676e640649cfd926b8d41847d9c6a8fadefffa0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    95aefe63e2e9ffee2c472ee4f71e1c2d

    SHA1

    5dbeb40d76f680be77c7d614557daf183e28b292

    SHA256

    11b6ee0e61c13f3aa1ea2b70d08d8b65ab7ac9d9026832aa914e343af38944af

    SHA512

    ff9681dc7617e38a3fb1b9c18cfa3177569bba2263ebb730935faa329ea4bf8a6fbe04c354dfa90abeddc36e7f7c9309cb420cc02e3c137e7926725abbb07c18

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    df249aab473823fe41ec0c796f355d10

    SHA1

    8ae0c25f9430708d91fdda94b5c021caac002f54

    SHA256

    a910f0e227b8adce693da9e4094be1669e2e1483283f3574877baaa4a1f0e9cd

    SHA512

    e2bc45fcbf8ad84bd27791509679bb0eddc960b5b0d36d1786eb6e234be1e7e1868dc2b372fb98058c5e4b1a6d8b61ed8fff9388ebf882912671b5d28ebdd6e2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bb5be9ef712d93e15fc574ef1271a78a

    SHA1

    2fa18d0f8fef1db4489bf1bd1da84ec2377c8ff6

    SHA256

    fdb0ce717b999c38e19fd2d098b5c39cb2c3dd6588663ab05e65a65cc9f1f3a5

    SHA512

    4f9d815f343478febaca985f100f63fb06db2fbb4fccd8eadbca02de8fa392619b87be9ef870c790ccb57b910e6f5e51e94ab8b1dc035ad327d0fd2a2db0c214

  • C:\Users\Admin\AppData\Local\Temp\Cab16EA.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar17ED.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b