Analysis

  • max time kernel
    142s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 22:07

General

  • Target

    a29e9554ac3ff5130c00407eff983266_JaffaCakes118.html

  • Size

    468KB

  • MD5

    a29e9554ac3ff5130c00407eff983266

  • SHA1

    126733aa7b04d60afa685cdc0622e0cf10b3b116

  • SHA256

    f410e8c9249b01b7636bf8bc061099fb4e97f63889fa00433632018d8b98db02

  • SHA512

    3376d4a2e69997b91ad6edb0f47ed72648f917ce8e60369cef1a4d9e720f75cb5af66bf0f68af039a653214d548d0575daf6af3137f9173cae6dd775db81bb69

  • SSDEEP

    6144:SjjdsMYod+X3oI+Y6tvu6xAmzM86P5sZpMFzBtug4r1GcFBU/b:op5d+X3poCPuzmrugwG2qz

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a29e9554ac3ff5130c00407eff983266_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2116
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2116 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2796

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads