Analysis

  • max time kernel
    122s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 22:05

General

  • Target

    a29cd006211c385cd967714d0b9942e6_JaffaCakes118.html

  • Size

    1KB

  • MD5

    a29cd006211c385cd967714d0b9942e6

  • SHA1

    1537add29c7a0d27e8079ca5825114b950aec2b3

  • SHA256

    8f1435593db4087fcd6855b7b0188bb0e28ae1ec7635bd7f00174b721ea46479

  • SHA512

    919069b8632c6d78d4196b87984b8724a95aaca8682f5cebc6f6fdbe92d17ac24aa54c8c275c8b8893a99b47e3db574155d9e637d52fc98b952ca020ab0ad2e9

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a29cd006211c385cd967714d0b9942e6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1168
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1168 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3060

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    003f0a3c9acf7efc38850b23ef0b7e00

    SHA1

    9943ac73aea2750b9b225a8a30d4c986c6fe6009

    SHA256

    8f7aceee271f5501a65a49ecc6ca0d475647557b28691c35664fc64275d5f795

    SHA512

    3076245a8aef6761f4ad3d640f5b48193914f083cfd27b6c975f646cd2685a82171d86196f9aba2b640b28b8f447393512102bd0802e8814bd953eb7356d9f7a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6c9f7cb030621e569ec1e9af6df27cbe

    SHA1

    eb0fdaf8e86f3c0c61c4bb32bee5e982d6f6cb56

    SHA256

    00d7aece78dbef9d043a48b782de60442a910269747f56786a51bd24fb5cfab8

    SHA512

    1a653dda66bf183cd08126ed203c237e23c96f157c2eb59e0ceaff31705a87a1d967a4c515ad7debc0b55e3ec57528e855b1494f789155ffea8a9d7ddde163c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ebf8fdcc279edc8c5bfa7da532d149d1

    SHA1

    8ddbf06097d8dacba5b5be5948743890f5aa071b

    SHA256

    8ee0c2d14e9bf97e242598f486612ea099a00c8efe5438dd4021ced3c993a4db

    SHA512

    5404bb4883897b2b8e3f8b97516383464791e5bd31e47461df8dafd44f6092e3189af68662f56e6b017f78df8d68c6da1f0ccdf0283a9f421d1aa07124354f29

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f04c4530bde2f63c3844db071a3971b1

    SHA1

    185abfb3b0b9525cf86f0151ac358b9728405820

    SHA256

    847ec18335d1968930e5d0f87e307c00fa399ce3512ac888a9da53f18a25fd55

    SHA512

    0c7a2bbae13423ec3b8f930348f69614a0de6a06f5593e6e5283e81056169e29b973ffb75e59f0ce5761c8de04d8a992cc90ca123daf53c9da972a91a0b05e39

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    226af43bd298622a7a6ce154cb5dacd5

    SHA1

    814e84e69a067b1893fe73934560f1780c84b07c

    SHA256

    b3b8ce265fe6d2a7fe1f5f65ccbe32290cf29dcf1e823c093855b80e0898a06c

    SHA512

    2360de1217316172c9ebb5523a19f98ef1aa411f476094aeed63ad251c00ae94bb350551858e51d8454e46e52b9c6399d5f2848eb2c708b9d4abf2e190ee4c9d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eb98713330dfe6e82a187c447a392054

    SHA1

    207f44df93404e72f3896d8892088fe7c6d45517

    SHA256

    fb07bfdd7ab0adf290fa6280dbefc07cae631baac695beda1c547cda64075dee

    SHA512

    0a67f1b32826c0bfda61c19110740f7f1d4df09456498e99fc6e18b6126a6320821c2758454305c04501e4f0c8a78bce590b167a1b683a7c1ac07bc6a5309008

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9bed87fb58b418b254f9b307ae8183fd

    SHA1

    deac3b7abb8ee079295b489dcf1a0b5c90f8d122

    SHA256

    5d2a8a0cd1b8682dbb23fc6c54739fd824da8ccf1aa9181bd1b5dd87784cc051

    SHA512

    4b66885a6bdb5337233a2c83885ae417ce720c009b2e80bccffd1ea0b9829d6cbe077a32d36ede3496329a27205186176696ec8381c7851a878f216a406b5d44

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    149cefc6c11ca316092622dcda680c5a

    SHA1

    bb4d52b4efb7b1d4ce5d22bcf0658a4b2e5389c6

    SHA256

    d05aea8fc405f4507926ee49c38a444efac93c6c2c2970b530ba1c292ded0060

    SHA512

    07c69a49899e9442215d747ca524d13593bbb3bd99c7fb3094ad5053ebd13a0ab26e054408508d1c2f4c6d164764e37202cc286c27fd419b077e6942d5adf5cc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ddea0309185c6bc5485c5daf372dc4dd

    SHA1

    62c290ad39e4e1a64fbbed12c8489db88d32e33a

    SHA256

    8d5b4c15020e2802fe18d557436e5d5ac604a505fc535050f88d645c178ca7ca

    SHA512

    f74e9cb0c7697a893df7b230561dbeee6dcb717e9cfd43be236d9e0ce616dbd8cea8dcdbb6967a648a1495c111ff75db224dae4b00de2fcb1257847804376809

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6445ee1f440af1b7a6bd3faf6887385c

    SHA1

    3b5037b9d7e7e9ab95bedfb29bdd95c374da32e8

    SHA256

    2e0990574529954f4a13d2cc50d781cac0b84440dd741eefa1c92f5f9085cc54

    SHA512

    48f71c9eb98d17d8f1e9cdfd33b78bc848cfacecb554980913b1df297e22419ef3071dd34a4ff43754f8d50da6f34010da08faff30e3c859787abacdfed5667d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c0b918f8d27e911210178c3ef9cd278d

    SHA1

    390619e037e142d376899fd917992a2c246573c0

    SHA256

    b25538e1ab96fff9e2cef5a03321eb5cd3b7ed6a03f0ac2f081afbd16a029dca

    SHA512

    772ae1a9c29e8db01e24701aa6c93020e9f2084ff3fd9c15a08ee45fec1a443bbac0274828db6fa6f8ef33cdf5ff06ebd7c834add0c25e993c81d4d041918775

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b2d502fac5afd19cb8123ce31a90f4e4

    SHA1

    5337f8d120407d692ccc93eb1de46fac17d502ff

    SHA256

    33175e100a1b5e511228cdfccc4f87b54e92c8772f837a80a09e48a7297df14d

    SHA512

    b9fa3dfb5ead90892fb5693588716cfbf8850f9f1306b637c4998561d9e2aaaceadcb34d1e3bd02e30226d3f6943ba1ad63ac6183d3074eeba96d9bdc7122c9a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ebeb627318fae9d75220071f6f982eb0

    SHA1

    157e092c0529ad8b0d5007dd75e3f0a4bedb79c7

    SHA256

    160ff09e8e2a98b7b5f57872a42e3cd70021bfe36fe03e628b53dd65de18389e

    SHA512

    2523d56fdf6d51f24c032f2e091eb416e4adf77d6aa27e00893f45bb795ace5dd6eaba050e716b5b97da08d875476b0ce7b9715c28674323771a6ed542331c9f

  • C:\Users\Admin\AppData\Local\Temp\CabBE03.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarBEFF.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b