Analysis

  • max time kernel
    150s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 23:02

General

  • Target

    a2d55729ed59a5cd39cc4927899d0589_JaffaCakes118.html

  • Size

    27KB

  • MD5

    a2d55729ed59a5cd39cc4927899d0589

  • SHA1

    e15694f2fa5e1131e0ed3f658ad86e994e7111b9

  • SHA256

    440844019270c71ab27a2984296f7b3271d60f53a7ff181dd5a3288c42b32b09

  • SHA512

    8d7184370b066ab511706a8e5aa3ad6113423ec67abb9da0bfeb4ea87c248685ca18d94cc733c2d0e27c002ffa98423f9f8924935e08aee2c2fce9c3fca63f65

  • SSDEEP

    768:mvlIYbYu9ETtT/+t+a/U4t+pXn4u3rc3Db5s8B0GNGIH9n0XI5eADgk5DsY6or4d:mvlIYbYu9ETtT/+t+a/U4t+pXn4u3rcg

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a2d55729ed59a5cd39cc4927899d0589_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2944
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2944 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2620

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    340649d04248204b68b42034a60d2999

    SHA1

    4c8dd471ba3836d42c0f67e7b38670ef468e26ce

    SHA256

    22662c98b15ad10aff9b36bcdd8bc90f50cb2a254cff45950a97365b88b52b5e

    SHA512

    6f0033c37367d5826148075363a9b77a4becf4023cd218f2dff4d5e27850465b2a9f05406a804d48d54b46e87928c43e2ad0a3f4e228e33dbf95ed15505108c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8e2ec0b61a1089e54c54d21a0a037075

    SHA1

    bb17b24b4c1b20cae3981c2ea74332eeeaec467c

    SHA256

    dbb53ec1d01d6d72ee8b174246cb8a7c436f27750056a8c626edf9bcfdd88c12

    SHA512

    2c168c0b7837259e0acc8657b69eea33845b526037da2eb0e19d8fb5666923671628d162414204fd68924a7976d58c1b5369b5de8e393401825e01c130672745

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c5ecb16b11ccf98fca2f2abe95aa14ab

    SHA1

    d04dc43e758c63ebd40fb43b7cf6ac3b27fb0e28

    SHA256

    a8b61c516fdde47709454a231275322d82f2f176f681715168efb878b43994b6

    SHA512

    ba7548c58d63c66c3360e5de5d0a6dfb4c5dec07bf78a8637a877585a4e67519321e4b0437fe595b186d97c67a7c6d3af8c4c3d00a1c927f45bab7585dccb5cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3ae853cebfe06edb4ef328d0ba998cd3

    SHA1

    773faf1ac41c41fbfd011d8a01bd08f6678da8c5

    SHA256

    afda7f99b2f258054f83f6eed8fff763b40fbd442eb67a93397028892a962d72

    SHA512

    d22d094c743aab3df50ceccb46ad19f0c0863a55352848b583254f5b9104a0195df1767a557e52675f9aca9c758ff0432bc4fc5f68722b023cbcdad27241d485

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aa429edbae2601da6661b93027df77f5

    SHA1

    ae23c11b5fa69c3b72d186b15e5c0a2de8bab2d3

    SHA256

    f5005f17d7f0fec93d584a149e94b14a1a4b284e9fe94f8de80b01c6f87f3506

    SHA512

    774fc91aa160acb875ce65f2a1f1b68729ab76c2c98f0d808acc94476485bcc100ea56d2537032606a31b9f19ca6218def3175b2ba97201b3c896325108a98dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    87e266447c1be00438ebb105c0ee337b

    SHA1

    255e2df729709dca310dc1c85fa3d8f72b97141f

    SHA256

    640d4c0df1cc6ef2e0ad2a70a9c2385652ca29692856af36ba23deb7a1388eb7

    SHA512

    4e6c8ad4fea085ea1427b1182877d6ebff026fe8295540d5656f023b5a2b82faaa7e5b7d7bc172f38a461eac4913a426c6aeb0197d29e3d9551f886089a34229

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ae0b681d97c70eb1efa1d22cfe77e639

    SHA1

    11b46698e2e144cba9c3d15027682fdcecd71e3d

    SHA256

    c975ce09c47ce3623f1b30bc467ce6c976add70fff9c629af8c96d3371287ccf

    SHA512

    908135bfa9bb2f4026a73a4a3db41418ef8b5ff96f909f3b4628637d2f12259f68ffa9798414ab1e55c43d9fc02712fc4362621fee2f0d58306cb98442b1848b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b26c17ffb258223c057d99f5dc34360a

    SHA1

    031572a2fb5776d0ee8b57c43c0236647c4bd7e1

    SHA256

    f0f1c4effc9ad1823ce5659b4ff24f0bf5619c6f2f47f67e0e29173abaf9905e

    SHA512

    5586db43dea455b27b53d043dbefefecbeea8722dd1cf80979b1ff87d4c7c2c17c76d26ac63cd8723bc773f431f293ded9a2f83eb211bcc81dd638e84ee40fdc

  • C:\Users\Admin\AppData\Local\Temp\Cab673C.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar67EC.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b