Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 23:02

General

  • Target

    a2d5663a968eeaa2d0ddc206d7b0a3c6_JaffaCakes118.html

  • Size

    27KB

  • MD5

    a2d5663a968eeaa2d0ddc206d7b0a3c6

  • SHA1

    3e51b07b0c4af440e9a2ccfa5fc5e78cf97a88da

  • SHA256

    33690cfbae3fce1725893425426f1d8afe65d8237c259090320863cdbfd01842

  • SHA512

    39b28d49c89f444fe7a93db5db88a130ec876426fb2850d5d782b33257f9a8d249ab25796ebc1bbc004f8e468efa3cbf11f8c9def6e06ba3847194619df3d0cd

  • SSDEEP

    192:uw38b5nqWnQjxn5Q/pnQieUNnfnQOkEnt7jnQTbnxnQ9eeAm6uJ8yQl7MB0qnYnt:/Q/ZL4U8FS2j

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a2d5663a968eeaa2d0ddc206d7b0a3c6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2860
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2860 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2564

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4a5340d6a0e86cb604fa2d54371810d5

    SHA1

    768519f922f5996e9b58a81d3d14602f90e7fa3e

    SHA256

    c562072dc5800a02c24eb3167443493f65c2de4fa089cc11f8d9d2a5e5f69879

    SHA512

    7884c82b8927a96a3b47ead9116f388c8f18f76cfb8ae33586735b740c8eb7ebb66125cf3029b3f1e4aa48b7a215bc20606b5249f72879ec12c7a8f7c54a4b4e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a751c60faccb3372c5f4316377913405

    SHA1

    1abd779ee2771535a7ed9296f0ed0b5b4c4218f7

    SHA256

    feb2ad95bd2630e92687c0938d70d5e051232cfee0752f5c471bf7daab93eebb

    SHA512

    c95af6994690c7a9db6d3a7f580200eb32d989372147ea99da8c56d11a11ab297c70939f7fb0be66f0754c78c26575aae336a04513095bce997d4069b2b1c9fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    748a552472f3da9353b02ed5031ee4de

    SHA1

    db33d583bd0b2dbc5d66e7c962574807df9dc552

    SHA256

    02045070f9e8ce5801ba6e6dd3e8c145b908c3ab99e7309c657b76419caec6ff

    SHA512

    c4f1d191f7164a046f1f43b91e1961e5ac34adb1d8b0d471d13914af609faa71f55fdb0f09166136700d2ab00f1e88d242ca07c0a3f42f54827ab019441df699

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6e475f1d6c6a2e0f422648b7fd7b9822

    SHA1

    9c4fa7587043f9ff8bff61edbe84311fd55b12df

    SHA256

    6929b42b14f0f3e8d466178853e0e0c8c1ac82336bbb806b793997aeb2ae8f8e

    SHA512

    2ffa6c98dad56562b9627945e90d17262cf71e4ac98fe17e489a837ca12dc911ad42a3a9c7f61ce450fd3801acd4c5e2af7a9fe18c0f4f1a3de6aac5667e191a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    267bade5e0344cdb3919c4b5c678031d

    SHA1

    fea51f5f3d9e21432975529c3a80a8f0acacbba3

    SHA256

    c459e6d596252f5624fdda3c7515e0ca9795edddc765e3b5ae58d7caa1bde547

    SHA512

    a5ed510c1e3529de3f20bf9e206b9fcec7a8ed66c826a6eef718104016edfdd2a55374cf924aeae7b1b6e25121285422e0ab1456737318c06dc41de6247b772d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8e51f42ab71dca2280cf3a5a5aeac253

    SHA1

    49e1e903fa104e0124545a2e9d0e569234f769b8

    SHA256

    cef1d050686215cc37ef11e82b0cad890484b8ed78555e1d110571827d19d31e

    SHA512

    391ea2fcf0897e18c1f1d8875ae53bb31a03a64098e14c090915bf30db4e3d14251f7992704e11ebd13195c992aa97303e2b5839591a72f52e19cff1bf06c621

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d1c8f9fda5f26219e1a50eb7316d25cf

    SHA1

    485d86d1a288139c74e49fd4bc1f8709af0ede90

    SHA256

    640112ad2f62d64ab476143b076ac54349b58af2fbad9f35509ea9beae204e89

    SHA512

    ca51a672e5b662c415b3e6d7c23d82d875ce7a06683dea9142eabb350072ad86b0d2ed3ce79fff4f513cd0c82e9ed3ee4e7060c0dd14903016b4f489b3dc0bc0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    54c247d7720649990675ee2ab1cfb9e4

    SHA1

    c978c70bfaf0d441086023c11360304a6b0cdc47

    SHA256

    9f80046d19328ae151fdfe9877241c26399ed4f09bfa26bf3a259617d2cfc6b3

    SHA512

    ed3f98979a5b2e71b5fe04d70034b099a613063ab1cc13aa30b6279fdc00a2e58e5af404d41b52d0366e171fbb4510893e1b62da28772c1c8f70d58c1ffbc0eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f00fae4f14bab8176a297203856420e7

    SHA1

    b191ef641020426d2af5a6efee11bd30ebe37af7

    SHA256

    3e9d70002fdc748d6db59a9bc76bdb7374be5d771ac98430d8c75c5334ad3754

    SHA512

    d5e632142b8d72a7eb5a6dd6feabcb0e0d36dc1c864a4dc51fc9b994b1307ae9a9424f7a6b072d64e7d838221ca78fe8c83f6b63167452af8d630e2088146b7b

  • C:\Users\Admin\AppData\Local\Temp\Cab256D.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab266A.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar266E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b