Analysis

  • max time kernel
    130s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 23:03

General

  • Target

    a2d5e221f28190812a9e0429f554e55d_JaffaCakes118.html

  • Size

    28KB

  • MD5

    a2d5e221f28190812a9e0429f554e55d

  • SHA1

    587962d6beb3081a596250179c4b989536d29daa

  • SHA256

    04a9b3fa07d667dfa0d8e663118439d7cc95f34bb441ac1fdb448cea94d0dd5c

  • SHA512

    2502380b0f3df267da80566e4d47b0ae4ec3be3e1f7053697fe42a60d2ad9dacc4a47b8fa11fff942bacd24360bc37d86ead3edca2e1598f7080b225cc5b543f

  • SSDEEP

    192:uWvab5nwanQjxn5Q/EnQieHNnKnQOkEntwGnQTbnVnQmMCfHAZ0gzNRHIThgX3J/:JQ/Z1HuVzNSTh0sOB/P

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a2d5e221f28190812a9e0429f554e55d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3020
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3020 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2780

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4f1c344be0bd8fbf1e560841be48f66d

    SHA1

    39eb4cbd27b9faa8d56d66891554206bef6cbefc

    SHA256

    aa24f55831ed567edc797d9d20a0d6c96f8045f0db7620923ffe5b2621c5969a

    SHA512

    3f4acd66a5e20b267adce09aaa66e622a625963d4938886931cfefeef6060b61bb86e0b02d766a4a600cc262584663ba83ac578c204449aba4a8976690ad356d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d2d41cb0d84975a2437f2e1912dafc35

    SHA1

    abfcd9162f8c6e5a0f4c8a214f624ae2adb1732d

    SHA256

    f06f5d7de09c005b116023f45c852bea4edfc75b8559c2193d8a82b2194f0f3a

    SHA512

    c40e634f530caa65b4937717f4ff7a2f3cecdb2616ccf1705e8907573367556639a410ef65e0959a959c2cf944060938c58d05efc64ff135863e45594b9fbeb4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e805dbd907840c1708ca9343bfff0679

    SHA1

    09956b17e3c1a82384b899fc03c41d9ad16910d7

    SHA256

    a33fe486468f2df0c971eb34902c6020d30737a073a9a0b2014880b7ac8ab426

    SHA512

    5609518004d2f1c003b0e7f6d3353d2538bf950f3b30ccc806ecadc2a16c50309abbe7166f3e87f4008ce0482d75ac7397a2c3b5f7f098f9212a46dae957a2c8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6727df69f27eae50fe8ff76b329fdfe9

    SHA1

    6bb3ac41248748ad00e85db435ef33ecc95cf79d

    SHA256

    1eda84099d40fff6dfd92d0745f306add6d9d3e18562d061c96eed69fe265b82

    SHA512

    5fcb80d5a271d69d4d9818f12495b37c6b3a825c487dcbcb8853c62d5caad2cae4109c286dcddc9a6e31fe9e37b80428ba093838664130c883a4e7bf9e570a6b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dd1eaf2b34a8bd7a65d5543b19427e62

    SHA1

    1473df56bbd906ff3ac0891267456353572cc492

    SHA256

    67887df38e8b60e336dbc248c1141e5779ab41f8371b28001b1bc45fc411d420

    SHA512

    9f2f33bfc1b079ba341c26035cedd7bb6df4f771ef6a8b3c2e90782fb6993f112ac1432764aa886e7294032212cea29c093c01f9df832370e25f826ad601d067

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8b90bf0e16b0824c90475d4f5f1f36e6

    SHA1

    ac24a2cf63a88b467b90590ed1ad5ea90323de45

    SHA256

    88f9fbac5a08f600de327dd5ecbf7ce232fc581f1a6c462ef459fd98f15c358e

    SHA512

    5fbd2f2fbfdf80f9e9ee79f371704b9e6e790cc42d8a777d216227c14ca4635b6e2d17901ecd4696d262645b11eb71e0883e46d5b0fd1be27d66a29bffa86fd2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d39a742effcf304986da3c1435d6fa07

    SHA1

    ba0757e2151c4b08c72c55e1a4386398f820aabd

    SHA256

    d4230f8b14e5082b1f3891cf6456173101df2d76ac4cd229603559774e077e90

    SHA512

    f1a4b4c9618c211eb5ab7ee0c8aee2fab486de7613e793a26d4f029a7e949e034dee538475a66e7d483fa105d8959c6b567420a3cbe5678d8d26d038222cc8eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3cd563f439d20aa48f38d7911c1b0875

    SHA1

    74d3246af275501d2b597ae8feffb1fc933e05be

    SHA256

    f57d6068b3eb7291ec8dc21e51a4ec2db7f9acfbd778b4ed2d8cd89109bf6370

    SHA512

    70081b2130b842c1d8996a5cfd126d778362e686addae16e9f2a7abe5032c661b38b604a1b616140f3cf8c2c9ffb2a0bec652bfd42abf9155b12f207fa974aaf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0801808a5b8f534ea439347c4336a3aa

    SHA1

    2b3987ec35e9017bb79784b678109a4f8d77c97e

    SHA256

    c64e72dfe82d41c7a160b7c41c02f7a2f1b9a3af0fdcae84b30aeefa38332865

    SHA512

    f65efed4e6cc19e92ab61a2dfcda7d726a7708804def0a31ed8fc5a602d11188842c1edf057a0d57a9ccc6fc25a50ff532cafad4117eed7b8541ea1cf408b9d8

  • C:\Users\Admin\AppData\Local\Temp\Cab7772.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar7841.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b