Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 23:06

General

  • Target

    a2d8cd40f9bd137a4129b8f9ab39619c_JaffaCakes118.html

  • Size

    19KB

  • MD5

    a2d8cd40f9bd137a4129b8f9ab39619c

  • SHA1

    e9644aefd24bbf9fd104ea4778f669f3cdfe87bb

  • SHA256

    e21b2d913cc4e762b94a786f2356a65acf2c204da51445f9df14aa9242b81b32

  • SHA512

    6c51f783e73c074e526b7adbe036569f3391f42fc4b7313eeb6fc8ad96ee8bddf9d8ba9c9353a099bff4407d5011e749d5c47fcefc20a6161fa7657b212ec1df

  • SSDEEP

    192:SIM3t0I5fo9cOQivXQWxZxdkVSoAIJ4dzUnjBhH582qDB8:SIMd0I5nO9HFsvHSxDB8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a2d8cd40f9bd137a4129b8f9ab39619c_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1420
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1420 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2792

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    887cdaa5a3d4f38d328b6cd56753368e

    SHA1

    cbcbf0f9b6ba67d97a5d4070fb71e867a70ee450

    SHA256

    140401f1f5860296ae97c7f8fa0323fbe4d474bb262ac9022b955662e392849c

    SHA512

    b656dda6c3b95453118803d186c88119c25b9714a5b86841a12b7a2356c02c32220ccffe49aa0be6b3da79142df0d1e930c3ff66076a684fc66c62ead526a5d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f4025386a6aed8f21a2de4d947d2bcd0

    SHA1

    12ba94483306133107434fadc851b5353d44aa50

    SHA256

    6acbf6d52531d5d8e4bcb1e211ca72b493f97dbf91da8bba58f632c17631ad20

    SHA512

    ca93a9300419f1f947153ed525a46dd3fd3285452bb2344b16d5650f624d9bf80bdd0b0f9e230f00b8c9b7fe16984b286aded617e60899a3464045c811a532a5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    99e0b7128568c5b47bd8f538845189b7

    SHA1

    f409d2770ffd987f4afccf8ea94700431025e83b

    SHA256

    cfa0aa35230b3205573a09a845f0ee63790dc12ac6d0e2fdcdb22b134def07f9

    SHA512

    22a158a4fa9b5a06e83680f6728d36a334fa1184804c023bcb130248401189dbb6e802337e5c00e9bdda182ca059efb0603f89b61d4b21487c3e7b1d8b239c68

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b353725be548d7fedf82852e87b43bbd

    SHA1

    2d9adec2ff0a25af1159593f6d728ced94279fbe

    SHA256

    cb6b695fe0aea2b7f5fb4ef035fe890b4982b1021111cf0147ea553f47f4a4cb

    SHA512

    d874ea7a1a6c850220a4aa4bc51163f11cb6c9fb5a26dae6e26656be5b469b2d692ef856f910d5daa2c34a4ebd14deb00fcc75278f9b977cf753120b4a95508e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e2cbffe8c27ece090c05e5904f315774

    SHA1

    6ce2d0ff7ae3e757f9736b18cd493836f2dbd18f

    SHA256

    cad1f682cc127cb742a298d99aab9e1a6e5638d0c7157bdf1c2c4a1786cc54a8

    SHA512

    3f4c01609203cd2354613291ebbaccc48def50b64bbdc216a39f1e65bdc1a30ee000eafbb070191620fb08d609558f2254fc50758325c43379db80b619f56627

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3899e17fa10c7a908c339f8b8b11065b

    SHA1

    fde33b334d80caaaf0d269ef8e4bdf1ec87afaf6

    SHA256

    ee18618b4cceb4d16e9eb55c4d8f8b076b3563508227357c4914951828fe14c6

    SHA512

    52544c59dd43856d0b44195fe7818e8099067fe9c733c0fbf12967a714c8d0ff27af7837ba1a6a735c42e7af6338303b34d5dd2dd8e3a61fe92f97e2ca48df7f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6854e66f30b30f2f021dbd7d251ce005

    SHA1

    2c7ae6868af18fa5317c2ffd69fed5b26ddc5ef2

    SHA256

    20fd43c5f5905b5b447b6558fc83ff1d412c6fb7d679e3d2bf3a1f962f41f91a

    SHA512

    49e6fbd3892c03cc35883da56c7ec42a61b7b6e911fda7d613b5fdcef3cb73bf95d2c6de82b2be284ea4a73c89456663099f9807fb669f1a7221eb4a7036a81b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fc8d8b65274c18741ff48a4c364346a4

    SHA1

    5c2fba7cd3f0701d224241491aae5342d26cafe7

    SHA256

    57242dd62d47d5622e3fdbe1ca6573c7758f43475cb809c6e2cee2005dee81c0

    SHA512

    46044d69b0ab1ba0bbd8768fd8e8df66f623164fd0ebc9d315055d6661307a7d829a011ff1962b975af4e5ee55d28c6189dcf78c6bb46dc5db6e01a00464e02e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0e5d4a99826907e9a23e9dd1034f83e6

    SHA1

    73176f7d385d1230d4536e55351943e07e2d1bb9

    SHA256

    76b135d940919a093098c4eb8855aa31c9964ee5efc5c9d4e451f9cdbb0bc089

    SHA512

    dc813ce8b454e4c874c39a0c4831f92659241d053147634e959b8239b4fa4d2ad1aec4e84ecff5fea5cf6b597a3bd635e63b0a9462d361af43b0d50d7523138c

  • C:\Users\Admin\AppData\Local\Temp\Cab2223.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab22E0.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar2314.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b