Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 22:57

General

  • Target

    a2cffb6cc496407636f370dc5fe291ba_JaffaCakes118.html

  • Size

    75KB

  • MD5

    a2cffb6cc496407636f370dc5fe291ba

  • SHA1

    2af243f9a867dd72d9723fba61fa957e3142819d

  • SHA256

    81b0054ce5d20043e9042be588e6df4884419f088e3e5178e57504f512a0c5d9

  • SHA512

    a88e5fe1ebd14bddda665a798cf3921486f9594c47bedc68e564a18f83062be2e53f9cfa948e4ce680b27aeb699c0c641da8cd77029db4956f99eb3c08c62d88

  • SSDEEP

    1536:SbZqw9cjnnfCn78PDUkx+b3vxYGONQONRtZbV2CTu6dEhDdGzMjxRARJTAY+fkPc:oqwajnnfs78PDUkAr/ONvVy6d4dGUxRz

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a2cffb6cc496407636f370dc5fe291ba_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2500
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2500 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3004

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ea5058c9a0bf045bc0cbef3188bcb4f4

    SHA1

    b97076c040a5a794b49657be67affed5153d11ec

    SHA256

    dfc84a0d27063ea8ed5493c1dff13cfe1ce6973ac7e6555189d2e012b0e26c86

    SHA512

    e8f42a73cbb59ae24ad3d02c5e8411bb5df0950690f5c091db2f6087100d573e254e6fda118a06a3e31e4f73288aef9906bca0e39afcf2f666fae3b0078be091

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a399d098e628b7a0fd2ac88eb5fd443c

    SHA1

    b6e02f67b0723aa2a90bb43dbd106029cbc1e055

    SHA256

    8b8ac2576fa1a4878ca2b7ef189fd4916091c3002d415d30c4626512c2aec777

    SHA512

    24395d2a7e97b1f7a7756b5ffadd0c1cdb770d0167b55c185368a547ea4997acdc91886a41a30c0c9e7dd2642a99e4f543f7a7613c9b992f3461b29d07637c3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    de2606e0afe70e5808bc2a307e5b33da

    SHA1

    3f9d5175c6dd101a03b2277dbd1bac4beacbb470

    SHA256

    8f30db9eff5f3df5d94b63bd99ae2601e33234837e221d26908abd5807813c16

    SHA512

    75cc594b8430adab7565ad0fcb1c157f8b397fb1882dacb14c1ade772f3e6e0fadefef4b26e6e4182c765542cc56f2709022978abcf893685ef8040afdca80d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f0a89f1cd94979fc313b55471e3ffed

    SHA1

    b3101278aa0cb930cdd65d75f495ea57bbfc48ba

    SHA256

    af5dd838c66d90e605e6921f22f63ebfffddaa0a5f307a1210652d845430b89d

    SHA512

    e493afd6f07416ce17c67d16d3aee8e20c87d7d4bfae36c21f7ed4fa6ef28cd86c2a66d75660cbccf1e74e2fc336cb8f32eca5d064efa3e7ed8676f9f7158b31

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    686d039ed3fa90dfcaed8dff4095a0af

    SHA1

    16f93fa8356b6067ebc400b48b045e222ebbd277

    SHA256

    f9799054dda2fe4fd53cfdeeb11a953fa90ef509a472ba4b0fc41ec90ef7dc80

    SHA512

    a906b6bedc762b1a5f955d0f8ab0b4f6da073ad8a243225d261f1e4fe211cdd9f72b99e5997aa1854681fb4e7620ae16d7867ea5886ba5057a4b7b9117e92505

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    776d0977ac9485b1b39b3586223dff0b

    SHA1

    91bfe063a92923e6e5a2be527c69d8ff80d4f47a

    SHA256

    8028a0a87c92aa72b7a3596389887b1bb9fa3e37cdecbb2930b9dd8b7a88af80

    SHA512

    f66ca2eddf49f2f548041a415291d13640d41100ea5e99338bfc60232a6c6b254ea622bad6ec47becb64d87462acc915ea992a956d40cba3d3e3ed2283e2d771

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7dca114fa009a82bea866f8e3ba76ac6

    SHA1

    816cefaeb1c26385f8fb3cd02d3a9b4c1d2d0c29

    SHA256

    825be6eca0391c16daec9ec5db070ca85ab9d02e9b739a5185a5b3fbbf3559c2

    SHA512

    bca4f7a76db0e79de42b6b59229ccaa00eb9f1edd6803b80beb9d94c63019cadec90ec429134a9fa14000b727b92240ec1983c8739e5c18579d388cae42aee7f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    18b03239f67e4ba656027d8821aeda0e

    SHA1

    ec1cee0a5721ecf79d1e8a4b0eff940915a2eca8

    SHA256

    6410bcabc13af61601e7bd93ce8984dc03be767efcba77d22294181e6068746f

    SHA512

    e15091f91e77ca558d67726c9adf67e579b6da68b7ca6ae8eaa38fa8491eba0f21f34fe8eefb21566c08d9c4eadc743a808fc33a087ce3652c6effa61fae74a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aed2fc7cb66548f10e8018880e58efd5

    SHA1

    efa1379ec3101857351730340db45c16d0815301

    SHA256

    77c955db888c86faa413a54216a72e508808d5bb724efb33204bad51d8cde2ef

    SHA512

    43ec4bc7049c892b67d5f4a2b852c9b6ffa3c610ffd40841c60a6526ce43b5ddca2d44a58caecd324f00fb3d6962b21fe5f2bd9442f6597179cca92ea844169f

  • C:\Users\Admin\AppData\Local\Temp\Cab61B.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\Tar6CD.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b