Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 22:59

General

  • Target

    a2d20ecf6b2b1f0acd4bdaf2210d6bd0_JaffaCakes118.html

  • Size

    31KB

  • MD5

    a2d20ecf6b2b1f0acd4bdaf2210d6bd0

  • SHA1

    684070aca314d85a2921d671584383e6aa53e160

  • SHA256

    3a2d23d498ca45bb241d0c7103f35daf9c04a81c9fb457393e99e4f02a8831c8

  • SHA512

    a376d10493d06d36e3fc1f53d1bb64762ccdd23b405318b982dda20ed5ca18d467d08948e9082c7364ae7794937b04946acf15407ec6d65232f0c8a6961f0c25

  • SSDEEP

    192:uwffb5njanQjxn5Q/nnQieuNnknQOkEntxBnQTbnNnQmSHlxV4I/33tnm/G0RLfT:9Q/ZulxV4I/3dmeW7m/KmhWp+pFqeFO

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a2d20ecf6b2b1f0acd4bdaf2210d6bd0_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1176
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1176 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1312

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    151525125ed30f1449287a17c89d06d7

    SHA1

    f704894969a5c0aaaa773afdfd7bec743426fd92

    SHA256

    658f7894e415b782c963aa77ffb858e06da38dd84845910d977750db91c9ca61

    SHA512

    f2116d12601cae1cfcda31ec901603b267c551e8664bd04bfe5c77dfe8f635825c21be8569fe41f9764b0a21f9426603b245ac1d8b0ea35fdd72dc023dbd2102

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ccbfeb63071852004ba1ca608e8a60a1

    SHA1

    fc8ec15c44a49affe9aaa64bc59c246d436b34d1

    SHA256

    ee6e96e0acc60b9149f35bc772421af0a1d90eb87c265019a4f0174a5d197392

    SHA512

    8aca7a98cd826d09a7ac271b7254d35c2cc2a98587d974f4c64ce46ecfe4d2c2fd272888177268a14ea83ce3d0cb18942eeb7f25be617749e226c0d139aa7afd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bbc9cc34364c947fd5917d9d66662725

    SHA1

    63aaa507240eea050d540757cddf16ad4a6b7e45

    SHA256

    e3e3e715897e27041113c9377550d3bd3e0b7d9937482a84d5c1d82c703d89e4

    SHA512

    c6b45a57bd88cf8732993819fcbc23305fc1d402791cc960890908eaff62db95ecaa0780acc2d18653a4173598ffdb5202978971eb3574c626b9cee33f4d983f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b194130d8b9b130f80c8bbe8b1b4a356

    SHA1

    3aa406477ea43d4e052889449870d37db2544820

    SHA256

    4ec801513566dcc7a586b300a0303bbc37dca34ea40abd9b9da80fc50719475c

    SHA512

    3b25facc7ae9ba0041417a364b7243463ef37e417df1ea7076293cc188267278066d8bdc85bb247ef86e9a269c9265d9e838173bc3ebed73b4eace8a17ac1bb0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cef0a6026f809fbab2f8bc43756dd018

    SHA1

    48430404e01ae78e0979828541066f7851614d4a

    SHA256

    545a210447483ea62ab2d8c34597d026e1110ce50745d89876d11e32246d1440

    SHA512

    124d4d3aca9166ace101f0281d0f110086af262de0d451644f6168c7d51731d968b113b1d316cf0afb1eda32e5f3b673dd003155f88e170460c73ac873383f83

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    311c9cb2f336f311ef8e7b734365ec56

    SHA1

    6041e6a11bf6e1cb62326e412176313a2a5ce06a

    SHA256

    481a33fba775e17fb5001d8d13ecab909aefe6dce600347dd459d7837bebbf44

    SHA512

    287960700b35244d6ea8b8ce4522e89fbb18d264fe2d3aa208c1e61344f7a6b952346b2f616b664d14ffe787493a3279f90b51e8edc107703c3b591ae897ddea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5668a979412772bd1ec8363de1d14c45

    SHA1

    7c1df0c1e17b58f3308fe4a1c2cea9626a374288

    SHA256

    4db8bfe86531945d69edeb05b605544360ae110b5b95bbb56e1715dd7123c239

    SHA512

    181e16679580341710ca4845cfca70f5ef0db4cd6d30ca0fa17298f1cb798277ad6c77e2056ccfe0134e07216efdb13303355ba13332a018f221f84330ae631c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f52afba50ba93a3e6ad3bc045dd556e8

    SHA1

    ad685558bd76c41952494dd55e0061bf1534c84d

    SHA256

    6e63c14a4648d6d07037f4cdb8183c940d32968f69193b3dea89d86b3a2e9706

    SHA512

    9d7d4e8ca761b801979cbe2580beced0b80c652fd6582587d4a0fb92aef8101f872c31f795f1607466428396f5d10d5ea74b7cbf0dcac66617513bc3bde73644

  • C:\Users\Admin\AppData\Local\Temp\Cab205C.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar2130.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b