Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 23:45

General

  • Target

    a2fd79523ef83ed515e426e21233baff_JaffaCakes118.html

  • Size

    34KB

  • MD5

    a2fd79523ef83ed515e426e21233baff

  • SHA1

    fd368c5faf52bbf415c55e257eea1c2f5353b1a0

  • SHA256

    d61dfd77a0730071499d602eb0da911a8e03da20a62d629f7ad71b98f3898b29

  • SHA512

    17d46b78437ab6984c79c5aeb8b2bf03a5d6b75074886ca6267b4ca1c088bf932eae1c1d48dd66c241bd4e64e4122e20747c1f88f784f949dcc969aa0953d455

  • SSDEEP

    192:uwb5b5nzynQjxn5Q/SnQiexNnfnQOkEnt+4nQTbndnQOgwcwqYRcwqYlcwqYQtLe:nQ/oslb5tLfmvR2kATXM

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a2fd79523ef83ed515e426e21233baff_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2432
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2432 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1088

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    67c80e1861e53ece63b5477b9ce8187f

    SHA1

    bb1121d596ba15a383aab4d46997da30289a3da1

    SHA256

    874586606dfddbf4fab25f60cd83ea40305ea2b88b3403837943b58dc276ac3a

    SHA512

    0f846060a1d32dd3ddf14df86abecfa40b098a23d90fffc03e06b75530e13e88d641a198b70fe4d064fbb172534b37c58aaae221875b0c53bc55fe69c6c8c69c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    10d0512d5bc31dd813d7138e119bebb2

    SHA1

    76c237aad9b58ef2cb033b867cf330f77f8fb673

    SHA256

    20273a1e61efc21ce8b9e5fa32bed471fb22c597a4f033d3a85c7b2b4948d36b

    SHA512

    809cbed5eefd60b828082abc908fccdbd586313acd8ce91072d20c18c7b18be62260fc5182d3397c43fb7e47da01626e8ddc823ebb6871cf40cad0e318e1e6f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    54a7b449ea811f7ce8e75c84305fd651

    SHA1

    d3c90b4b41ded386fe75f726041e536685c5ae2b

    SHA256

    2367568646dd90252741f1ffc0806caecac38f1ca5c9d9f10d1a8ff97e349e8b

    SHA512

    c9e4aceb84be49f4d07c094d7cc521ece92a647df2dc11b4f7b88a703a82e09710c0f6495d0bbca67260fd1c508abc7de6762789dc80b64a1815d8918d776774

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    61a14a0110ff0c5ad9ada3507b50bf03

    SHA1

    7507129ea07005b0f1771f8fb7e11bccc938cd2b

    SHA256

    51a156e86c80f6458204f4768e8d6304e7467543d2824d4359621a7cdeedc29d

    SHA512

    2b65a592e21691bf47dbbb4eaea9ab53750a7117341384b3ed9a67eed05b7a288d3110209fee1bccab9c18525b73bd232ef5a3d990882031e74818259491dc36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d6e33daefb70ce7f58c3b1d524d022bc

    SHA1

    57cf017e2a80c12b869d12a50d753b8b36705779

    SHA256

    22735dc5d0163c6fde96bd187b6e1c0fb76cb88434ebbb118c372fb9b17860fd

    SHA512

    3bedd6718333ab4a0f8299ebe8575f9b7dedeb9457a72e31cbed723f292f3b4c01b47d90503975fcc96b3b990bc082528bf36fcf1dd1280d927340ed0a488a94

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    588d4468b4633d20c7a88343e1311bce

    SHA1

    67890b0b97dcfddedf12903868c9d9602fdd57fe

    SHA256

    2eaec678e5786c7a5af773e8bb2be813577b2ffa07424216d846beb854f15ad6

    SHA512

    6c80e8d0d05fc4ca930197803f394c2631144bbbbeef8e7d2b5f3d94c1348a860dc4c12705070548ba3390e589da10b1605e2c8dd6b8f740c70e52ab326be4ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fa3497d3bfc480d8b792111a3d74efb2

    SHA1

    fbf2bdf67caf46dad481c9481da4cfb3f78f76e3

    SHA256

    f5350884bee5898c2c0136e8430e4881170698b5c0040816e1a24b428057cd27

    SHA512

    c0a5ab09084e0e241f6257a621057fee2cac0c3b608bd255b316d4f372a4bb2f81ca35ac2b4d33b7cd240593e806add4d518575f629103afb26fe621b63ea5f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9de4dc6eaa37a6c30788e4c44226ddef

    SHA1

    e5a31411e861d725c5d6952f88205efd035e0a00

    SHA256

    9977eebf3c0c9003ac1337cb08736626a9f6f92a330fbee025a09fb85df033ab

    SHA512

    1c7a8930aa2abca56264c25e65422387be2d902074b76e53879c6ff3cbe86c619c5c73c7a262779860aec61c0c287da9d4229e430047404ce4ff8a742317ec9d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    daba46098776b091df68aeef9913f826

    SHA1

    51ccca60abf891f50470cee0377567fae962cde5

    SHA256

    33f329ec8abc0e93de46ab2c53e1040d09b096b2cbe2a9ab55f5ff8be433cb17

    SHA512

    6d32e73208c384c47481a29e1815001bc3c41fa1a8e7e35a6fbd5330f243fec7e586c94cf613a73243da74f4f305e6b3ec7209a7060f869ddc3f6274618c19da

  • C:\Users\Admin\AppData\Local\Temp\Cab17F5.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\Tar18B8.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b