Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 15:38

General

  • Target

    a12e6234aee82b3d85d45ef6840ac844_JaffaCakes118.html

  • Size

    23KB

  • MD5

    a12e6234aee82b3d85d45ef6840ac844

  • SHA1

    7e093a86968c56a1b169ecb47848a93a59a74884

  • SHA256

    ccc5647b58a00d438eb8e73d945226216df4e043bd050c2a03ddada1002d5af1

  • SHA512

    f8fd5efa5d42be0f60ffb2c3313a2e988395bbbc5adf177999eec27059fc91c2f826982280318d7d295333b4dd43c58b53b42d7c805188d42e9eaf50eeb1f823

  • SSDEEP

    192:uW38b5nvGnQjxn5Q/enQiedNn9nQOkEntKQnQTbnxnQbCnQtpwMB9qnYnQ7tnUYS:GQ/LfH

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a12e6234aee82b3d85d45ef6840ac844_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2352
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2352 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1156

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ac44a3c085a908f1bbbac0023f5b2763

    SHA1

    a20985052b5eea2f74af7392eaaf9550a22571c2

    SHA256

    f473c055edf2e1f14ec360777c1d68f1600b921816aaab58133a4d382ff89116

    SHA512

    9c5cf5aa79f80e5cd7fe06ee4d2f7817609f15a8cc3103fef6e0eb301b73aeeb790562ea455ab1446e8c08abaefd82291506eef05e06d9dc903e01f3dfa4ede9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5f464c67ede37355813b446d29911576

    SHA1

    c106b7479887d2f28b66f4575d7a686a82a89bb6

    SHA256

    c9a9a08a34620d3df13d5459e6c200a5786af01dd772188d0d8864e068498b4b

    SHA512

    66312e82329450f712245a6bb6b52651ef823c265bb4922371d955e4d6aa90e0de245d28f0f349ce912ec6bedea6e70dc33cc0a77b49129686e95302dd4eaf95

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c7ace537b033ed17438f5ad4af1c3f5d

    SHA1

    cfc190d8424bdd3556e783493a370aeff93d4a67

    SHA256

    e7cdde4e06dad9e4f414637baacb5aab8cdd0231fa3b6b5ab500194684c40313

    SHA512

    649f31a2c5d28d46a2a50831b3bd39007d2acbe6fb22923369bec19497610445a6752f66383cd02c10cf81bcb4885fe2f5fb0901c444798ef599c5b018318ae9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1578238d1fe7769d10c16a3dc3d5044d

    SHA1

    5456744e90147a67510a4d6f680fa3630b8f10ad

    SHA256

    b5ed6a7bb6363271f35c96114aed293579caf1a0effc7fdc0b46bc8174a022de

    SHA512

    820db5c1e37b31804e433a1ae91fddad6698172fd89ded1a2a3b90bbd28b2ed0ac149952d49ceccebe048a335ecbf7fcb53a4722894fcf809aefa5a32759716b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3b5b312d1e5eb28aa69fbde363fac50f

    SHA1

    39607c546b85aa8ba7de2210df0e0965dbefd67b

    SHA256

    1991288ceabb25a1fab593e94c054016c3519db5299e128afea31db3d65e8272

    SHA512

    ca797e62dc9a6775ef8e9fc23523b06d6c5c06276f9864e62889a5e4b4f128c11ee288e836e982d482e61936878cd2e5efc56a3adfd36c13bb1f47ba3870f860

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    88b096153e541b819b6099201cf02db9

    SHA1

    504c8c1a4c1c56194c9d26f5045539e15af4ebd9

    SHA256

    9b96324fafd3db1553e8b65ef353750d15c7195cfdc180b58ced3762c17c4755

    SHA512

    c31247a84460adcb349f67647bdf1ee42705594eb13d334f216ce4c59ead5f4f7ee4a23d35b0e76a8305cd3bcc676c6fbb14740057065db281610463212c221f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    71e10f5c85df71bfa5e9217d616a2cbb

    SHA1

    f341819869300adba01937b4f810e17f10376ad7

    SHA256

    0b7293005d8611ccc59dd3eaeb32b087cfce9fa77c0b2090f075bec9a1a4354e

    SHA512

    302840bc0e48fb191f04b833dca99e5baea5bfa71d44c064415a8b1dd4e92ca3326f7c5f7abcb2a722c28416487b81fd1fadefc07b344f6ae9fbfece3272f559

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a238ee3935f976ca1164ca4c63b8424c

    SHA1

    cb88aa482a52ac9d9bbee8cddda323b38f70c4a1

    SHA256

    ea8a13e1917a0d6a73965fe51930928e9562b8b72cc50daf07c5f42d10aa92ab

    SHA512

    bff23ce44ad9be1d42fcb8799afb0a57d8ac3e22177dc0577c92cf4fb86a05de6d3f9ff733c296511edb6cb5a8d121bdd20557138d4019ec347512c54167112d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    232f3ab12e6064c37b1a04441886b560

    SHA1

    e99e95131af184762bc2ce49a2583a789cef4b11

    SHA256

    bb7d313e6fd16e969dbd5a71844a13775627593ecb2922a74dae171ed605d66e

    SHA512

    b41b1b75fa8533c863991cd290dc246e32daaee2ea7407cac7f7de4affbff6f9e5a4c1bbbad59aa1f15e8ae6fb126d2da1c60f6a8f4fc8a6a9f5f39c7efd591a

  • C:\Users\Admin\AppData\Local\Temp\Cab1CB6.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar1DA7.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b