Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 15:11

General

  • Target

    a11b7b7524967cfa5484234908827ae4_JaffaCakes118.html

  • Size

    24KB

  • MD5

    a11b7b7524967cfa5484234908827ae4

  • SHA1

    1bc6fb685bbec936d19b504b551c7cfa9eec654b

  • SHA256

    4faaa7916a19901e86d7297bc9092df53080c3ba083dcf91bfd7a6f103fb8aee

  • SHA512

    791dc651d5569f0228b6fb50ded783163003c0f44564a50efe1a9ba8425a50c5ae28c61c837bde42cd23cf0335adc8b5c2b816fb3c37fcbe249fab9f7f826e36

  • SSDEEP

    192:uqN7HRb5nW7unQjxn5Q/fnQieZNnWnQOkEntFYnQTbn75nQeCJVevo7NtIFo+NzE:nIQ/TygcnnB1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a11b7b7524967cfa5484234908827ae4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2124
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2124 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2352

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc0fb034e4ceac4abc443b61e53b57e3

    SHA1

    74ab6e032ad341128c10b62d365146272b1e46f4

    SHA256

    a6523a89e48ebd22e1b511e2e6ca0fcdd288d2cb47854cb656a46d505853fd08

    SHA512

    110e911d3b26d6dc4a98e99dc662147ffb197d0d79083d69fe7373504b7880fd058c345c51969c89a8e784679a594b34d0d0e0b3467684758721eae1260aa327

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    64cdb89f953e56ade5d41eb444c37883

    SHA1

    7b05b78e8d9f382c2378c8b8891655edee564c63

    SHA256

    de5856a57e4a980756b69066fd349e1c100fcd75a77dbeb96451834e3d0b91ea

    SHA512

    f03703aaf0ef11bbff37c186f2645b4c76ed5ed78400350a6b0074ebd3fbec3e2663ad329abcf395e4a0c1bf0c8d799dfd365db7b239881ea835a9aeb7e1a070

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7f06e6d9a96f24b4a16c0a91c0e0f4c9

    SHA1

    c5391d2a89004460e5819a4185f595f7ba3bf151

    SHA256

    991295bd06452864c567bc8f60c71030477cce0a7f8f99f228760e8299f2bec6

    SHA512

    c31c635143f2bd762eb599e7dfbfbf55dff14097de813c7de350f8fdb402478af3ec467cf9e6e9c653956e0e6264353045097e34f58dea3cf21f70c3340ebe00

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    84fa94ece536ba95f61c33984bef687f

    SHA1

    a7b186a677602c6db9cf81e57ce745d865c8d5fd

    SHA256

    bbf56a1881a8cf33d523e6a852637196f49e0fdec171e6a000b1d0a7a367de04

    SHA512

    ea3d9b57c81815ef91f96a2188c0c64fbe1d7dc725b3981cadb1e85e66e40177559da008bab0df9435f117167be7fba86ec56320b3b5d0bb0dd97aa5cfcb821a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0c3bd4308d352ef35093bf8bab0e2c86

    SHA1

    f41db67ab8264c4d75b6bc4c0b5cfe09194f8995

    SHA256

    738a3e104eb81df26a456bc0cced57eb52490cc231f29299c0ce19bfe26bee8f

    SHA512

    bff3959efb8c40750b3bdd53e8ab98b2865e91548f8f09d789b4bcbf53cfe348d6422e1368baf17c6b2afaba3cdf2011aa05a28afaea51f233c1ac1a25e06803

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5a003c7c160ca60ac2122c1d4bf1acb

    SHA1

    538f9ba0a8f6241ee71e175d7797a33f42d48d90

    SHA256

    c1ab5343251ddaaf59d5865cb0f80716f0902ed9bb3c5371cdeae47ca894f57f

    SHA512

    19d29aed76a701c611dd763af66cf3c0c956b953557f376de7be75ce65d49ab628172b6a45f7110dd9e7a2ac9f9f7f1f0a345ca4244c51384e638037bcf4f6d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a0ccb53d8934b224590a1ae6f8c5265

    SHA1

    22642629bf0735936cf098388bd0164c216dcfe4

    SHA256

    ae800ff7d284563c8aab6976c33cdd369fb9ad7d3b9255e2a7dda893c37e5e2e

    SHA512

    c4d280cc309c003dfdbe6ba05ac54739b7432a3d75567f8997d1c741e554a087bade705eaa505bdda8c85b384d3d9da5bf036ba9680b1ed4e979b970494e5a17

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7fcf3ec277a619ccc995ebd62c1dd6f0

    SHA1

    006b78c25974a4be6f0021c6ebc0c1ce615f26d9

    SHA256

    d77aac502e5cd44382a28fbfd55b12631b2fbd9e2f191d79f4411f8390c4fac9

    SHA512

    880f14233e2465565f4c1974b185ac51b7e0da37e413670c8bda1273f23cf202ebe61be1dc3f0c97a00ed42c66bb1f8f513267a1a2ab71da0f45191e45eedd19

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6d4dc55253b417b99ec4c8ee15a37563

    SHA1

    25db43fef0abcdebb12be1ce609e9ed5f131ccb8

    SHA256

    51748ea681c8099c86dc151582f9ac562b6d2c95a6bcac1be08b783d638d6e71

    SHA512

    d02524e2a2c938749bb91148c8e188b445d4ef07291c4a0f245385d3b0f129660375c5783c7427d6bd6a05df8554cb7bca1e27225036f359c3db90b730ce2b96

  • C:\Users\Admin\AppData\Local\Temp\CabCDE.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\TarDB0.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b