Analysis

  • max time kernel
    140s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 15:11

General

  • Target

    a11b7c70f9c8bd95952d17678884d198_JaffaCakes118.html

  • Size

    141KB

  • MD5

    a11b7c70f9c8bd95952d17678884d198

  • SHA1

    14efeea5ee0e1578f19480b88730facf65648275

  • SHA256

    f98f1d5b175c91b31a0bef03ee1575e7e583184c39b72926bd3ddcbcca787fa9

  • SHA512

    ff0931c5ef658406542d1002a149d592d108e3c7746c1373b7a2d501048e3b4378541d8c037ce65a7e3d24942bfb58c7cebd0625f3fec5e089b94c947ce3a8c6

  • SSDEEP

    3072:SXhn40V3x7dyfkMY+BES09JXAnyrZalI+YQ:SXhn4ux7osMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a11b7c70f9c8bd95952d17678884d198_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2764
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2764 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2768

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5814e396966167bb5e6b65db356d8122

    SHA1

    0823274259ba676ebf05780bf063c3c0ac8a17e6

    SHA256

    aa3be708c198f23172b78508f4349d10ecea10fd6827482fdc97935fea4f0252

    SHA512

    56b7e3d8e6d3d5116bba81ec6bbf0fcc1c4badb7e2bc56bc99d3831f81cb9d4a9a107f7e60413d806b4d200f24c733646417c779fde59bca2215a3ea8feb14a6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    52a810dc32c2717706201c179aa00738

    SHA1

    6c1940bc9a632fdf99582471e8176740fa571daf

    SHA256

    a5ede9ee0a16fe508cf815fa3c29dff5643f2fde9ceee2ba039860987ae11085

    SHA512

    ff1da1de78d94b571ceb5d8800941618a9517c8a5233fc6e091736d7345898579d6f4bbf8944f64dccbfde7416e6d45d187feb452f139317d089c078efd14b16

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b17b5d037f97158ca058ccb76d4011d7

    SHA1

    37ee700c4fbeab113464c9203115b57b954716d4

    SHA256

    b72c8427084444c4dcb4112fca275c70fc893f9eaf0bf836927b486f123f3265

    SHA512

    1e3a8a18375f521da8432ddcf9d809dbf47cef8a0f3586ef24ae4ed288b7d5981d2e897f62d0ea6e79f8f442021fb20c0c1483eb0f29bab209075d34938393b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6d8da77da5058d91b8595ab1aafda9ec

    SHA1

    0a1b90cf266e7746ab2a4a5f345961e9ec0ecb9d

    SHA256

    c6a027871424c887eeef539456d57f7a96cb1b8a8c4df5e1fa50c46d07ae9176

    SHA512

    ab04e248e9b354094a788a57c0167d42f20866ee0893ee82c7ca982ca575603cecf4869e7c0b565a87ac3684a5ff22b8cd8100ba7762feba32008bbdda938954

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c6b45236558611ee46ebb5aceeb805ba

    SHA1

    86f0f62498c2c46dd27f9777c41d9eff3dbab83c

    SHA256

    de49b5f2b66acb62a8dc381ab6f7c7b0423da209af53bc123280c9a203d55f3a

    SHA512

    a74c4438a694f8949db9d03fef070f337d92d49b34ab91df9f56e974e1e30d373d64d7747bf14a6e3e4ec8564c7c0fcc05ac6e724301ba60ef69c30569f9e5e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0ea1d643a0765b5f300ea5862f9fcc53

    SHA1

    765ac9261521076444225586f0b3341828b6aa7b

    SHA256

    5765d8d5c3788af7190f1dadffb04eabf4c97bb58800bf2d9172997ae61e701d

    SHA512

    d6cdc38660856b650089b8d68720ceb6c1ae1f0a91b38b92b24c818cca848a8f50419a933e0b708965b0dfca019b6ede8392230370d35fa1ae8a4553dd0c7baf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    060d19f2fa877a73850b14abd4644db1

    SHA1

    052e6820962dfde2b8fb8d4a2c99fd7e215b7402

    SHA256

    f71e1bc5687246e65b80e6b3bb4aa44ca706678ee0ac85dda4714714f0db9b64

    SHA512

    00f3a1d2ca8badb76d8b2e8138262e1bb03696a06917d646de101be4dadb49eabc066bcd0347ee4794a9735d4a5d91b913cf66aed3a41d514dbef98d7b57c7a0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    45a570d2cd162e4398b4f65fd07fd572

    SHA1

    1eebecc6f28bc4d5dc1dfe0093fcd35497ff200b

    SHA256

    98c95818facaa67e2a00dacaebc59cef1fef030ed2e6fd91f8cbe6d1fb921c0b

    SHA512

    e9ae340490cc22939c92bf8a0988fe6766344dd2664618f86888e6b2c963c8d842493d1416d0e7a1a2b4e192eeb1c9ee186224b3ed6f27242a256605487f4e2e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dec8a45efbf55b912dfb2aac9b6e98eb

    SHA1

    79cba17e08ee82fffceb5934b16a1d54a1db44f5

    SHA256

    6de770236a07129e27575c354ba3df6eac96468b960020f2b4e4d4d1c1cccd5c

    SHA512

    af330eaea09f0aed90619be6f154ed1cac7b6265d2243afcc0a66c0af8006d4ce097afbbbccf731a64c0bc42c2cc4801af3ba084e6cfa2cd00a66832c4e8f220

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    de16d090fedc0a317038664f7ad482d3

    SHA1

    17767efff184a2d57743732bd70b36fec638b4ff

    SHA256

    a244b6567eabb921a030451d64ca8944db30d3ecf032481de10832e2b397b821

    SHA512

    093d93ddcb4032b29e230ee900af5be17da0a9f5e48e00256c808f8d5b6eee066a00d1dcde14a9f8de63883bdd33bf027fe603c4fcc4ffcff4e33acb68c2cde2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c2cd8eae9ee141c59f73ba2e2bd56d85

    SHA1

    6f6fd0fd8ad7259d9b2a1cf103fb74c39cf533ea

    SHA256

    929aee04cd9b1365705abfcd9d1e648436ad05d36d22e1e74c79062116736457

    SHA512

    b010f36337741ece236e49d79b3f0334d0032ee8b3f705f97e5679903c4e5a709510ec57226698521673a64bbc21af864779a6c1e52f024bd4571fd08ddd24a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d8b31f55eadcf7525db6a688a47f07f5

    SHA1

    5477e82a62f910d3913fa517933ed271a73b33bf

    SHA256

    e27b7d307dbd4cc244b650b4fe25fc1dd73ae29afbab8aae254dbad09ba854ed

    SHA512

    5a21769c025155743a303009fcc5c73b457da32b68b37014ef6d32489bc82eb3a8a246c6ac8346684f103f3691b20d214645788dbefb0326e46abbb7f2219094

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a6cddecf862436ce8c597740e2776a69

    SHA1

    1edcff0136dfccecfd7a3003381988eb0ec92d0c

    SHA256

    493a15cae1113faa004dc7c984acf1638945ebec3c822f17dd6031112107ccb3

    SHA512

    7e0a6d38c9eab8625c6e22d75d274cbf4e352fb4f885bdeade2fe71d1e4eaba65ef333b4d3945274ae8a262666b272d581a26a906a15ed8c2dd9368728eb4305

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    275903f1e83adc1cbf680dae21a9030b

    SHA1

    d541d221c2bb1e22097bc73796942a2390b80211

    SHA256

    e4928719a9a2daedae655b0b38cb8dd61c82f7be19bf36ca53f3aae67fe2719b

    SHA512

    dce4a72575a07c8a4732e155b2af7606fee90595d517167207bf3196959efe5834d267fdf6111838be44bc9919a521aa6ad8918075fdf57292f87345f412f33b

  • C:\Users\Admin\AppData\Local\Temp\Cab59F5.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar5AD2.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b