Analysis

  • max time kernel
    129s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 15:32

General

  • Target

    a12af173d155e184c590af77054a57b3_JaffaCakes118.html

  • Size

    23KB

  • MD5

    a12af173d155e184c590af77054a57b3

  • SHA1

    3c392d90b038e44f05daae04143282704d5e9dd0

  • SHA256

    a22da05a22e08edb8254d33562a6e96876c3c92e3f21c9ddff2892b649a05b04

  • SHA512

    308d10721ef761f679a794ce738ba5b21cf2da87958df9e7f42bc29bdc4c4df2a66b87961e78d3dcd53ae37ea948f74f4d25de1ef472418e0f926e8e08f09fb7

  • SSDEEP

    192:uwPYb5nKGnQjxn5Q/xnQieENnGnQOkEntjbnQTbnxnQHGLnLnQtiqMBkqnYnQ7t/:DQ/eGT+O

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a12af173d155e184c590af77054a57b3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2040
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2040 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1620

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    503b9d72ecc4d21e32d1673acbc2be54

    SHA1

    4cd97c3e99c002e1dd894630f992de51ec1c4751

    SHA256

    e229889844573222c340e0f84ef6b78ce12f847d823c5abeecc4fc30265211b8

    SHA512

    9a98b44dd455bc284454185d1397f48afeb731f75662b33f665d0b4341b1168dbf8d39093eb691021ee8e501847125b04d275eebf53c9f68f89673182efe0378

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    516e386b8ed1738dd4d04336e1844234

    SHA1

    a11f95ff6dff1b6c88ef1bc8765be19296857ebe

    SHA256

    a80f32bac282634d9b466699bb3b6245f2842294dafc11323d31fa7661664cb9

    SHA512

    cce0a8e4e2354a59a80ce2add6868db70deaa7550e43faf4201d196e75c4c36646b3379ff38075e67fc35599b91ea08850d3edeefecc90ccf74f4dc94f932d79

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9b19ccc9aff055f22f2170ac55805c59

    SHA1

    8207af131568a31f539aa647381a06c6a7874b73

    SHA256

    7a70d4690b64532244591aa890b870989e43da5a29b3e587450a8e822465adf3

    SHA512

    bc65f1c7ec16f420fa1861b0de2fb27576b5d2a6c1a09038a95985823831474b57bd4edc965686644540d2958e1478679028a06b138b7e543ca5bfef47cd45f2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3bbd2d07ad0301e96784ab274e45d106

    SHA1

    b1266c260ce4156150ec4ada7fda2989bd910919

    SHA256

    7d3ed947b16cb282e901bf14ad1cdf98946b8acd9f89ceffe3729969879a929f

    SHA512

    e7a086a43a1b99e13b0548be87919c0edff4db75b23cc33d1c181e321135c475437f7936b6bb6b5570e55c790b94f2e2b7d14fb2f4020d4929e96244ac0c3a42

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    338215ffcff811ccb7c7927f56effb05

    SHA1

    06c384ba6bdbce0e09085474ce00c245380fe01f

    SHA256

    5261a8c42fe0a24d06c886fce5ed2c5925b3f2c2beb521d7989b13b175169e1b

    SHA512

    33ba10be095eb4962657f79dbbe5bbeca3d594b5f0373beb419bcfb6365db4dce751ae48ee1e293b9663cf8502595c342d2958f21f0425df09014f632b35f165

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    87dc97cb37e6f4c0cc25a9fcd6350cba

    SHA1

    1da78f717a1d04dd0a39e5f658a3840220a89735

    SHA256

    72d0f8495631c3a7a775783c14cbd0b240774dba594348abb644425626355c24

    SHA512

    7ff4ce4dc0e2cecb19894cbf0dc2fe13abc96eb47811787c0988b0372a3b1e83eda84cea79e7ff1e15c3faeffd04b926a8a937bf50c7685a13054ca852ad41f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c3a8b4f9c71bc7592b7716ed061044cf

    SHA1

    c265cdcac51bf3acd0b8af4cca90025422a8635f

    SHA256

    b45707a995b3791fd514c0e636914152eff9383e2d40d41cb52d5546f0ca9c4f

    SHA512

    a9e33a6b0e73f9dff87641b55a2e99396b9ab45b96796956d40901dc85e192c49fd0b35c3d9043bf0dbe982f79af90acd024519f0380d136f196629ecd81d514

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a305a8f2f6c725825242132f5a3e8ba6

    SHA1

    5a99f90326afae9d74800b518472dcd53008570b

    SHA256

    7e2c804582685814e8f8b8d44d73625016ec789fbc360273cf1ae30bd2acde47

    SHA512

    80c7bfb6a68422e3840c5f745e4194762e724388a56ac41e3a7e36e323e484c5680454799af62c431b204874c848072cce25256582393307e3a505f72f33337e

  • C:\Users\Admin\AppData\Local\Temp\Cab691F.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar6A1E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b