Analysis

  • max time kernel
    150s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 15:33

General

  • Target

    a12aff3a328681f2f26b387af8c8440a_JaffaCakes118.html

  • Size

    19KB

  • MD5

    a12aff3a328681f2f26b387af8c8440a

  • SHA1

    d7fbfdcfba280ee681e8ff4f25887f3283c1fcbe

  • SHA256

    1c508d817b3033a21a654ddbd9f39422681cedeec714928c335f072614e427de

  • SHA512

    83b1d6a3ea011a342ca117a123d61ab82c705bb1a9f1db8853a3021bfa7dce705c306d6b570dc4343f95154d7aea24c1c196c7212c7544140ee9815fd2257200

  • SSDEEP

    192:SIM3t0I5fo9cOQivXQWxZxdkVSoAIM4yzUnjBhuw82qDB8:SIMd0I5nO9HrsvuzxDB8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a12aff3a328681f2f26b387af8c8440a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2072
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2072 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3032

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd49013829d2641ec8cfda88d1a2e178

    SHA1

    46dd2887e3a7b14766620174468fc01374c7d8f0

    SHA256

    95d290a8193f3f93b9d747464189204eb29adda68a254bc75496ed0ac1de0b97

    SHA512

    37d84a5bf770429fb7c149e89db6fc8ff7d3656d26b7acc72b7ed2226e3eb3479defad8fcae789e2f0ae9dcf9507c187fddfc55f0b19fd3cc607178d236c118f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1b190f2f8289f88d22e922d03bdfe648

    SHA1

    4413674290d4772e7d799d3cd362509793ffdc87

    SHA256

    2593ae3f0a330510775d39cbc22f8e9ed1c44890f526b0c9cc36530c652baa10

    SHA512

    ba9c6972975a0e54f2dc936762db9efddc83c6a09cd55f0e86fc734e03844dfa24ae9c91a91249ab46c1597af1a04f46985a7e36dc300fea41fc106f5cd6f791

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63161ff622893f05590e90738cee20e0

    SHA1

    6d260b30f1e34d051885d977bb293913dcef0efe

    SHA256

    6d1f1bed674f774acb9caf020845bfc299c233a92453aad01b2edaff8b11a673

    SHA512

    f524024789323072b1ab19e2ed82c21b4a23740f669fa72a1bbaed2533a12a02d975bcb6663f5e5d19d802813c5e646ed0013d34c8aa16fe55eead32b4762be8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5b163aa0b1d1c4cbd27be8382990e572

    SHA1

    bc38ba4d837f66233432fc0ebfd69bbac5c3a772

    SHA256

    6d121d86136a545861b600ed3c7071fb301fe66c0433a93513b825f68998b8ef

    SHA512

    1bb63913d42f3bc43086389f5dc94599b5a483e6b4eed617c37ed3ec1da00add117605a3723539b64a57a26c253f020a688889554a0b9a11ee683e2e7be8f3e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c93d93a8fc4155e4eac343206f15459

    SHA1

    6fee08632954d14ebe32929684fb02ea0189737b

    SHA256

    c8bb9563e7137b21515a642018304a3acf28db1007a34bf4f5cf6e45a5a75b25

    SHA512

    bf87ece3f3aa65c8362477661135ed40e827c96e565c53f306cf790e3d093b912f2381902f61ce8c7f14b5528376f34a8b35cff1357f8fa48f5b415fcd028b58

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e47d6eeaea6e55fc76083d56ad7f48ba

    SHA1

    e68ad68949a4586753ce777ae0aa703dc77c2d3d

    SHA256

    f6e492befeafdca1e2937234c9055b2a5ce0a1a237ed88afdfc75b1cee0867be

    SHA512

    b41e5bc7d7277208fbf407c0472c0062c06910c60864e2471cf70b02ba957a5dfca826dbb94c0bd2d8d65f065da6451267a07ff4d11f0eb641a8e4f6f836e583

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf1a512c83f0689a6ac90f8ff5731a19

    SHA1

    94e9db640b67ea562d2d9c17146bd7005c885791

    SHA256

    806bcdc7ab1e6573c3eaa10a05e35d0d8388dc4b0bf78da4bdce3bdc5da9d328

    SHA512

    4fcbdcfd2574533282342d6faae7f703dd26df1886c75a5fbdfd06ca99cb0718565f466778ef18a2d473519d450ed2a02ca4f144f6cfc3f635c302116c289a2c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8b36959497d203590f801987ecea8cde

    SHA1

    96d6e9d64083c9891fb5dcc65d286182ec9ca79b

    SHA256

    353761df93409482a47f462f95e50a9b1dabd6cfc785eb95f14335e6d5d7c883

    SHA512

    43780d4e5875b6e5c96aa7f66b03409dfe5b94767815589c8bb95a8c74aaff32e824b58825e34af0220a3d7c17855a461dd1add48b0c6e5d65ce1b5872a8b0e3

  • C:\Users\Admin\AppData\Local\Temp\Cab60D6.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar6176.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b