Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 15:31

General

  • Target

    a12a5fb7bfc7a78e899fa5c7c8809580_JaffaCakes118.html

  • Size

    27KB

  • MD5

    a12a5fb7bfc7a78e899fa5c7c8809580

  • SHA1

    b1181818ea0d1d1ba0e1ec739c004bcc0a1ad355

  • SHA256

    f35b6d9014054b65107315f2b79cc065fd9a623dde4554be72b70252e58832f6

  • SHA512

    585702139d6aa84a62e39d3413242bbe51148878f344810f74fad14827d80008f5dc88823071ffa9550fc2670b9a7931b5202acf098b08c4c9344e805789c257

  • SSDEEP

    192:uwqg4NGYyBFqb5npJAMw9I1wIaJwuwxZVunQjxn5Q/7+nQieXhNnOx4nQOkEnttE:iQ/ro/KfwSbkN

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a12a5fb7bfc7a78e899fa5c7c8809580_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2500
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2500 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2424

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4d12ef4ab2d2bec5ae72522b866aff23

    SHA1

    d4bb59b36c4352445d83f1459515f5d72d1855ee

    SHA256

    601fcd8cb32bb804fe711b66c84fd44478bac074569eff56156a6b43490b7b14

    SHA512

    645e1c58430950d0d7595cc0841872a10339c878a0f920ceb51b087a91b10c0fd5730e0320edbb11fc4af26dd101d1a36f62f0d3bcec0293c52db1345d077f03

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    08276b0e9e5f48ebb627ee98906a3515

    SHA1

    72413ddd1a72a4381e1271c40cf7d22d86a8dc5b

    SHA256

    a5ecef81ffc2ecadacfa4ae0d0628b47f59ca87ee84a00b6038c89f06d00c430

    SHA512

    9c22f457c965a9e16592634655293f5c4aad66f18ef80d7084ec729746a72b044f54514b089a3e0c92cfeb3611b9bff0d460985d0055eebccef5e71d5917fe62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    69c5f1d2161c7b67707d7dae978db712

    SHA1

    66df88697ca820e3247c79ee71453ab08f9ed191

    SHA256

    9f0dbe7adeec474262bd425b232755bd3956ee7f34dc4f15030c2e93beea0cbb

    SHA512

    aebbfd048d68444ed8c8dd57893e16c7533ddd2d2c39e5578bd03d6bfd581a538cb1430b8ce4c49ed0982017a8c0763626e9a54b9f2cb61d994a506c2cd1fcd7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    99cfbefd7244d469ec9272d8fae975d3

    SHA1

    8cd5529f57811f6605c7b2d50dba39200f4c352b

    SHA256

    050eb93f7851c4557c3133f1cabbf4d3f09e3c6da82097a39250b3517fd00f0a

    SHA512

    d747dd7d7478765745a4356ea58bfc755639752984ac4ecfffe69f6d11c86ad3f19f73611b1574513fd098f6be5a49cac5ad22291347ddc409e30816b821654c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    244fa6a90689e5efed8b0d81f1d75eee

    SHA1

    2aaf81eab03d368eb31fe0684f56bbed450c60c8

    SHA256

    49198399c952565c59b43ae5f0e954f6dec3e7a9bce6aff050bbe4dfd62c5ce1

    SHA512

    4bd567bc6e0b8897a9666cb132d8b52e8d9533841b4c7947832302121ef9f2648046de46d177da146b8dd02f4ec472590dcc8d57b8e9746641a8f7e1dac1968d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ec262f0a00de15b88653994b2bb9d14

    SHA1

    157c754a797459686386477577ba82baabef771e

    SHA256

    e39331d24966f44e8b16d44f84906f1ff284222cc7c724400d8ea968350db5b1

    SHA512

    24c268f8c4bb348ed6f5503acf190809a31cf752a1d5573fb64b26b404e9b6221d5d64005870d92f53c4e75aa83c9e85a1ced054b7febfa6b3c8881c67352436

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    69ef2cc0922fc17ba83abe5f13d1e7e1

    SHA1

    914c4d64dc6aa1b8a0b6e0af1570db6f256bf930

    SHA256

    55bef446951e1528770bca98ad51abb75a083321673d36fadd4b11458394ba9d

    SHA512

    5049f029c9f0e9a962c3d987e85c9504e5d01f5af3810b67a8c3a95250d9ba55251471589ae5a7cd888327e499dd081d1bcc2efa5dc3ab30bb4ed46e5b0da56e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    02cc18fdcdb88a9bb2d51a452c90a150

    SHA1

    30150bc89b06d517c67f189a688a7cec7e4dd1b1

    SHA256

    66f91a82686d347092c3d0b1112f61c7670e6ea1f46e78e63a32ed3d6b1b8432

    SHA512

    42ca91a09f9c4b99d7cd4f6a6cf14bbb77a82e7d12a5db0474d64bd8294d32ea4cbfc769fcb1659a311c2aa2e3e67d70debc9c8e22935a9fb2b8dd197a352c25

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9b2295cf9c0cc755bb8d271c84d222f6

    SHA1

    2c6029160e9d4d6d1f6bf94318a73c3305674bfb

    SHA256

    98d9e5291b37d372691e0cf71787206950c8ddd737a75a8e44c58ded97dc9027

    SHA512

    de8b8047810aa3dfa480fb0c9c8d01a458d0562cf580a4fbb69050d3f70e521d206b4581932c93b71558dbb3e4008f6a06b9f6ba88961b39152253bf57ed8d41

  • C:\Users\Admin\AppData\Local\Temp\Cab17C7.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\Tar1889.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b