Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 16:32

General

  • Target

    a158243ed7b4216dae8f6ae15fec7d96_JaffaCakes118.html

  • Size

    19KB

  • MD5

    a158243ed7b4216dae8f6ae15fec7d96

  • SHA1

    cf3fcbe8137a2f43ef88a761970c11c87d63440d

  • SHA256

    8605a70e8a117f4791bc172530aedc1fc96f4b4c04d12793442f611c701fc948

  • SHA512

    b07159360dffcb2a3cec239ffb689a6428e8ca0a3ad090881cc418a815cb414b34af63d189820aa480d90b79daad104a1bb037ffdbfcb1be1fc9b44c8b4abf00

  • SSDEEP

    192:uwD2b5nqlk9nQjxn5Q/snQiePNn2L8nQOkEntc2nQTbnNnQmSgHMBvqnYnQ52NnY:PQ/QLpq9N4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a158243ed7b4216dae8f6ae15fec7d96_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2300
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2300 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2448

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c5ff24ed6042db9d519b7957821cfa0e

    SHA1

    3e94963856426bfe7d5e8d9e8f63d90daf2b2c92

    SHA256

    04546b85e645e2be61cb41c3a80cb4fa50774f19c4fd672695ede4b95ca1d993

    SHA512

    e3d589d89693e4d851624fd62e7d8043898960a53d6b580893e29338e0697db9e99a1607cb3e1b4384aeef3be404913f77dcaec49d8c0055c54e54ca1d5cadaf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fcef096aa4edeffe1af5678b57909511

    SHA1

    eb1d2fb8e955cbfb75d8e4cbe582e2e66017f0fa

    SHA256

    1e2c1db04925b76204a657c25eeabe4bab335bb670e7e6560f739753c907a6d1

    SHA512

    b6fde8c5b81d063be11cede71c1aba07e775a67ffdc8fee8df74c86688aed00dc79e47ff2f4bc6c799eba3bcc80d3ff19d172c45be111e15007b81847589c1f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    418447557eb7e94311a88e4e63b12006

    SHA1

    abe17bbd7b5b2a94ffd16870f13f2d89d19e0b0e

    SHA256

    388663e5d4bb447bb4ecd03b2c9a60e71fcca0206ae1f955d9788ba03406fdcc

    SHA512

    53aacf32f6a5d50dd7ac35cc5c126e5cbec1b9e2c07c12562734b825152eb022a749103d4ef8725d03069fa165ddb7d67230874f983a7c404c1f5486a215bdfb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4acdd1ff0fa84b56d79ae2dddba491ab

    SHA1

    61683e61c2ebbce56439abcedfc5f18828b34473

    SHA256

    0141036eeda1504cf6d5d9327f5e6a1ad8a8cef84949edef4d8185d8b5ffadda

    SHA512

    75a5eeada72d691e161bd05f766ebe3cb2f8ac739d17da98f3e29d261d0ceb9197e5155a5f62b302d4acbb7bdd27e52dd4ff30f0c21ee93a2bce5ba6e02dbcce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    14ce05d41ee289b1d78447d79a82880d

    SHA1

    02e99f83835c8e73ba8003ce1ec57e286edfef79

    SHA256

    3b05d9db026bb1cce252cdb771631c9308fe7b0824fd7ba0bd19e91b007f2a6c

    SHA512

    39510b93ade61eff229e29b26c5f0a4bb16677dfd6c5f0d305fa8cdb68deea7772583134f082ee24662a84687fc8e4dd2294bf97ab4cd53c189fb01625c14e12

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7f116d813a89d900c4a9afc89dfd8cab

    SHA1

    4c6eb8c1671e1aa59551ed8015d865d845461b20

    SHA256

    308b1c016bb9e61591f90512df555b2cb91e1e9f098b86e5e53645fa5cd1c78c

    SHA512

    c0b1917342938e8d43a61280254ef233ce8324958e7861c00f903137d07242b33811989237a2549c7e005eac1c5a81123537ce1556418c39d166721d39066d33

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f5deb3ad02cd2091bf3dff26be9dafde

    SHA1

    2171077d9789dd5ff91947611595d0e85ea83be3

    SHA256

    3100a12ecb0066cf38ec7dee1f3b6c451845ffe065e80b3195f39bca206fd2eb

    SHA512

    aab72e4b47cebd759e61c6d8baf7a51807bc6416afe844f4ab02423a4a97083bf0c4a8fbfa55d87b779e727e5b09d5ac0959b5e716ae6a67b9579c8116dfb3e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f58666d12f33625cf50c470ef67eb377

    SHA1

    37403b6210f5d10e5775a85beff7da48ea9fdbf6

    SHA256

    3522b91d19ce1bcf4ab38dc4f53ffb350f602f724060a13ebe40abb0281ab4d3

    SHA512

    6d94b3063bf90433462ddc762d6027a8589220fb983beecb69258f85da72a3ef40d21525167919c8fd52907d90c3786417ee5db2f7d944eabe0c52720e5bbba3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    34c4eb3790da843b78ba47da34234c24

    SHA1

    b6adb9a6a35ef395574edcfd8d7589ffbdbe0257

    SHA256

    65399f0f6f13997de38aea0a5bcf0fcaa930cd2d0193088cd9d7536af27f5b17

    SHA512

    7bdbc103f4de5f59ab4b0bf079a5d94bbf7f3ba3239fc257dea18541e090df622195934fa2689dd332392354178de41b6b0f00f2b3ee346fa818a32c718b27b8

  • C:\Users\Admin\AppData\Local\Temp\Cab13D1.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar147F.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b