Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 16:32

General

  • Target

    a157afd9477765678f9f22a429b92af5_JaffaCakes118.html

  • Size

    144KB

  • MD5

    a157afd9477765678f9f22a429b92af5

  • SHA1

    e9a57d6c3d6b74cfa49050655b6684baeda86c5f

  • SHA256

    d49cb61a30dc2093703e049a29117d4bb2f5785856719412c9aba7f3b61c4677

  • SHA512

    aef647cf5fabba2c5260542a3df3369a4d0c69526ba67734d6371687fadb4fb88c26727455b05db066594a11d2572ca796469934cb054a09c3a40b5207ad44b7

  • SSDEEP

    3072:SqTi/ix7dyfkMY+BES09JXAnyrZalI+YQ:SqTi/ix7osMYod+X3oI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a157afd9477765678f9f22a429b92af5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1752
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1752 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2140

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9461982000239a00cf33d743c7c285a3

    SHA1

    c33474308f994bda1f17a8d6d517ef865d612cdb

    SHA256

    c1c40f7f08fcd31e119a2bf8b9ebba3de37a8c6207bc0835609467e260802406

    SHA512

    1bfe648867e82a4e4a4f514cb8254469a90d96f5bac3150f02233f2f3108f066faf598de17ea92743208fc4e635f3cbb3b4740df805bf69e0920f581523d04ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ddc76c2bc9d8b18075fa87bcf10e24c1

    SHA1

    e1b097071fe2e05cbcc4b66d229232b0fd6afaf9

    SHA256

    e06e170507d72eaaeca8b13eec541c4c5ffb84c8a5ba60a119b3dbde74dad81f

    SHA512

    2a3d4430d1a3491b86210578c07da147f583e82c957ec912390a430c336746bf4b357eea0322d4c772e49d7e020ffe23604c643527270f2a3f2b72b0cec219bf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    926e3d5b2098a36a76e341dcc4fdb87b

    SHA1

    459630d24a24e73af5bc2043bbeb63ebc1861482

    SHA256

    9cd78c2d417193d105426d70f4a8fc41a9aa071db62062deb7a020561b2f43f1

    SHA512

    62a7b683d265f595c7b385eae8bc8d943959101f5f36e3d46015443d179df71bea7136f23bd4992e6c294a5b25b779956773461039e2790ce1970815e624ddfb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    de615f2b8b62d2ee056eb0840e86ba26

    SHA1

    a114490b893b525869c8dbddddb95777a0daee4d

    SHA256

    ef8953f971d3f45d97a8f0c2ba9f0b210de9d7d6a845f83b6397f20cbc209d3d

    SHA512

    23087ff6ce85dab3b4255f4205e179105878f52a083d7afc706dd63181941797fc317efe1de352527f66e56ffd008afad05209eb1b05ffb78708d329bc1246ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0af773d5497a87d9763d6ab3e09b6399

    SHA1

    d9f831076105cc3775d126e78a769e1fa3a1ffea

    SHA256

    cfc191991f740401ba823fbdb34c44069e74b3ac6feb978be949e4f41dab5638

    SHA512

    59f198db1c60b2d64d608e77a03fa68c2928931099891a60a1f4b604984b18de2f825bfa7310ac3b197391d35d9b132779f444b0de152d64875bb45efabae014

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1748562b6769aa45215cb27e4f8b0b36

    SHA1

    f972ff08316ac51cfc12c85d2ac579fedcb37ee7

    SHA256

    ddd2dcefa693ff80a2a3276df8c5dc15614503912270ff01fd342f8ef497cdee

    SHA512

    4f22cf04f03816cf2fb327178c00f97a50850b2d7928c584a5426d4ec816ce908def4abadc603f28f02e84e938b9f39e48f3c0879389b1cd8cb61a1b6550ae00

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b419682dbab0d2c45930c455d7a6c7fb

    SHA1

    2fade4fcacd5c5eb726fedbb6fbf26e6fd094e34

    SHA256

    398e126b10037e234845915e11bddc5c5d121012e6c522f0de2013ceabe2efc7

    SHA512

    9996ecb56466f47044952eb72a5e86d90263eb24c58b5efa2602ac1d35383090618e8e224766a5093af51798dfa61708efd071241017b576ae28899de157029e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cb1a0d9735e238c2a9fb0b0eb1ce2274

    SHA1

    c2ae979ab31bc5ec5e9436a4e4b15eaf91f4b138

    SHA256

    630c95eafe2cfa0deadfdbec353a9b145c8dacbef4864fa0f159d0e627880c4f

    SHA512

    a5115e1f2dd8cc581629d7180f863737da9621a5f0a7eed8aa6a298ed35d838f3e7dcc99a321ea785032c45e9253bb95d56ef60dcce7795e36af92b65ebc1bed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b7cafbc0ebabf28a4a759a6c074e395e

    SHA1

    2f7954842096eeb8ba3d2e60a4c65eb08ebd4aea

    SHA256

    9c4fee4ebe5440748738b4aa48470fb1954f978b7253d2b967a41326bce1a0bd

    SHA512

    eca586c4b20f44df8030b8edb8f110fa58649d767061f3f0be1bbcf2063589d035a2bd3f02c807f447603ee272bd9b427e2f1b318d8a6a78faa94ddaa4135814

  • C:\Users\Admin\AppData\Local\Temp\Cab1304.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar13D4.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b