Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 16:33

General

  • Target

    a158db602e2350088ab08b3cc4f41497_JaffaCakes118.html

  • Size

    36KB

  • MD5

    a158db602e2350088ab08b3cc4f41497

  • SHA1

    ff66c28e012fdd459474ca1f6d2916a6def30aeb

  • SHA256

    96f44db72f9a7346fa27b5f8c4ddc1a4d813a55c233e11b4e90cea9509940955

  • SHA512

    1b4fe18fc25b31a10e4597d810c0f3094dbaab41847c7b4730deed8738729c5e6d79494355c3b4eb7f8ab9de05b7d28abc3ef67f217ad6ba3320988c32efe7c7

  • SSDEEP

    768:NtHSIVkEKWCRFAhnmJKKkgNb7OVVAHBSjVjiT:NtHSIVkEKlRqhmJKKkgNb7OVVAHBSjVw

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a158db602e2350088ab08b3cc4f41497_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2268
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2268 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2948

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    32ec7b56954ce59078289fb977dd455a

    SHA1

    241ad003304e9b26f0f1a426835bfd73da7bc863

    SHA256

    5243a9214f2dbd0f5783dda17c1fc8ab2b19e73c1322c2fd401761d311717d29

    SHA512

    a4d40cf38c7edbfed87d11e4b90eda01bb859bd272f250a4a35f5802902139e2cf426374a2c13a7335e61f22d85a720fdbd5341237a9c5a4f5dca10abd63c5c9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bb175ee9e95face1a99cc9453317e9d0

    SHA1

    70f42cd792c69a087b50313298e94dc5cae7a45e

    SHA256

    f5ccc8cb6d7356c9e43e5140732c3966d11461ebd089c162112541356409003e

    SHA512

    6677cb750305a1df946dee27fcf339c9e116f6675622c47bf3073070ee61122f603c5e6b60e72fc77d721e0a005ee9aae5301be7d598888fc297caf868d18c07

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd06f1bfc02d8cfb61b6eec0e360c66e

    SHA1

    caf4f844f406f47f7cdd453335d4b7390f9326b5

    SHA256

    8c9dc1be1f2ba36874e01a26838203152be6dbe585cea4b3d1591006d2c30640

    SHA512

    7edf3ab7e657247ed2c615242f35ca75bc9e2e32e57fcf34a0254b7e60fecec281a6154c7caf1e8f60839d795b8d7f1f4b7e6e0d762a2c89f0aaa00785e080ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7662bf9f7e41a3a5e4b2680ef29a851d

    SHA1

    123a7aa8727278601e0488117fb157a2c9203207

    SHA256

    43ed9cd25c0754377b2596d9262cd29a40bf1a132157dba7624819c189b10810

    SHA512

    22bf84b17bf6cfab1bf9d82d16ea94da510f6ae10f7248249beff08e7778a7bfabe99733e3e64525db75d0962ccf91c98cfa22dcdbaea257970d731f264d1150

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a5acc5a1a3987759ebfdb816ff7c1c82

    SHA1

    25d33e3bd4fbb6bce6acffe1df56724b9f2979cc

    SHA256

    d256f0de1cc9913719a46784fdc96184d444a40a1995994f24c3203df5f0f640

    SHA512

    b65fa1fd732d249d28ee587e0d69798b88d0931e16637322892a0dd11498b6809d108912342ef2a1dbd708d26e9cc5e53013f9ae6a7e6bab674664687e424bb2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    98eebf920eb785c42032aa85a3c57a0b

    SHA1

    e08595edbebe092eeaf5a7eb2706cc963e9f0417

    SHA256

    4ace467594bbc15799ae6f89db6189977cce6f23df9c8e3b263c8ff5ba81240c

    SHA512

    c8089e631a0f8c14b778a2f6246138705e0c090bd0d7d5b6ee35a668935d86232e616a6b4a3e2ab482336328ad3a1d50de4caac9f526b456eb00c27c3ea93a24

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a31f2945b053084462a12449bba686e4

    SHA1

    22ec79e3646aca5a61a855d63f1086d674020804

    SHA256

    fce2b26aab9d3be8fd7e5b32ed3e8aa2d2191e27b4d46015f9c42ff9d8036341

    SHA512

    5203de43a8ce1fc935f9c4c3cd69eba2bccf6318605ca965f98ea38fa269a699c407c0ba6303870ac2908389b8fae647e2cb1f7b58ba6247d93f7587c51bc89e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a136cc7c8361f4e8c3fa96cd6c2dab71

    SHA1

    17690b1758a03ce26ae80da31dd108dda60d7f97

    SHA256

    655c345976679f8241f6d8e723e5eed1720bb492a28ecbe9b667eb791da9c06c

    SHA512

    e29c8eabccacf31e6970168da70f43e0b47e1c643d82e54330a0907bcc63393792243ac9a88d2abadae7cbcc42fcaa49c7a62017ba56064dda62fe0c55d4ee6f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6ef7d7cffe193a2f09692943fbe788f8

    SHA1

    09cd04c5f440e9e1695a6837863a6655341cfe43

    SHA256

    6b458c50a4de2a173b584fef0f218a87cc924ab6067de5c965ebf0a4283f729c

    SHA512

    d242323589bd10737fab49a1149cab9d6d31b2e59b8cf7560d330e765493d7ba955daafe63b937ce1faeffdfff332909f5f0171e4cf650db3904282661439fe0

  • C:\Users\Admin\AppData\Local\Temp\Cab76C7.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar7797.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b