Analysis

  • max time kernel
    134s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 16:33

General

  • Target

    a1590faeb96379db0ee6fca5bf541293_JaffaCakes118.html

  • Size

    941B

  • MD5

    a1590faeb96379db0ee6fca5bf541293

  • SHA1

    20df3a9e0d878d1d8b90bbde38cf7eee7164c930

  • SHA256

    e4df672e2d2475d3573cf15942af57e3cc93e428c3e5a7348fad63bd3a3c90f2

  • SHA512

    8ef00fad28e572f1c1349e5202ed8e4a45b9c19a050b31faaa59d1a92502a498f387a325fe7900c11bcbf15d91cb1103cd68f397d083ba0366b1175a79049177

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1590faeb96379db0ee6fca5bf541293_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2388
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2388 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1216

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f330b4cd83787babb3b39c97e47e3955

    SHA1

    492f94bac0e55df2b43f42a8759ae34a034e9a1a

    SHA256

    b02d61ad7623aec0a0db35c69a0695ebd01691b58453b5b52e262c004ea42c44

    SHA512

    8675be890f4e8eea55e13447aa1a838e44508a7cbc6bcfc26c3df1edadf75e2cff2f8412694bd5d4221aad26ec5c92c2178a034ac36a0319f078c85a3cf0fb29

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e40f9b5bf419ffafb79eb40e61f4a274

    SHA1

    d8db39ebda4a18f7f7a5443f9104f61738daf1cc

    SHA256

    0bda962aa0cb888b564bbaecd423ff1a12a48eb72eff9ba088725276405c4a47

    SHA512

    701c7584314af0baa2b78c57df67fc2efbe8dc9ed607dcc904f9c36128b821441c2d143f2718cda88413cf73247bfee2a1da6cd5ad691778babce40c073bd7c6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2bb726b4bde5f7e032d895e637259487

    SHA1

    d4d2cb1be5bd1a07bbba6bb33f33a856d64e1e06

    SHA256

    b8c03b0006511f68152279897d79f6f9c60a9a459ce5226cff32f755d4bf4e3f

    SHA512

    8624c2b79ecfa855b6f3846470d2f9951242242cc75ccade575d786137c522d713a11e9c5d4d4e5a282273bc02111eb9c67e54bf34c4795c28ec3c7cec2c0129

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6728a031061da2c5ad772a21955f66ca

    SHA1

    8985381599c4b09835cfb4759666a1e5d20bdf22

    SHA256

    719ac3ceb81bd24dd5e76935efefca304f0f105d3a9f16df20d0404b71640c76

    SHA512

    4de5dbc69fb1abf2df5daa809e5c5cf7cbebe601e7b50dc1ded14b584553930f8667e302b58b266f37e5ddb43c3c4269783106afb9edf337ec0d39bf65340bf3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    524fb0ab5cd6e72c81bc8c681810d995

    SHA1

    0acf4fc9956eefcad2e8cb034eba31c971e20180

    SHA256

    c589eb703ddaaf767abce3d13ca80e32448a210e2c593ade36af5c9b5632e672

    SHA512

    16fb712bf52061c00c39579835ae91294916b9cf983d11647d6fbf03f5423239a980103694c5cee6a3cabf0334a9957668c749a09d521b17b69cb524e9b82972

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd7a886387a74c1bf092d7cde0b8f1b6

    SHA1

    f460c5ab5d1537c2fd04c7bc170a1451ee19da04

    SHA256

    69fb77ef6b95ed95358a47de2cbc59a76f1cfb1022e7b40a8d47d73267502f57

    SHA512

    3b353d1491e9cd403d4cfca9e8e0f69a81917b182545e498a91ca326c70061ad1e2424120d9ff8ca99ad8bd99f23931473b121b93f3a7b89f57f83b9def3ee7d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd8b386f4367a99b4f517b5d2535e852

    SHA1

    ad07a03605ea427ae907c5d8e937fe9a002a9fa1

    SHA256

    11bc5367dbdd3632b58c5afc2591cb959395e8435219ea4ed555089309b7a47a

    SHA512

    620dfb7242c675ef228e2442af8e04e77e3d1636aa8b23c8fb4116b784c38379561b2ac378e5752f324f66943db32678bcaf22131e2e94b8a6ea28f8e0914eda

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    42ebdeca7ae7756e4b87b3293ecf608f

    SHA1

    fe34bec4db4b8e071dc115967b0ba7275e4e0770

    SHA256

    7cd74e0f2a78556068c15798d7ad41a5e4dfb08c447f3e12a2ef21bd2d4ccf37

    SHA512

    071d0a7c2eccee964ae121c53dcbf262d9e13f4223ae17146fb0f0d240f358076f4f59631863836dd6ac924c2cee1bd7803bbe62e91d5f00a2b59e0fa72c38ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    10501620b26e4485d3c8e9601433401a

    SHA1

    651e7df2d9cf5b5ffa2bb3af8d4291026e91de9b

    SHA256

    544835f87fd2f0a63aec2c78e710ddb5a2f7657cd56ee4afaa294d1e34ddc79d

    SHA512

    aa9333c43a23ef6c8be0f482e26d6fcbd3bde7aea1b9b5708de794d79c2158b35cdde7176635beaf00d0b2b6a6189384a2eee7604918cd8a6ef9aa58441ad38f

  • C:\Users\Admin\AppData\Local\Temp\Cab1602.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar16F3.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b