Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 17:10

General

  • Target

    a172e1a95e6f89239a7d73dcaba21e49_JaffaCakes118.html

  • Size

    23KB

  • MD5

    a172e1a95e6f89239a7d73dcaba21e49

  • SHA1

    23ec8cec733b15e77d76ad08e03ca1a992dccc2e

  • SHA256

    2fe0b6d09405de9b2b40ae3aed19235b0dce85c93eced9c68b014f36d6f6f304

  • SHA512

    a06cc123869586b7e9ddb361b696ddd38fc4aef4f3d2be2d60c6b989f9692f5b58a2f55d73c1d897471daa5d5552a5b669d49c1219c040209c66f552365d1e78

  • SSDEEP

    192:uwTtb5no6nQjxn5Q/nnQieuNninQOkEntZVnQTbndnQ6v06J4RnQNjMBOqnYnQ72:IQ/Jv06kEn

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a172e1a95e6f89239a7d73dcaba21e49_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2260
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2260 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3064

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a2791cd495923b899ac9a04b03a69d27

    SHA1

    39478a6ecb2bce4be1ddf1a82ed914f99eb12a7b

    SHA256

    2e24c789dc0aaa253ee3b01d7d23d4c466a9c1719e7dd7515255ed91fd7f26fd

    SHA512

    c8beedcbbb3335ff39057be43feb8f151b61e6296d4be4340c7c13ae3de5a0ce7f937254fdbc6fae88332f13334afa4862dfe95fdeeeb093659b1a9b434dcdfb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    36ca1b9d42370d58aa2274df12cf48c6

    SHA1

    95708afc620fa636a7ea24c8299b8884918fada2

    SHA256

    474b64d97a3aebcc469a06fe3a79e6964e053a049eaddbf5ab8c182c1a95537d

    SHA512

    b247cbbeecb0af61cfc6e36e501d7706e2129a0eef18bf2e989c84055f090c8309a328c209af9deb4dc61e2867aca8aa7aa643c46c87919221ce3da702681c5c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    821a96c96d1a6394a0dc5c1139fed1b1

    SHA1

    29ba1b9cb17542d143a7e412374a5458fc4c789b

    SHA256

    cd12635e4dca9c80407e4049a9c66253ba22911e62266e658c67b2c1f217ce48

    SHA512

    44272fa8df961be47a40508ae729fa5fd5eac972b2fa01da9b9b0194198c3afde81b8161240612cde0bf29a4daaeb0c133c962ac4798bc7ec1dc9746eaffcf86

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    63154f9f52c092f2c5f515b76d8f4ceb

    SHA1

    ccf7dd225b6e2aa549d4a2bee674ff19a91046cf

    SHA256

    5b935171ee9204d313caa390bbfe8e791eec633cf66844fb6cc47a5907d5d4c7

    SHA512

    28f67fae865f7c29c73bf69561b30bc7ca27a8e596e902b338a4754074685d850b32ce0176fab87f057afdce01b16b9cbf51dcfa448ddd988ddc53dd11106cf6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    80fb886030f94e40c0ed1b7a04afe75b

    SHA1

    a1ba0314df2349df33371fd2facfccfca998e86c

    SHA256

    84c64dbbfb266e4fe78d16ba7c996ecc05b9c292f3a46a3e2bcb8b17c6cb0c3e

    SHA512

    efd62b32cc80da5e281364f0d3546b0bd675fcd0faf7fc99f16668823114a30518e5ded600bdf29149479b0063a7b29c52a7d8d4c27367be30b9d75629841c20

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d2816f78cab802e28409207024c1e125

    SHA1

    cb15610621cd60bcaef2d0843d9c79a2d87171ec

    SHA256

    1997d867fd2d8647c0cbf1157ae93fb3fadea76022c1e18df0984ec52f66c622

    SHA512

    fee8e44a4232f85724f6809f2079e8be51a9f2431b2b46ab0f95a114379ea0f6e6b45254bf88450ef650fccb6dd529c8a6e93cbea910ce227e7b3c8012d5b29d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7a069e1c5324f646bf969c33d7e7b0f5

    SHA1

    4e577e62442d992d5ef47c848caecf16bb443aa3

    SHA256

    10a1ecb35bcd9f5fbe59a89e47a9a5c579d5b5d072be899e002dc2d4de2bbd42

    SHA512

    0846d63dadef5ab0bba45acf5889c6694648055ebf0a1e535b39064d588f15e1ffacab1dcb03a7ec03b3e79a6b0e842baac7b90ab5f1d2ad698a39ac4d4ae63e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a860eead40daf7769517b0daf21e5c10

    SHA1

    4ed1bebb0ffd581b594be23c0f98602064a3de01

    SHA256

    5216fd3f75b0d5ed54d1b4f7dbba69fe1b3e2a6e0fc59492268cb7be7661aac2

    SHA512

    fccb1ee071fd089421d1152ad5d708fa4e9f0f133374dbcebb40c99297c279e85dffc9d2bc4bd56a491fa9060593ab1414bf4c9631a1b070f60f2f32bc8bbf26

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e37535cf8d0c67b41fcdfcabcb9c19d9

    SHA1

    d15b5c818df09d136626ec2e36729f06ee8a4764

    SHA256

    ee42d7571c704c40908cad1ad8c5ccdf75ae5cd394e81c4cd75785a9344dddfe

    SHA512

    2533f1dde2518c8afcd0aa1ead0b51ab3e82c5e27d942116a67ff829bff1711567b01a0dd59ab5563c91eff2fcd5794f44674dce03a036d551f1d2bc631bafce

  • C:\Users\Admin\AppData\Local\Temp\Cab675D.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar680B.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b