Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 18:18

General

  • Target

    a1b4594e1211ebc834379e7525d7d391_JaffaCakes118.html

  • Size

    27KB

  • MD5

    a1b4594e1211ebc834379e7525d7d391

  • SHA1

    344fd8a2452de4ec9ca684d3ccdcddb54f2a2952

  • SHA256

    95c9af73558c6e1232442e0755397edf5cc80fbf01afe311069aa36f8e3269c3

  • SHA512

    28474a359c922cc03397c87503b2caef5ce3a83479c2a98e27ce5f90017f5eef4b9634475392ba87c45ad6ff38e7d126bf6df4177ecf217d0277116c7ffc9035

  • SSDEEP

    192:uwHQb5nSWnQjxn5Q/JnQiesNndnQOkEntH/nQTbnJnQ9e+Um6lhUaQl7MBMqnYnN:bQ/b3sfU9SWX

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1b4594e1211ebc834379e7525d7d391_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2488
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2488 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3004

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2d790c8508f7cf174a5ab1c48a140de3

    SHA1

    c8849f7dcee723142005b3f199d6fefc72789f05

    SHA256

    77fc729c8581df4b63316e5573ab1a49838eb71b6d87da0f88e445aee3ff476a

    SHA512

    24d108e4cf51f0c05545a3b0d83cbf0e11d07acb9667fa0711547f27db51651319209dbfb844a0270e3e774e29fab4e31cb41a098a0cd9447b86dedc5bcb7115

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c87b419ad0982f75ef79c127e3faafa

    SHA1

    76c5a6899c126518db95269e10d5c99797214ce4

    SHA256

    9853114aa509c86d38b35f93b389e4600f10629a1e54215f223d9dc78ec7ee84

    SHA512

    0fc5a91a243736627fc97bc9c7169060e9f5d0e042c283942c92e6169e2eb81870f03629360e0ca2c4ef0ead732e154af1235d41ead35a9bce3863028307e2ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6f746d91bd4fd6e0b194f6fb7837393e

    SHA1

    bb2f2be4e7529ba5a5eaf013f6f28f52077fc206

    SHA256

    b7cb1a5475b0568a6f5aca6edf8c47ddadb77509d2cf10ff7810fd7d865a2b82

    SHA512

    98987ca912c9344df46a9c64c374dfe83c2460088d01d03f3c104e9cd7cf6a47eb0f9215f3f29542c4c2077844b759564c008465c372fe6f863cfd47ca11c8b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    400972e15fe45eee7455e3c45d4a9988

    SHA1

    eb110389a3a50de1dab20f088785f1b496f20681

    SHA256

    666b2ac7cc62e480c4c73b42bd87f75481d65ba49beab0537518016bb1e2fdd9

    SHA512

    68446a892929b0d6689939c5d82a70ff20fc2d034362331811b1f131090ceb169203b853f13b80a8e5e6f901d3f009444509d863c01a19eaa28642ef29b6d3df

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    498133e2083ea746705a59d0ff0a2418

    SHA1

    8a8c2235373b6020cd18afdba8b7d482f9ee7d9a

    SHA256

    c197a98f1ceb4147483e8bea5089670cd2653039b9b2b5a4239aff61283dc2bb

    SHA512

    36f688b36c80e184c37450a8d84809220db6c5dee6cb15239ece77fb9143743b51303567f91414018870e37360e51f204c91708a1e8274a68f5994d75b194d3d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    08914e0afd1ee0d0926b1085a4fc2272

    SHA1

    6cfce1200d55c2875dcd2676b587bb00c43fd256

    SHA256

    172e84eebae4574b75e49a4a068a421958ee8269b684aef243240208b71091a4

    SHA512

    8ea586f4ca0d3d82b6a829181b5daa8be05fc5585c87cc8759fea41c86b66eae1233bc8229bfdc018139063490d782536f9f1c238bc16e5b50e8d6bf808c9e53

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cf94f668d3e9e1f9d7aadb413d167fc5

    SHA1

    912f9f1ea5305560fb300b6de5ba5f2d7ebdee47

    SHA256

    006671a7d6e65bb5ab271f422951c46bd189a41d06b0be25f808f8b7dfe59653

    SHA512

    accc6fff0007fe7da651e14d63e25eda491e518e1cff34f1cdba2153f6352b72f3946db8857c385fac7fc9431ea6b9e68fba9ce062211de470b5872eb9f544e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    08ca68b02d238362a7efc548184e47ca

    SHA1

    d670a5ca3b3d50a05f85ecda73276b0d4079a43b

    SHA256

    b649a7c603d589828565935988b845730bcd3a004bf856f842762a71583c0fd1

    SHA512

    939131f07b9e2f05cb1d3506e209eefd048a2cbbeca9e5e65e74b2317533e19d72d5233ab6fa5c29b9df0c6b2758a042552d603fcfb7507d8372667b182f4218

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    288b66d4f3109f068668471f4c2fa276

    SHA1

    5c2bad9b097e897c0d82fd164715f0e0b2e7f325

    SHA256

    ae2110072eb1c34872daca5da1a08fee9578018ea8719259f6d9bfb8fedca442

    SHA512

    589a025040a9fcee59781323dc6c927714cca55422a0ba1d82ab2becb2c584d0c479bcfe3792c003dd3fb8d51f01bf83ac4ca59e6a6fc4eff6fb3a629f69c207

  • C:\Users\Admin\AppData\Local\Temp\Cab5EB.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\Tar69F.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b