Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 18:19

General

  • Target

    a1b478c8e8bddb8d9e7d57d144a7b1d1_JaffaCakes118.html

  • Size

    22KB

  • MD5

    a1b478c8e8bddb8d9e7d57d144a7b1d1

  • SHA1

    5173c9cd7d739c13a3f011dcf2fa06e94b027563

  • SHA256

    b58558a98ed99cfabbe3d25461f661736728eeb2fa20645f1b5b3c12d50a558b

  • SHA512

    e4ca83f2aae4de073360dbfd63006f4974d65308e622b57762a412d5de4efe478ad865c9d75a9a78395acb91d544a6c2a3518499d222a7b3ab2ca3f9c3921d65

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAI64uzUnjBh+w82qDB8:SIMd0I5nvHJsv+zxDB8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1b478c8e8bddb8d9e7d57d144a7b1d1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2196
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2196 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cce0943c1fa03bd30986239695d186f5

    SHA1

    0d75da4f5fc8e2957b0166bb484183565f888bb3

    SHA256

    d5d3900e3bf485b94afd94d33600ac27abe619b2f710a265903e2b8d0019bb52

    SHA512

    a7eaacb16432ba1406d2b3e7ef1ab6eee1b10ffdf7242804132db648d2132a9f62878e923ee610cd860bacbc645f136499dd91a7d46e96021e0c85b463b81721

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    48bdf42bb4b04183d51c969ea395ec92

    SHA1

    e9b21cd9330aab44ca804a285a9d0982ddd9ae5d

    SHA256

    2c02b7efa43f315762743c335a6893b91545f1541308abd28f6dcce4578a4a59

    SHA512

    1b371f3796a538715a80cee241dcbc65d0b983c2ba4ac756c277a30acf01a56083e881ee51e33f0f4bcb8dbae6ad28112ea65e934fb4f9459376fc410c70b899

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7a8e9f0cc973c25b0c725e8572ae886d

    SHA1

    d4b72cd6798511c7679465502b313925ffd13e9d

    SHA256

    c851a30e6eb59791db3af22d8dd46b1ff1bbfa71826516dbbff7d9694953fe7c

    SHA512

    e5ba8e22a5e1e0e9b33f36c06294ac7ba6282e8329a40c668870380a437577f76145bd3126e10de9bf36f8e29e4fdf5764cbe80c01e4af791ff2ebfcfce4f0da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7675772c000e0c89f996bc86ee6a3502

    SHA1

    c12d3318dbe7c33467f34a06f41ea6c5ee0b4202

    SHA256

    32c49ebf4aaa366e71cd9ab3f2b21b77113b7f15aaa77dcbdfbf76ad6d8b288b

    SHA512

    ebf7a93c0f6f65c40bb85e9fe1adbec3b3d8e34078e38b30aa991b0f24da65462e1ef431254b651c0e95127d4b32bf0bdc871b02aade3d9677400b45c993cc97

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e0bb59abe000a12d94cce0d8a6e0bba8

    SHA1

    6223ab1bb36d41d3c95b277cf88d28981b6c04c0

    SHA256

    c0143136765f8c1bd75737045ee97968fff6e3d6ccbbf46baa9ada28c1bcc942

    SHA512

    a8fc014a7ebe6bd7d373c3eef029009a0bd9eda86591644adf7c40f8127509de8a433b74eb464409e3e86af70c5abf0d084db23ee91bcba527eae4fed5075ba9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6423e3c88cce1aac52df12228e3e04ee

    SHA1

    43a20ccc07238394edaf6b5209af1af1527f22d0

    SHA256

    b830197d61053a2a5ea0f08a1561251e4f38cc35c7299e79dd86b906e8d27d1e

    SHA512

    1751db6435d7e928e01bb935d4da16690b49b8c450adffa781a391fe89df195358ebb381b23556ed3c583a3e4c4671a1300c2536e7141cc3cbca06828ee862f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    83d716e0d9a8e87681265d6050a7864c

    SHA1

    eb679661993d212e37243fd850f0c5af6c06e31d

    SHA256

    927b9e5e6ecef2d3c3e03ad62fa9e62da6cbf5c07848848b1cc282df1eb82a08

    SHA512

    888eb8dd61e1d05ba1abd0b00d6fac148e521db825eef6008084835096d193785dad7f97ebdabdfcd1f6e59cce959448d605b2e02f995198a5f24d4698faae6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d285b828023716e88cffd20b7acd7362

    SHA1

    8f969ca1adb0496325a068dd32aa97e46bdc0948

    SHA256

    b5654ad32efaf322abd3680bbe3887239cb0db8099b22654f3e71eea036ee4b4

    SHA512

    be78488a55539f7a3ce650bb7f81c11033de05f714705272575ee29682329df6f9da956b0d82f9a94f642cc26c665186655bd3fc0e51e0447608371a4f7131a1

  • C:\Users\Admin\AppData\Local\Temp\Cab16CC.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar17CE.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b