Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 18:43

General

  • Target

    a1cd1a6e70b93e635d1b00bf21eaff2d_JaffaCakes118.html

  • Size

    35KB

  • MD5

    a1cd1a6e70b93e635d1b00bf21eaff2d

  • SHA1

    fc861c8c1cc934beb37068903d81b445fa0f7c98

  • SHA256

    a981c9366d9911fd02b839af640c3799a21c302a11c32325a447a83e0b58129f

  • SHA512

    a0f82e21e6297a4e676622507cd603de4dc9267423d922a27494e58ae3d109b68ed9d619b6155c79108d326ee2cba8eee6200cb5190e7a55ade4a1e0ce4b1e11

  • SSDEEP

    192:uw/fb5nhsxnQjxn5Q/InQiejNnynQOkEnt4unQTbnxnQOgCcwqY3cwqY/cwqYQ3x:oyQ/L+bl53JJYpfgO+b1R

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1cd1a6e70b93e635d1b00bf21eaff2d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2372
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2372 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1896

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5bc10a1bc32269863bb6128c34919f1b

    SHA1

    61176b8028a2d6e3741b01ebe134097113d12a9a

    SHA256

    419e242af13156f40a3a5f063418842f63e6c490ed452fc9431a48ca0fb121d6

    SHA512

    33554c5841080e2d86586cb6cb3845150bbfabd97b40c28fa93a59e2def88dd911d83a1f1dc286891d33ae87df9972ba6eab28307b2c078ba47fc57dce035ba0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2365767895e4cd1d3545c7b1c10b8fa4

    SHA1

    26ed9a4577416226ba0349a1b0a97376f7ebe32d

    SHA256

    686417c627ca28a8847dedfa59faf1ce1c61605c49bf2476ca22392fa27cc200

    SHA512

    d53fe39c1388ad68900c89ba531147fe462bc1796e7d2a2069c150e98cd50e819c6f8353b93615c6d0d0152dd05dd11f3014d64f9061579ff7e875d11f92bd17

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2589be58a7f4da07b2e75c13632da865

    SHA1

    ce81255f90d27223b3d49797dca54fdb40f9d0f8

    SHA256

    bf3352ca8968d817ae7b4ec03776433e42c6bf87f699dcf04d0436d227c093cb

    SHA512

    12f0e7f96da1ed89d700a47239f74da488fb8153cdf8fb48010d33247bd8d5aab494f8cce4347e542a2a6c35427a4b30af27f08444d11d8eb02d4a52affa800c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cfe9b1dd5f5fbee8745ef9fb7b38935f

    SHA1

    5dc4e18dcfd0bf78e50710e9a44d100ab8803fc8

    SHA256

    fce6c1d073791d81706137bc16589ea1b5ebdb53626568154d1054bcaaae6f8c

    SHA512

    51629fe17f68c5bcce5354f26b7cc66487a6228d7222bad469dd6626e9f10ddf6ddaf8879b3c1b159cd4ce202647bf224d7a446a713b800ef7b2c5f591a396dc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a14e0dc0b676b2bdbb0f3098ff26e1bc

    SHA1

    c6dc8a9e85a9e88de72de6c9e0fcece4befc2b94

    SHA256

    6dceac90f4e66650a011db27609538bdd60304786777e5ab22949304ad22558e

    SHA512

    2b86109ff9808117b07bb4e1a84d8772be7100f54d4a4ffcff2cf84ba4f6e65841aadbd0c8ebb36e8115358c1b5b8e8bc5afa47c3dbdecf75b7f35cd68a70243

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7cbffa8f52c3b8a534733a56efd11db1

    SHA1

    2faaa2d0914dca9b032cbe016eae3d3f95eed1ce

    SHA256

    19510ce4e550076c11e29f6b2f41733f7ecc68545d5c39efaa5749b0a20c6df7

    SHA512

    e7ac4a079fc7f835d925798f93e25c2c16e733f58b21448c850eb7bdb886e87ed11df510f7c3df7070192cb2c16ef00c4c3350f256311830b349d38561a52080

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    afbd772088b77e38f846e1403d546573

    SHA1

    b2a531bac62950b16ddb54f552d5fb83566cad06

    SHA256

    0811463f82f300c2dbb3701a3a452d945b0175fcd4a808b99574422c7c1be55f

    SHA512

    8966c203e6c591c1c6db90daf88f2114a99f01310c2b542d2fcbb52f6b82799859fb87a9f29f09d4a259a283f559b01e0c1a1b8d6edf255032655bba3c75a46d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c0fd693ec444c9ca236afd525c921466

    SHA1

    879e0422e6a7a12bb08d95cfb3ea85f2ca6f28af

    SHA256

    ae569ccbf551a8f1b9a359c62af45ce5b1c86d636fabcb63188d316dc9926793

    SHA512

    427dbcb805a0a8f08544a4d41917ba4c30b8700609279a8a2d95c096969d6701748b561e4fc73c30f9a71659e5ba3925c099a959e1ff56786bc477ddce671f80

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    648f8a0d939cd6ef2c4316370c591385

    SHA1

    4b69670e8838a4b7a77e8e5b05dccf032d1b4ed8

    SHA256

    c4cb18b49d012710bee452af4162aba7b03151a78e483da453ca2cc54a71ec38

    SHA512

    1ce90393270063fe80cd4bbb5c2c3425da3ffdd778b13028387f17802dd22e4ef7e62b91b49486b9e9115b7ad84b6793743b9039fa223235054a4491fbd41fdd

  • C:\Users\Admin\AppData\Local\Temp\Cab8D9.tmp

    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

  • C:\Users\Admin\AppData\Local\Temp\Tar97C.tmp

    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b