Analysis

  • max time kernel
    132s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2024, 18:49

General

  • Target

    a1d46e99b9f122f5502e1ef6b9004996_JaffaCakes118.html

  • Size

    36KB

  • MD5

    a1d46e99b9f122f5502e1ef6b9004996

  • SHA1

    8bc466e5861789721baa2859bf39cadac222b9d6

  • SHA256

    87469afaf5e95d8c7796c675ada1bba0f41257a9d21fbe5f5efaa8b85157f9cf

  • SHA512

    aaa14bfcf0d7846b343276950163cbeeaa4349e68e40a224a706af3fff4c8a9e72bfb823db1f9f6202f927e7ebcf5649852593730c036800f574fdc8e8d929ba

  • SSDEEP

    192:uW7wnb5nFi/TnQjxn5Q/JnQiecNn2aRnQOkEntrnnQTbnJnQOXCJA5skY3xP9YIv:aQ/ca+Qlr7CzRtifRg14

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a1d46e99b9f122f5502e1ef6b9004996_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1916
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1916 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2328

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c47f546b26273897f62918f4f08afdce

    SHA1

    9576b34f20b4cea8c5bf69f55b75e1411ab2e8b2

    SHA256

    d1ef1b7bdce8c646ade11437915a32af41942e73d5776531a5ee94da702b7c14

    SHA512

    715bfae4d027d786e6389ad47d76d492fe83669dd2f3ff684d88c4e6c41c05764d190bf2510832b7abd4046964e45e8af58d4b3e7d5932af19714fe00e53d36a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3005ab85ee2f0776ce42956382e87868

    SHA1

    583c1a137f78460de8ebb7ff5c83a375b74338a6

    SHA256

    fd6b11d5df7e693b48083cc873357dd5c7ad9ed38d5d94458f92845a1c76aa4f

    SHA512

    0dfe4dfc8e3c2165a8c8e580cbf031d79e49f031b7fe88f256306ac3491715daee071dce583e03814a8a1dde931ed9ce76604170ffb9fc819ce2b1c7bcc8033b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f744bc4fe20e94c4ca8f39a6290d1679

    SHA1

    c58e70b6651a5164e63caf8c23a61e35089f2ecf

    SHA256

    bda370d4afd2a57b04d3c83e00db30f3d3176a8f91ddd3df1a4033fee6698c0b

    SHA512

    c508a1946ec1f3f2e8499da9b692f2832db8654718adba872dfa0cc1d4cb76cfc3078b72b9b306714b267646e4ad60f85c9d1cd80a44b4da8dea5813a41b3368

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0631686b51df42fb606b1cc6ae82d85e

    SHA1

    82a03db7f28a745afc9c5c104f22d637f242f3b3

    SHA256

    70cfc817d50f781ce23060f4b551251dace4169e4808628337900c28a7924722

    SHA512

    951d69fdd804e3d1fbfae1ff37dd1767712d1e82a5b168b3781a001405757b3a265a079a2c06b9923440f2b48c8cb4091fbefe9143e774d90ea848f7085259a9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bdbcb3fff4885fcb1cb932d125fe88fc

    SHA1

    03ad8d46f3f0066836502ef10cafc02035630aad

    SHA256

    1c0d831b5e8d8ba691fda20c007f07a730a9d3c1401a324014a5f1ba3edc246f

    SHA512

    3f8a3517d237bfa92bff10a50a26a621d04791e509da259a42762bcdf6cebd32c7c322248317db16737a9152170ecd982ddc38b1735e5a276b8ff535ad691294

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    654c512ae4e2296659dc65706f394458

    SHA1

    9665fce6cbcef1c8a1d46239637c3431acc2cb21

    SHA256

    4b8925554d451775ac11272071224f3ca5e9a0eb3f8bd719ef18621c0c03d4c9

    SHA512

    a0fde55bf121cfe1fd456f6895e989abfb5cf9fdcc754acc20488ddb03ec6948af5e716b986d9a158bcdd8bbb0fb1c1f6d71f713d1240b6d614363a505bfdfce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ec4163c594b6f3b9a2bb744bdfaf87ed

    SHA1

    85f3576907eebac2831933931ac64ec19cc4cdac

    SHA256

    2f37160b796c470ed927b32520c732126ddc2b4a5631b890f4ccc6ee6fe9613d

    SHA512

    6d89ba49e289b82791fa7f832fc3ad59e113f37d5a39c1003a6c1b212c6b01a8c3688a00332022caecd12a4c64e8b4a67303e643cdbdc5d1fdc566d610833f72

  • C:\Users\Admin\AppData\Local\Temp\Cab78E9.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar79A8.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b