Overview

overview

1

Static

static

1

a386e964db...8.html

windows7-x64

1

a386e964db...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 02:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a386e964db893249444e020f063c0ecc_JaffaCakes118.html

  • Size

    19KB

  • MD5

    a386e964db893249444e020f063c0ecc

  • SHA1

    10e3bf65a095067d4bf8092e6e02399b4847e8a2

  • SHA256

    1e7fc9057d2ba240f1e2a819d1326c0068663a70f4a4a0ac6985c8d96de2ca1c

  • SHA512

    b0c4d57078ef08e25cae93e5fbfea9c588d84f640d2e9aed648074c07e64b073eb36b00b0b08519e1a39efc8a96f032ad4eb8e31bf0f1723fed05d15b17739ae

  • SSDEEP

    384:hmg2pCCBQFo7MEPj0/eCYMcZxv72ZvRDUbE3RfWb6sB:hmgrmQFo7MEPj02OVRwbE3RfWb6sB

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\a386e964db893249444e020f063c0ecc_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2540
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2540 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2272

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9f203b3384f3e7f92425dd9897d51525

    SHA1

    dfea2ec7a53ce6d2e6f4cca33e060991c1811ee7

    SHA256

    3a62070224e4ff1e6e302582270d1f1098037a16cc0fbfd83bcd21f701acbf64

    SHA512

    8175149ed10874998a6322eeeca82ad76cdbc18ababa3dbe251a6c96efd893a99380bfa58aab900e2014094549e8a2de934f6fd3f6cfcb0aa26c1e8164036d5e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d287906801317deff44c703bfd83da85

    SHA1

    5cac61c97da53c8d46e31e12167bfa45a5c3f859

    SHA256

    02ead080fd7d965b36b7b69fe1d59d46deff32307849c82e1e5762357d40412c

    SHA512

    b56c0bdff6acd517bd555aece99968380cb47a7f8729da99f8605e0328d1ac6a4cbb01b1d06db883cd478f4e6c16f3353449e7400e17ff3c6e570e2154fb15f7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab786B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7ABE.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit