Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    15-06-2024 21:03

General

  • Target

    b012c0cee4b5e14f74e71c19fe7b7d74_JaffaCakes118.html

  • Size

    23KB

  • MD5

    b012c0cee4b5e14f74e71c19fe7b7d74

  • SHA1

    015ecf3fc27f1c24af7b108641e4a5c083c0a9c4

  • SHA256

    7e5e76ddd8f2a7fdc322a28fa6f8772cfdff77065ccaa8aca5b0654232b775a8

  • SHA512

    bc1e8ec6d4c46f0dd52d5bb5669cf96f395dbb2f625e1643f2e26a8ba4c45641f26acd99bfe79a914a54e6e00f259fbf02fd30748bc1e4aa09edc37423a945c7

  • SSDEEP

    192:uWfMb5na+nQjxn5Q/hnQiecNnQnQOkEntbLHnQTbnhnQ6CnQtOwMB8qnYnQ7tnWs:zQ/KBus

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b012c0cee4b5e14f74e71c19fe7b7d74_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1912
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1912 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2588

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1819e6503f2cf4ebf097947a3be8af99

    SHA1

    0a060c77745a937f7717280b2768143c209a18c9

    SHA256

    452ae15d7f41380c4fa34df29170e36d06fcb33bc1c94e13be44484cafc9fbcf

    SHA512

    a1c61feb3c79a3261582de8c886c07698c0c223c8349e3649c0089d1490b064dc6f36ed358c7a00133f92988d7486c3233259984a74b62dd60fe51395699103a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    47b125ecfda6aa0432cd38aee4acb318

    SHA1

    e9407a0534c07c2fa09f4ad72fc3599cd04b532e

    SHA256

    56d4721916185c34507b0525e2fba24265e502e16aa9a8cbd59c812b6896c5c7

    SHA512

    61f63e43de08097cef11e60326c35d10d8518ac32779dee9732eac77668ba4101eb8694c8ac06f5b4a39dcd883c1d3b865fafe2cf5ae9af2a6371c7266a48ec7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9b25c8e33541f18efdbd06c1bceb4941

    SHA1

    23c6ab2799965734d31c49a3212e238ce589fc8e

    SHA256

    325f2696177050e2b551252a25c703d9f66debf56040d00bf48e16dc53ef0415

    SHA512

    b684452b8c2647edeab42c7d407a3c023b6a288175186ffd96484b0faec752fc7c0fe614f2243bfa61323f0b8867a82d7571b3851afc6f0043b7df53ba79575c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd871a65e9a989a3a38b8c7d274a9d21

    SHA1

    7c2cab82022427d0bb6287e1085c22ed0fb043bf

    SHA256

    037e5d0309f372836f63000900cc76e278b8a4558c402a2a8b372fc52a20bdf2

    SHA512

    3b1db7195bdc1a9044fb6fbf222c59531329a6680ee69c35a1577e5eac33f300616159e3dc1975996a55b36bbff17c100e69d394a61369448440cc16f078e0ab

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4795c0afa6ee920dfcfb8658a9b75394

    SHA1

    3da607f6b460bb7b9c495c1e2c5244901e774dac

    SHA256

    0f808efc5dd8373a61e716247c43c4b2b97e1606e2b5aa79abacf38bd427db01

    SHA512

    8bef749408ef310e2ec56b4cdb503daf1fb1f1f8e508689c06bccb1927c009e723f53ffdfcfbe6d06edd89cf38871fb5cbd23b7876ca0a4a0abd8d6be1578784

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    51fa49803c46bfc46824467c6a490cd1

    SHA1

    055c7bf9fe2ee20cb9c482c7b0bb9e1842907093

    SHA256

    d72c16f32d799adb63a9f0dedd75d8b7dfef227731362c984116a76ca4e1a178

    SHA512

    fb338e3848d2311ed04729fdfb1596a5e1471b95e5e5dfa1599720a2642e7fa3b3b12711ca413a662b24df2f3ffc573be7d031ff5310e919199e1c9ed45728fc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    664d60331c8b635dd362fb3ec94aba3c

    SHA1

    39fb300dae31c67ff487400764bd06e3930944f6

    SHA256

    ff55f36100aa29d1e343a2e5e336b85af27153e0ce8c85d556e6c4139ec230ed

    SHA512

    9cdd63d5e51529d6c11d8e293ebd4bccc395fcebab70e30cdfd5bcd2860db9f54b4936ff33acbaaa57adfa213502626acc32f4f96d8bc767bd3f4be961dadea1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    887dac4cca948ee0ae37ceb57ccb67ea

    SHA1

    6f7b947156935e76e075263685d0623379f537ae

    SHA256

    7dba5d9e648763ebd7d328d3ea25ed2adcd684b4c3824d5b47b752bd54a19432

    SHA512

    84810eebef28eb4a90e3282f9c14c81b5895eb4a40d3117694694c1f27546d0bd75bdb03aa9ed84c5cebd69d618774dca367e06d14dd1647622a886404bf916a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0e3ec30b4e6013d68215b34a362c440a

    SHA1

    015369b7a58c6dec455ba52ecac920da67154565

    SHA256

    95ad2d8b2125cc4026b0670ee4df33981f01d0095b73ac96d49ca91e736599d1

    SHA512

    cdafc0f4fb70060a2308ac3573e01c90c01c185d22853116f7f8ca96d80bf87363a9ba9de3ac8d2e6b8ce9e85389b1994c23af2d14251525576e89d78ba4819e

  • C:\Users\Admin\AppData\Local\Temp\Cab1CD6.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar1D84.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b