Analysis

  • max time kernel
    150s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 07:46

General

  • Target

    7ffcb723aa09d93a4eff755ea40adc66_JaffaCakes118.html

  • Size

    23KB

  • MD5

    7ffcb723aa09d93a4eff755ea40adc66

  • SHA1

    f07fe650b7ecdf34bd5e62150966285ad2deb721

  • SHA256

    5645a1e2083add3f1992fc51115f85b70d444fb9094cfb5b38f9cfd549bf64b9

  • SHA512

    243e26637ed7fc705ce5900f942ad29d16609f28d395b085b2223695e1278c00bccb4f9c612ec7802e78e32fb6492b4448374e57c3faffe520d3adb5040e4dbf

  • SSDEEP

    192:uwfyb5nIwtnQjxn5Q/LnQie6NnanQOkEntN1nQTbnlnQlGLnLnQt8qMBaqnYnQ7T:YGQ/UGdokf

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7ffcb723aa09d93a4eff755ea40adc66_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2344
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2344 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2932

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          fa68c88e63b7a333eabb3bcc440d562a

          SHA1

          8930c40624cf448753293e9322690731d0305d08

          SHA256

          935d59089804440b9c7071663ec54897e9be26f4abc6b90a83e2bd44bb24d3ed

          SHA512

          e7f17080092b808b7f1b5d17b1accba55e7626d8dd9c5861eb9e3421b7bd11c6fe6784591e4c1eaca32aec354f3c17bcf900619a9c4c213360b069fdd149c470

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8d6a205c778e288ffe461c10951b3dc8

          SHA1

          12a49e4b58d91985c61ef4cbbc6ad69d3318e945

          SHA256

          ab8a3651068450352632466f1b2fedda4430c566b36fe317d64499323272089e

          SHA512

          a96dcf0a1b514b633c57622ac065907a26d2911eba82e98a859e54cf081c692214dd44c534aea47daf3e5fd2667f85f20035c8248015f4a951cd69ae64fe522f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7afb9a939efd063025f4fc9a3682ed18

          SHA1

          9fa2ab2e74226d110b6aa9acfaf129477ad37127

          SHA256

          18e8b87587548787d61ee0c562fc31cad697ee273adc9796c1570d6d5a917901

          SHA512

          cb2492503b647be2b8c67b99c60b58d8aa94dedd3388d6effa3ccac383fc58e39cd2cfb37f0bd0204f38856a8dedd68e0d402935c1ae2902cbbc2dd5b227c196

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bba415321832c3c09eb66c9b12a96ffd

          SHA1

          01da9c5231f081da3e0980ea5b3a2ccd56cc77cf

          SHA256

          facccbf428ddf69b4f07c868d78ca48b472bd8964189cfcd4733650edb26575d

          SHA512

          91e2ee982bb57ab766b09734ae01a25595deed6d96b0e08b57851f78e92b60534a39924598b53da399434b00ee82fcfa8c445557c18a91d95983f3c0585d6584

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          10d96b7089a2bf18f9d55be8e888781d

          SHA1

          00795c752d97aef36f30bccc82c78e311026aec2

          SHA256

          522f0ccb4aad56eb55a3e5c902f6033d0c985057d297ac1b6e3b6399775c7304

          SHA512

          bde69b2cf2c4307436620107ef5fd7e927766680177f7f3d824c85bc2bfad50fa44a4d95eca2e659c517e8aa5a7f5dd269bad5559709f14c37337f0365f9818d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d8bec52bcf0e1033b731bf753e0ed9c3

          SHA1

          4b939fee5928fc6726d1df051a8ffdab42026c97

          SHA256

          0ba9fcfe254c14d7eb8ced1a3a26e76a5a5e823ee29c325cded15250bc217aa9

          SHA512

          12c54752d0452bc32f703af1d572524a5e6a87021eab2c688794d63f16b3b3766f47cef5a84d6ff90d7e1b2c2a7e92fa2254db3075fd018d30e2308088a71c5c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          21329c9133bdab0260178e43da738804

          SHA1

          bb5737db7d15b05f3baba3b775b857d75b77dc04

          SHA256

          4941956db76e76249a8b1c41ca2a896679e3f45627ee04afe0fe7fdea03b93cd

          SHA512

          04c2f319760b215eaa8ee2cf48734c9cd811456502d8a161e967a6b468011da9297293fbca367227866e2184521c05ba5fd0892a5c66afa9832026162de55c29

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0c1841d6721a98197e54a640bba50290

          SHA1

          8e995a8d2b86fc8a48632766f40974b25e9dcf9c

          SHA256

          c79a9f6f911ebe5acdda7806939171cdf8ca252dae9f02eee67915299c8600c4

          SHA512

          b239890fe1ee0167d87d6059f8dc3d49151c29a0e257970fc7a3e559fdf87362bb7893a12a4bf4aacffdd49c8c303202a3a2ceadf1f5339bfb05b28b6a1ccee8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0a4f228964f6c0cae95d8648cc6ae45f

          SHA1

          002e9a7536c57c405b20b176586508efd49b682a

          SHA256

          e977aed1eaf53d6b416eef734ccdab564c78e3eb1f8cb80e5cb0d7949e9a7efd

          SHA512

          809be820ad9557cf2febfa9c1deef40a543ee4f5fe63ffdf576ba54c8ae34220ba7eac46ed1533231c268234850fe26eebabbb288adc1e8b4ad60b92e6c8caec

        • C:\Users\Admin\AppData\Local\Temp\Cab8EAB.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Cab8F97.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar8FDA.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b