Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 08:53

General

  • Target

    802af8235cb9c5f5bbb4af34677c88f6_JaffaCakes118.html

  • Size

    30KB

  • MD5

    802af8235cb9c5f5bbb4af34677c88f6

  • SHA1

    0c5772e2da36b4012ae7f4599d16e90dfaccb42b

  • SHA256

    62586098a0c83e38032a093f136959eccfed3a8d5f52ddb5725cf7147b84175d

  • SHA512

    0305e36c2e52b86cb2fe65f39e188e06808d12c6d7bb54a469c2cf6de00fe1cc05eb982f8896131abb40f55bf65527d59f83a53c706eefc9f8403a759db88337

  • SSDEEP

    192:uw/1hb5nmWnQjxn5Q/anQieJNnwnQOkEntaonQTbnRnQmS2xhG0e8mx9R5g9Eo5r:gXQ/rhxXmxSSz4R

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\802af8235cb9c5f5bbb4af34677c88f6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2084
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2084 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3032

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          06730f32b2d29984c1ed01c9df56c6f4

          SHA1

          e59c01726d3e15ca83f795bee1e574091bb9b5b4

          SHA256

          f4451432e478c47791491e87aecf4a5981b0682713b8b7d375a0305a56947078

          SHA512

          575e30fc3b1728bc0c71d90151f660901532e77eca082716cd6102be8ea2cecf248399b6bda571d3537ddfbff012b6c60a55b0358847a82677468b20939a7a0c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          45e392758e16821a87195afb5780d310

          SHA1

          f7c34957e4779bbce4376c7770b214fa6dde0b83

          SHA256

          f5861d1346aaecea30881a6556515420bb3bfb9fbeaf102a689a80b071f5c874

          SHA512

          c930f3876992159d46522a5e7c6edca0009f6e4e8d8c6bb78ab78c774fc42cbb2b4bf8c8553c25e00a5ff7afeda9aec9fa6fe7a12c725eb0f8b3a9c5e36551c3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          91c0a90a6ed121c54b028e9386f1c888

          SHA1

          4307f14b536c92c4bab2047328af1f98c096f5c7

          SHA256

          7d125c676755235368b9abaa0fadd7c8bb53733dd7a028e8e130800234785f73

          SHA512

          573d4162238aebc6c31e0706f323b31ceb1811fad5a8faa442cd9ac0f969001f3c06ab223b21721062fd8203bf4110281ca163b7ce6bd0907bf38b9eb4329eae

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          047d74405cec93cb591a2b8f0d5c7e90

          SHA1

          03afafb22ff33685e845ae0b8936e1e7c6233907

          SHA256

          7d649d432087d17f19c01ed6ad800acc462a474676f181bd8eb60359c870a1ec

          SHA512

          3a092e1b3fd1b7ccc066340fdb8faaecaeb7347d1d6771237bf10ffd59a4ce674b51a1b1c04585e39ac3b269b2b861512a9645b42763c2d7bffdaa2347b1187b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ba691ec8bcaf69c09c0a49c2f48a160d

          SHA1

          ca3b37a184316ac7eb070b32713f7a83a3731999

          SHA256

          8a9f344c9d4e545cb0eda620a7a139d09a133d5b5edb834b1afb4f763b66af5f

          SHA512

          473d8561b101e2273984815ef500e484825aeb8b4c4744753014acfde11af196142f1845c348d0bf7abb0354a8cd8bf55f06b45a72b67a0ae039a1f1b5abe83e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          c3372381863ed93905300dddf2b2ac10

          SHA1

          6dbde7708ac00a39b0eb5b48f4599b02b4a6c9b6

          SHA256

          12aeae8b8c81c08c254be8219d3c41776d3385772bc1c21a2b51e7ab18fb2ccc

          SHA512

          3652f107c5c5b0e69e0d081a45515436d395093cb7ecd56bc67890c36e987963d10f9a5ff2455102ba289a7abd46ab235bf4c8e71ebba1e93ee2093073b76dea

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8e154a8fe4256ea77a2c44e0e6fae27b

          SHA1

          b8252641002e5da03b30ad6250d1423f6dc30ede

          SHA256

          dff3e0c3215ecbd14d85a54879fcc681fe07bcab525be14aaeacd9f8861663d4

          SHA512

          10745e8a7e5a5a626870f127f4af9e83809b5e29e9085007a4ffc3109f2ba3f5ba24697dec0ed56609384e7adf525f008546beb8b6dcac590d6cea2ae308a059

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          55ef346e790a3206e52a2cbf0e9a00af

          SHA1

          a947c87df83d8739bc9fa81c3ac590529b840a77

          SHA256

          25bc5c5dd7b74ff6672fad57a5ea902558aa0ec6ada775e419433bfd9703beb7

          SHA512

          6ae06312be721b7f699c820499006dfdee7b0ea938d9ccafa06c31346190e1d9e8d31ae37c5c6240a2a150d3711cd11f55ce5328e6c69988e12b721c81c3890a

        • C:\Users\Admin\AppData\Local\Temp\CabD0D.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\TarDEF.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b