Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    30/05/2024, 01:22

General

  • Target

    82a2f7a9e9310621bb91d73dbce4674b_JaffaCakes118.html

  • Size

    28KB

  • MD5

    82a2f7a9e9310621bb91d73dbce4674b

  • SHA1

    420ae56122b083e34fc2128e69f1f9ae3be671cf

  • SHA256

    5180f4c59b95dcbaf889d31490d283f59788445030654d9918d67669c05c3e6b

  • SHA512

    6d5de1dcedf9994b05da43178aa8a772d3e5c9c24328884b512d791f360d4cd1e485d55a7e91f16a0c39f7506ab89bfa04f277488ba78d04e1743c914bf253ba

  • SSDEEP

    192:uWJ+0N9Ht2QUxfBb5n0x+0qyne5TjGtpKnQjxn5Q/2RFnQieykNnNNbnQOkEntU/:5Q/2z9WLHGZw+/9YOUiT

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\82a2f7a9e9310621bb91d73dbce4674b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2040
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2040 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1332

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ba3de4a85fedf0019e6d6de98f5622d7

          SHA1

          cea5b72f802505c4a2b0b6db1ddedc7b78be2143

          SHA256

          4797632e42f0a51178d26b3e0a599363521b51d6a82f6a7992cf006118a2b9e8

          SHA512

          fbac76997e89d0eb9077356b8997498b3139dac2593d1d73e560dfd3ee6956488a5e71336a1f4edf9d951f02cf1585673e11eebc61bd408f3bfb8151d131b55a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          47a28a754d023c535e10f30b827f0cab

          SHA1

          741e128d96d0c2032e745a654c64c09bbf3cbaad

          SHA256

          a0e08f18bdd47010ab1350db2d8902401cd9ad829edbc81eb98d545390701503

          SHA512

          6613174b4a94125d1b983937a73763e638ff0af6e87df3f174f814a20099950104220250595dc78939629515f1d6bb9c8b37a09b59fa739c8ba0d9b49c033565

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2ea17a1da673f36ac43a1e999b44fa98

          SHA1

          3a22a1d8f3039ca8871c0aa8842710784a67a718

          SHA256

          d4483c38cdc632bd4c515fdf65dd972ad6b2fc7aeff86199c7524b37fa1da863

          SHA512

          e471cef76c0d31af09b926908ccb034e178fda91df1bd7c8c8b9cae0a6dde40b2cc638f8601fc1d08b8ef3af935e1d5354885f76dba545af7cc1d0139206f743

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          46efbe7b4a2d70a8d8e981f4b5c18213

          SHA1

          2ee711b1ba0df198be7b81c0da30e944c7947c63

          SHA256

          0febd81ba3da06a73ebf8cd2b54b96ebd225205695aa162dc10daa90c856882e

          SHA512

          80d0dd269a90bb2e1be0d302f132eb54669b1e21ba000ae03632c3715e8cc45dd6d3936f62e14cc95e8ebff766608e0154185c2ed3c2f801e2030ea885f465a2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6fe8bca53d3e63b48149643cb679ee74

          SHA1

          18ba32be9c7c5a3e8f67827216ada85fb8d77ca1

          SHA256

          bab061f2cffa7e6bd4a4725008a4bd809cf4053736dcfe9107511bfd4100e6d3

          SHA512

          feccb0702a77198945642bbc0b603ebcfa75f9edb77bd5c4b2a679060bde506979e7e7b928da2fff1e2441376894c138d0867ec2dc089eddb61b134035587eee

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          54b13331baebe3cde6067b268b899679

          SHA1

          bb06a52dbef9abb02eb28a05ac5328c1fb0b6a82

          SHA256

          a6b42bbf2b7c34f988b363606b3e0ab392f1104a76b4bb9a5d014b6b976dd91f

          SHA512

          d67621412ba1056989e91d62ede638b4927448ae91e531aeee62ffd7518388b64cc5273379fff2300cb11e18fdc7b7f4186deb70a5be930f3ee540c55bed0619

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e090155e90952f5a4879e26a3e6824df

          SHA1

          ed16f0b46303e14ae8010cd144598b6692c8e3a4

          SHA256

          132d883f1a98dd431b0d1fe2c5c279aa0ff8321bda67f0d22965159dc9a13aa8

          SHA512

          0c396ed543203a82d836f3783f7b68b9ecdf33f029729e37a4eef934021896a76ca461059568ec9e29dce457b629c41e626ce1a7b6918394e29179ebfa49aff1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          86ba0a3481c4a841e6c0282db610b318

          SHA1

          26ebd6dcc79f9aa6b9b53c734969626e4c673312

          SHA256

          d1f24966e9138160e01027063f9b0cc29fc5aebc4923b8162b4a6e46113bf8b5

          SHA512

          b97c86f5bf120feea1810951e2468884494516847c2bf8652cf1cf0da439529df783f52adf34414916ad38bff6f29c342916e6818f824e61c75ca83bb3668034

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8c6192219cd2ce3c57320c4dc4080895

          SHA1

          6cb4a815a4208682bab78d60e81932936cc72f14

          SHA256

          7e43f474f7232b44d38368dc616c07521425a19a60e8fc1bd515c98aa6916eb2

          SHA512

          e820fcd9d343927f8c0de3deb21922d85db07349a0e4f32628dfa59d44f8fabdc63ef86395bafa740f6202e8fa270099c3c3880c6766c5fb22c7e36d365495c3

        • C:\Users\Admin\AppData\Local\Temp\Cab1069.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\CabF9A.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar107E.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b