Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    31/05/2024, 22:25

General

  • Target

    8890b8199e5163fd06a15b1a2b25f84e_JaffaCakes118.html

  • Size

    27KB

  • MD5

    8890b8199e5163fd06a15b1a2b25f84e

  • SHA1

    2e918714be17d09d212ed794e1f3c12ca553fceb

  • SHA256

    1ff8a59808ee7a130f0f9328295da3a06c51d4dae7ceeb207a8e0df1475477bc

  • SHA512

    0f0c1ac9a4692a636fd9642c1dbfa6ed89fa86cae873881839e05d12b610f0acec0388551997d6d9cae69684c958115091f525eb2d30a6d0a91ac737c17e4fb3

  • SSDEEP

    384:+U8RHq95S104QsJq1vclpfQ/jZkaGlHaiJ2UaUg+dJmZeQeDAU6pavydNmSH9u6H:r1vAo

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8890b8199e5163fd06a15b1a2b25f84e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1680
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1680 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2612

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          66e54ee6937284060a9e036c84e98051

          SHA1

          28b1d9fc589595941899a178e9323a3b6420b755

          SHA256

          0d46e2263a8c513d0e5916ce1c08f35e15bfbb7c21c14efa183e973628ef8d9b

          SHA512

          6c8fa915d4458191eb02e23e37dc801e1657abba445e6fc9c2761836ebf2920742d9cc7487c43f6ce19f977ca5e56c01e4edc3333bf6b00da665d2dd0d7f1bb0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          753db1f17c578475c5b8a57b00bcf849

          SHA1

          e2b3b26b4d4f694083b45d6042e6d8ff000a528c

          SHA256

          fb646a9eee72c26ff548410f94af3eceaa9feb51844ab9f636ad8019880ec83c

          SHA512

          7876b40758992ab5e4ad92ae66df142a559165a3e433a20787616d08de5e5a23038b480021c350e5194b5e97edc0dc1c55c78fd6320f367939c036305beb378d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4e7aab0196514e3994afb0b51829641e

          SHA1

          992e77cf68a6da482b84ad12fbd62039b3dabac9

          SHA256

          96df54c0285a196e4a2c1d90d05e45c649d54403fa7e27932d0fb3e230a12845

          SHA512

          7d9b7d69365c6747c6b64512b4faee7bfe3a288f999a7f3fb73a256984740187992cd5cd58c27884b388bb787c43e351df8d7625bb588fa6e9f5c2d9b3178cce

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9e8e9b23f99b49b96bda7fe3d402771c

          SHA1

          61ea8570ccdbd22d93ef1b87d9c24a89596077e9

          SHA256

          e4facf399972a503c2d805363f0efbf6776650b586ddba4b2211ffebaac46896

          SHA512

          94f0206d61e0ce915294c7106117671e816fdf6498f2b4b1e611db55e337ce313b19d9f9e0a0f90ab33a6986b14fc0c8fc1d469ea6fbc426abcc36ac33ed0408

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a5bee4b961f3ce2a59e41e63a2a17512

          SHA1

          5f645b52286899d718289dab2c67e9226b18f1b5

          SHA256

          936b155b0c79b8035a05c16400e682cc9b97ba05ddb123941655b5f71bb973ea

          SHA512

          eebeffac0b186ce8e6cb856d8c8e56b8f70adb7541ee76aa8a0485714099801a9b82a783e6cabd9a5ac196425e7ca869d338b6fd6b307640f477a18fd28d3a73

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7c9c41c53514f7574d2af7b3d88d6ae1

          SHA1

          394e5258ca8f7bfc5294dc5e1ca6ee7fa0f4cb96

          SHA256

          0eb9c9da4ae120432aa8400691f4e9b8a215d7bb4aa867a266d23b98ca431e89

          SHA512

          c1edab405e601ab2f465b0398f3508c92470be6c6e3c6ee5c086b8c3b91f66767db57e0d87b68e3e480c5b2f4cf0267ff7126a3222f3bc2b756ddc79545136c4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ca747e538f57858603f508c7963a9548

          SHA1

          dd0450066e61189de5b276c2fa94f684bbfccfa2

          SHA256

          ce5146bad52bf92b490cee1181964a2601d1a142c33c2a769d20ce2c4083c980

          SHA512

          184e08c5cab35ba3c69fefd420121ecdeacaf2cb300cc7e3704243370118b6aa9723b5f0e95fa5165e01b65672004afc19259091550aa7234aeeb6521c08c55e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2226efad4b9c4584cc0b200fb62bcb33

          SHA1

          65d8eff0cbe23f130c348539a31e049f604b73ce

          SHA256

          fd6c5befd5f370d0a20285fb333916d8e8ab21b2483a0a8f49e1d6d51b260e1f

          SHA512

          5aa2e4794aaa59ae33960fa678c621c961eeb7fa6f947399e6bb7d97f23459f73434ff1871860e9cfd3ca1c3dcacfdfdf2d6fefe6ee8c90264d466ba131847c6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          051bbcf7936c5a40b864e8463abc36a2

          SHA1

          18c3c729701b4cdeb026e24c1d18064deaff4e15

          SHA256

          e275a585f04d5b0fe0421174002e8585ff280d5744c9b7ab642909ee31163b25

          SHA512

          ed77b5e028d9bec196518394e4c9e037a138180681690e6a68a5fe328e95d4024f29267bdc19fd172d281514b4fc46a7bc695c76670843edcec64a45e0c5e725

        • C:\Users\Admin\AppData\Local\Temp\Cab428.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar4BB.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b