Analysis

  • max time kernel
    150s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    01/06/2024, 18:26

General

  • Target

    8b5b270b0931cac03921c04819325b81_JaffaCakes118.html

  • Size

    34KB

  • MD5

    8b5b270b0931cac03921c04819325b81

  • SHA1

    e69b250d054cf1d5cb786ab210f3862a5902a867

  • SHA256

    07e52c72cd257d9d21dfbe119f63ca9aac1ce205701cae53f6aea6cabc04e9f7

  • SHA512

    b9b41f45c7029f932df2ec24a827e75b5914de5930f3ba7b35dc1f5ab165ff1ac22a027ea805f297cf0aff755af186098c65c8b082d2086abb828075c209bac6

  • SSDEEP

    192:uwnab5nWWTnQjxn5Q/1nQiewNnOnQOkEntfXnQTbnJnQOgdcwqYscwqYAcwqYQiN:0YQ/FNEe5i0wroK/tRjayz

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8b5b270b0931cac03921c04819325b81_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1712
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1712 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3064

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    55b163fe2d306e62109e19678b2df474

    SHA1

    07de62a3fc36ccbff86576915cab5335d053c2ca

    SHA256

    0f0b35096d99e45c55402bb3fa54b1f2cd4775a21683d07aa1e26ab658d18ab7

    SHA512

    23d4e2c46afa4beacbf919208a654289b3ca4b1d929a52eaccee06d351e33cc78b8c2fd16b61a6bc97b63b66fed2b4d1587c958c0d526f224b70b7ce4379ce38

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7dd9fb073d672236cc8337b540c5672d

    SHA1

    a2a5d0e49fa1955e7586a9b9b621816d25db56a3

    SHA256

    78c6c4cb304788deeb8fb0604a7cdb84c43c3de3904a72df6493b6ee45151ced

    SHA512

    9a909d3a6eb70b527c14b3cce83ada4dcdb1a67473145064cd4910d59203bde7d6e1f0fea006e2ca0109522ea25206f538ee1d4ee6fdad74330e654cba4c8f65

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d34960c539a94aea6e41ea51f19e1ea0

    SHA1

    5918eb129924746d0d7a3f96de5e26dcfa75f0c9

    SHA256

    9449db1b2a85389e45daec2fb9855146c7d8a28e2a99203d00c30e1c036d585c

    SHA512

    0141bce502cf00b72390e5ddc68545e782505bec4b0db5c9cb1461205e5f0a69625e571822822c0cee45f276bc6a6bd9bc6ce5f85ca6525fbfe3925bb186c9b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    78dd8ce28450a6a5fa0bfe4de6738403

    SHA1

    664c51fdb05d043f35c681f25bfee56df3fdf1b4

    SHA256

    ab246258d89565a83a6d1034ed6237501179eaf8db2f06a12f38882c00512a5c

    SHA512

    7cb661ff47fcb1a3f11e70f39d307da04ace62f1eb8dd32e324c18c72b229760246f55a79cb9784103bfecc0bbb7a08a8a6901421932176a120ff521959e4100

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a90cb6797b09eb93494c07a71f8cfa4b

    SHA1

    d2a4b073d82d7632722276a74929b7821544db63

    SHA256

    7c7d308a62c8c9aef67807352b0965162f139c7a973d3a5d8dd929973f083000

    SHA512

    d52238fa143bc61d099a4ca8b671ccbb0773d2ccc854896d68c70a122bfeb010f0dce7805fee983c9a39083932618511b30cf3d1ee9ff903c34e00b906d973a8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c9b34f6a8c61803af4893305d15534ef

    SHA1

    7573e0977ed982e7cead6e07bea9117a649f24c8

    SHA256

    3a891b58248582df7da1ea680faa5396b30d4718209ccf6b238610f5f190c347

    SHA512

    eba8d97f80f10f393f0d9e36dc2955d75c9ecac286eba5feb5b219473495a9f4749cfdee8ea5fae04769ae546576aac55ff09e951ac2bd1d9f80bf93edc86ed0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    01f42746263fc8457f7128cfb8588251

    SHA1

    b8991ed3c35c01e70b996259a40088c5bafbf0f2

    SHA256

    eebce82b6795208f8ea89fff6c6df9fedd8c6970600ce96d574c6f0a250dc541

    SHA512

    52069897ebe82ff0cb771789628c972cc2c149b97476b8d5692ef7c1dbfe86e8cd24f869cb3254270c0dd8f08fff876b342f99087dadd46f8c69854f53e17190

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    05b718e9d3327111678bab5cd88dbcfd

    SHA1

    f29cf562968ea912a64df45a3a7ccbb3f0e28693

    SHA256

    e9debb73c0a3ca8398f92b4b5c7f7b15b754e3d97529c1e8f5eb7958982f0629

    SHA512

    cda0f9db99c9dfded862a42914b451989da577dd4333d2b5026152ed14892800aed087c225bc14f594b4d4ba0c4d50b9d24fe207853eb89bddd624a1dd90db1f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    56a1476050710d1022894a7308fccd38

    SHA1

    c57e8b0e473f7807a61dab15fb56c5b85a1ad8f8

    SHA256

    0fd388e4473c60e2f2064873fc0a566c9f6019d310fb7c3e2dcf49ab27cf2d9b

    SHA512

    1df13f68a7b80768b6ad3ba197ee4624e659ae6a7f91dbf2220fe18e706aca6b1aa3697461ed3c382c22b7b9c43420a86eb86697b7363eb352efbd6be24d5c03

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ef0524c179d81ae5e77cb08a9631457b

    SHA1

    1f5083722b2a6c5f297b864dc7c8b666b7b008e8

    SHA256

    5acdeec1b7858162d9f71b246b61866c74a2f252d1097676d2519317123f2cae

    SHA512

    b04023efdeb90c946f12debcd2c86e695e0a5be58f26fd32a8758204d71d91120b1211eba2bd2472774bc3208e16c301a7cff756422116c23fd411afea18060c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    406914d02ab48e7a81a8c1c8bac00d17

    SHA1

    4fd603e70a3451d11ebadba65d3cb523353c2e37

    SHA256

    7970e8724ce5abe3e03549369ed3d6616eca015c9d80f7a538217526a90ee191

    SHA512

    fd379c784e782bc760f36d763bf7c364fdce4ba91c2f2d80818b0bfbcdcbfa201af450a5f1e7a5dfc42b16ece43c6ef65e26b3546e79ee0fc45f5d83a670eb46

  • C:\Users\Admin\AppData\Local\Temp\Cab99A3.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab9A90.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar9AB3.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b