Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    01/06/2024, 20:04

General

  • Target

    8b9d1760a9cea30d885dae753fe8dea0_JaffaCakes118.html

  • Size

    23KB

  • MD5

    8b9d1760a9cea30d885dae753fe8dea0

  • SHA1

    44015cba9a5760963027f7a5c7c458bd1a244021

  • SHA256

    7d86e65dd2a9df91115ab150ced96d7a19480fb2ccfb297ccdfbb6602cd60c44

  • SHA512

    297786bcf1a6afbd752e5736b04a1596da22ec1d49b4bd4dea6df0d4b55155189b63b59513e0bb2ec05d970db78a3916081c0f81dcd26f8c07a32eefde141026

  • SSDEEP

    192:uWn0b5n3WnQjxn5Q/WnQieVNn2TcnQOkEntqAnQTbnhnQbCnQtRwMB1qnYnQ7tnF:mQ/kTmn4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8b9d1760a9cea30d885dae753fe8dea0_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2232 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2696

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5c4adbb8f219024158332162d1532897

          SHA1

          a98fee5f338b730c2ef8f159c77afacd395d6d83

          SHA256

          aa824c59699a10ba1a1803f8eb7b4bdf0d8482d2067195910386a3ff06a2b0d7

          SHA512

          e626c8fd27a95bab503d4aa6a8661fd33313a902772171dd4fd2f9fe125eb6bbd67cdc21caf37dbc07ecc9d3e4d8afe9d4105e253f0783175b0a7501b54382c2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b3a1585405a3f23b997eeecad4f3b8d0

          SHA1

          c186635e72ef22ea7cc25a0ecf5625fe93f4c9a0

          SHA256

          33603938e0b94437a5b220b4a4cc02a2f501c141651621d8c827fd281aaf9d60

          SHA512

          12c7d4b83869de53cb6a0f87aa4930394b086ebd7f0216ddba16f3179d07d4d1131605701fc9b3bf0d3850cd00be8b036d016acaeaa52022905b3712f4274267

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          58e5a45bf81a7ff22d0901b9ade618c7

          SHA1

          1fa99136255c4463aa0665ecad52a3e57bc49c98

          SHA256

          35747b0a423c13a042412ab7b68cfc616a34c88d286a5245e6be32b3220bbfc5

          SHA512

          03a9fd03455db2e4c270463aa74aee26e43480fdc01389243f5481e4382d28d85c29c15e4d8267f814327bf142e5c43b967f47ca2361f0c79c3e8e8682ff121e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          dd66477b068cfc3a359a7d297ed62b40

          SHA1

          c0a32a2175b056f8c429765ac9d7779eb8976625

          SHA256

          a206745fa6ab454150164fc90fd70357ceef306722c43e1c6de0b3c08c7985a6

          SHA512

          d5186de2163a8026ae2826b6204ebed410218fe1d4286dc0a91d82c2a653b6eb64413e7b8ebc86e744ee5dcf0e3a2cc54ccbc909ea57cae04a1cf31fc680cc20

        • C:\Users\Admin\AppData\Local\Temp\Cab23F7.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar2777.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b