Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    01/06/2024, 20:05

General

  • Target

    8b9dd23813abc71b8f5480d873533cad_JaffaCakes118.html

  • Size

    64KB

  • MD5

    8b9dd23813abc71b8f5480d873533cad

  • SHA1

    488abd4d2eedff7c4b1d11f1bd2b9f6e8af73ce0

  • SHA256

    8e63afe8fb7dbfcba7f0927861a0af4b86668f9cd3793563d7672bca8b5df07a

  • SHA512

    cc433c3129ba7e8455d63a323ba05f93028f4e12be0d06c6b8ac151ec57b4fe5b96c2def5e18b17a5372b0309adc26514a6ad0360401b1d36ecfde672dac309b

  • SSDEEP

    384:sQ/DgPPrh4JlLDSpbiF1JvmP2DHIskDln+5udtaN7subADyfntwewX4cjfeLeDq:T7LubiFPvmAeQD7ayfme5cYe+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8b9dd23813abc71b8f5480d873533cad_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2952
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2952 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2900

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          919b2ec879c001cb45ca64907ad72c51

          SHA1

          f29d74765342fde6339b6ddc0bf0695a25f968c4

          SHA256

          2aaf73004e98eabf732e47aa78b3d855c963b90eb84c6b9acf57239e6f4a3dd0

          SHA512

          f053e09cd9545daa9affc5a571837e0362a75b8d1d38afa0e905395bb5a4f4af6e816eb4cc3b162dabf2677b8c9a941fe76cff95604ea5c86345ed549b27d1cb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          afc61ad631667379b201b8bb175d5807

          SHA1

          814c5f4ab8f21b40e0268e78febb1be3980f48d9

          SHA256

          40d4cbdae5cea23e28cdcb8b0a6b951456d6909c485cd57f0c6cc408db97fdb9

          SHA512

          cb39029d02fcdef9ce6115ff9888619964d0be7d6209d15c1b072289e53d9d3d3e2215c135c66acc33b031910fdde0a59b650a834c3c38d329acfb9b34e69d11

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cd2376ecc6a9cb9657d730bca3861e23

          SHA1

          b29115f8acf1a187a47efef9d5eda15e6377e552

          SHA256

          9d0ba1ab5a0b2443778b812e5294565facda6741bcf5113fd9270907fb9b6a19

          SHA512

          8b4fb1929b41ff7a47ff896b743a8a61386d2ccbac948fbb5e648af916704fac39cbf3a5735b855a8109a2c1f281b873c531d2cd08786c3999ca9ced2292ef6b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e4ecead6131ef8441375a91fbd1239af

          SHA1

          39b6fd1d2d2a83ce215726ba6e18014ac83bc700

          SHA256

          2f8531bd6c0c6b655d455783c77b0ffdfd22713727d0f5240540d98c41190bee

          SHA512

          720ce2dd18cf7c41956608110518f023904c16780365e156654d64aee1629efd9618b487fe3027bcfe2d3d9a99be72676e78e40fdc4b18c270cb8b90d9826138

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1a343dd8ff1c90e8b3c7c96d54e29040

          SHA1

          6ab75f0d7fd287e113a4062164e97cab0b941c55

          SHA256

          99bb0029a252b950e32331fb303f4556508d76b93d9a57cc7527fd8330fe334e

          SHA512

          fbc2aa7bb2ec1e85221d685ceb6dfa04cbeb8e1e8400c4211311ea281359ce828ac237c675df4f7097ab40052919c6caacae93e8fec204fc6cfa9f359f495f38

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7a360e23f397aca0e21c3950290d3428

          SHA1

          c01c37120401ea62ad9ef5053e157d4e62f8093c

          SHA256

          d44bad1b97030f70a3688399be733e3eaf451a86fdf424484be7519c446e2673

          SHA512

          39ffb932b920e8ddbdbe7835270573a9b87096fe09ab8cff940c11b3ed2741459dcf90f3adc1ff21e395e43b807ef6a7870c330f411992e8ff2631eafef4f6eb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          694eda158c096e3879fda8382b1ae008

          SHA1

          36ffdb3fbc866c4e2f7d692a620db54055ae7ea1

          SHA256

          b3632739046b57a20a457d9f9beb6d29fda6016741a01227e07477b05f4e4454

          SHA512

          37eeb47116b5958b1138dc6cd493c9962aacf1bde606f3a994e4afe6bf298ec990e602a0db41bd1a1b76ba0f82f345fde63908b429da5493a6ef05e759c8220a

        • C:\Users\Admin\AppData\Local\Temp\CabEB2.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar1426.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b