Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    01/06/2024, 20:05

General

  • Target

    8b9e081803cc60e763c04767e22ec665_JaffaCakes118.html

  • Size

    19KB

  • MD5

    8b9e081803cc60e763c04767e22ec665

  • SHA1

    4a1cd4cd6764df40b93d38aff0ee8f01532ac363

  • SHA256

    c5c7ce7b09b5557d4153e3a496871a3c7c469bf5843826284de2e66c1b238dfe

  • SHA512

    a4f33f76b2f3b6e0654dc2ba9b8ea1ef68d5381bfc507ae7db804c5d2cf2b46c2c8e83597db7069499e8dd6c4aabfd84a7df912974cf8982a4d044a72a72fde2

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAI543zUnjBhZj82qDB8:SIMd0I5nvHtsvZYxDB8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8b9e081803cc60e763c04767e22ec665_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2116
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2116 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2700

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bd72e68264e84b3336c2be078f857c87

          SHA1

          3f898b3ea29fcca7ad689402ab3e90c283078efa

          SHA256

          fa3e7d5071fcd291af10f5019a39b8493a5243dbcbe14a5635b525435dabe1e1

          SHA512

          e6946d8b963d82cf0c37f30dbc0d2501b311efc738bd6ab1c6d56e378b6f48fd76ce53cebbdf1fbdd2ee950a955629147e97ebef613717136dd6b26572bff050

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a1bf68fae35c9bb3d4e1f6fca65729aa

          SHA1

          6d745c061961a34e9cc5a107e99a5a6aaea0a6d7

          SHA256

          c7abffa89e63beeb027de61c6836b5475ed3ceea80b4e5a2334b9198ce4519f4

          SHA512

          b323d745b616bcea79f09dd7264094990f3bb7ff6e003facd2f0c3b5fca262c2863edb8aebd0014c7667e7de405cd1a7f3aba1ab33f8c543233b17863b53c01f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          6ea45a06f6bc7344cea12bd436ec94f8

          SHA1

          30e8fbedb4abb955bac8ba57b151e4f1a34d168f

          SHA256

          f0e9c74637cc10ec0d1d5c17ee19613b8eb3c7f72c18b4dd6986da6834a4fc50

          SHA512

          a0e52c9c8f6f2b88f3264fc0b1e210ef8305879dea308bd776bcaa3582dab49dfee163d2f9470c4101483c307f7489e02df789b19acdc514b5c14576fef28df2

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b96abc3b9116488b3bf8851d9d371f33

          SHA1

          8f42c590d4fbba9c336651acd012459fa3f65efe

          SHA256

          db1b010d39b2ea326b9aaf7fb73e47242600c3c677606346c90c9c108e30650c

          SHA512

          18c5df75af4f030c449912eb241c1a76a444b69d148f4d8b7e774fd55c7f17f5d4bbef588a83264caf7bb4280e26c179e1d8fe914056b025aef39f6191cb0a1d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          596c81ecd17145b1917e3488b8870662

          SHA1

          9caa3856e1ea5dcf394afc18d84aa83efcda7083

          SHA256

          7ecc9aee25e888d0963dd5c2be6222448d55f419d715594cd5d47cee0c6e52ab

          SHA512

          fb484acf3e55ee981ccef446c995d4b9d0ba55788fd4391b97cdf1ecf62b250e67b0c3015782029d5f3a0d5821163ced88e447a32caf1c2c0b1358945d26357d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2f91c105295471101895e4acae29365b

          SHA1

          1f34af5d7fefe27ee11fe6d8bca320ec93e8d4ad

          SHA256

          84d8eaf13b40487c6d12b678ed42705b35269a2893400784b9867602c9108c1e

          SHA512

          35f0ef9403271262d5ddc10f2176648cd2dfbe9f9b4981c279035c60285b827c7d2e052a002fda4680013d983e4aa5e6074f2e8d1d196d58da693dee86670a5c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1083d3beaee9005f5a7b619689051b35

          SHA1

          f2cce7ce345388dea750fbe44aaf6404bec009e0

          SHA256

          8956402012eea279e07a34077e64071e2b513aeafa198577e066f69b9d9f55e0

          SHA512

          f658a5d1b75f013edeb157d772dd8e7a18a511291b96323777896e35d1926b366c1f1f097e06c8b32aacb7592a351341629d90795bfc1fcb61ab301edf40334c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          a6b4279acfdafb48e6748ceaaa58e6df

          SHA1

          07ddb94df4aa1a5e1e0d52094fad9b9cf11a7c51

          SHA256

          7c0a422d447c9eb1c564fa58508835bf028753e5f1aca26ff507bb4f8f96401d

          SHA512

          87656f70e04387416e7f8e5082becf3ae024c4a9d7329451600e04b6f2ed8b2a9eca19acd5080fd3a0ab06390282b2fe0c28e6748f472ccba405cd69d8cc82e9

        • C:\Users\Admin\AppData\Local\Temp\Cab44DD.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar464D.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b