Analysis

  • max time kernel
    150s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 23:09

General

  • Target

    8fc19d954f1ddf68d0788e1e07c2c4cd_JaffaCakes118.html

  • Size

    18KB

  • MD5

    8fc19d954f1ddf68d0788e1e07c2c4cd

  • SHA1

    7dd18e7c6fab19b59514648346e48269bbac1fbe

  • SHA256

    e6aac2bf5ffb94b47fb3edbe35daa9ebe0440a62667949fffb48adb4f389814c

  • SHA512

    16df1a96076a215bdb3e943a7e5e33a593f7da5716541663e410786f88dc725141a9bd5df735ac0bc97518d86e559e5b4894c59219b2f7bc3320882f22ef3e0b

  • SSDEEP

    192:SIM3t0I5fo9cOQivXQWxZxdkVSoAId4RzUnjBh3582qDB8:SIMd0I5nO9Hxsv3SxDB8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8fc19d954f1ddf68d0788e1e07c2c4cd_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2888
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2888 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2812

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3b399b4b6865ae34c42dd086874d6d5d

          SHA1

          566b12797bda2242b68a5cd002f2f7ae8b52d357

          SHA256

          ff4714c4726987d6c67ebc85078d533baf3981c32396c4383e08f43fb6fed20f

          SHA512

          c7e1c4828b597d93a4705cd25898e0c9be79632e3c853960cfd7270dd47c3686814af2108eec8ee0f6d586e9610537b42741e0fd18809deed66b705209e4404d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3e822c138f77c1c9af3baf9dfe3009c2

          SHA1

          68d4c9c1de793b2d8cc2b85bca5c18e34a6bead6

          SHA256

          c35e119e8feceb56fd0c17a1a939c099215e5edecc675f774182d492af84af68

          SHA512

          b0c2ae9d166ced0a3dc386519ffde66f1b5035354899d311bdc0bce42e3dcd1c4d8b23aabda3825a8aecf83910b8800cbd97ae834c0eebdd470047a25a71bd1e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d25cfa4a7636f9e6dbe7a03d77044370

          SHA1

          5b356749d86e315524b655e2bafd123a77f0fa67

          SHA256

          b20944c95fccdb60b49cbfa5e06ba43c6b9d4eb5cef324ee32d5a92f2951dc1e

          SHA512

          a8c2e906595f813d53a8d24d908a07bcbfc66e7c0adacec69fde370a9bd26d9121c19089dc75ece455da2ec13b5d5378fd1723b7cb55a794bbfbdb248bc17e7f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cc3d5bdc41680ee00c230cd58d7482d5

          SHA1

          4786c3c82b163d5c21f498f4d6d4046719f89f6b

          SHA256

          0e8d98242b4f52d2af1bf8de902e3824364338e085cdbd3a0a8c5dca875797dd

          SHA512

          c9a566831d61ab7c41c6456c3da143e714d88b7f46237492499c065f1c26979c2c3f6fe45473c0ce8c01956634aabfd07d23c6982c9c8d5ac143116ae5a0707f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1460650f390fdf256f5cfb52d015676c

          SHA1

          f4fb04478c167cd78cef787593361a7c0e079c61

          SHA256

          e9ae2e5fa14aacf99a919fc4ad44148e5903198d254f2da22986acea14e352a9

          SHA512

          16122b983e7aeba843bf3ad160cf3c6f463fdb5f3e8db3cd07dfbec0b65a7333cfd031d39360dd10b450efaa3cac0953f43fcc720387051b5f0e46a1ca8271e9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ce2863422477bed157afb76fa712445f

          SHA1

          ca224686c6ba67e196a0be82a787b214724fb917

          SHA256

          3f5921238d2d27994149abef8d57f8d2a858f3a13cdae01b2a3ec6cb1361450e

          SHA512

          2b1f9e6fb4cc8c197d3bf6b6395855c7c8dc9bd525a7c7543c340828f64e36badec78cd87c8e4f99c7e45c6285741c76dafa2d11f49eaf20709571950d593d19

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          737a1da8cf1609faa6322641ce29ad8e

          SHA1

          c20abe818acab22c5614c751dbc94177f18b6b16

          SHA256

          a1767a8d6feb53530f1267fda96c0b41fedaf04b22e9ce8b73f969657c17149a

          SHA512

          c9607c4c291841280790a962ba0f2d3f2ec6f158ec544f704015cf5bd461e95814125a7baedda49c1466cf6d6b4f5b7a7cd47f3e47aa1508e2d7beb010a151ca

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d8d110bd9b03b3aa1faa0b1687878450

          SHA1

          dfe6967f3a96bd13d097f68f2fcc0a93b0c753cf

          SHA256

          02796673df499e81f3a80b01becdef4dc249be0c844c78a48b9fd8dabefb9439

          SHA512

          b04767627f1b134fad1ca517a04dfc6725a19e255fa9bb3fc8f1238c6ec9afce4457d34faf17c79232585a6046ab25c28d1742db8ac2b99de4d2239bdae0811d

        • C:\Users\Admin\AppData\Local\Temp\Cab94EF.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar9602.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b