Analysis

  • max time kernel
    121s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 22:30

General

  • Target

    8fa82c1aa1e409fb3c68e675b55216fb_JaffaCakes118.html

  • Size

    49KB

  • MD5

    8fa82c1aa1e409fb3c68e675b55216fb

  • SHA1

    d70fb29e2561096aa99c5c5f3521338f61150a8f

  • SHA256

    2b240c7a8ec62a368c721d9731f40389dfb79c8532357a6856724a2c488546ca

  • SHA512

    1e04e53de6a1ade3f9f68f4c9718fbce11e6746c7a6e0dc401d27d126a6de0c355c4e50a0164308e0a0abfce0f5cc4114a5c736f007dafc881866ebeeb4b6087

  • SSDEEP

    768:g81T5kcJY/66+Vd2NonjU0OuJ84I7RcHJ:g8hycJY/6d2NonjU1uy4u+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8fa82c1aa1e409fb3c68e675b55216fb_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2204
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2204 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3044

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    57f64ed7ee2061296bec16627503858a

    SHA1

    2e4cd842bc6d21232cf84d71bd21c2d9bdf899c5

    SHA256

    022f33ac3872253ec8c1ea1c882564d21d38a9b5eef22e6102568eb75503e952

    SHA512

    f92b365c37125dae1343647c3a57ff6c8a63ec8f97091fd500150f4a7a0f9cdfb531d931c3659140833b1e0f41c8815be24b8f9eeeb32bd91239e8e349492368

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9fd677834234d7f60742c064e623750e

    SHA1

    e6cc3696014823277edd925531a560642a41f0fc

    SHA256

    8f34dda722fb3869abe8cca2c46467fe9f1c14543eeec7e700bb4cfd664c8673

    SHA512

    b8db78ce7b0d8b4b8da9db8d007ba6c97f8f595f51cfd4745daa9570a22bacaa31a1e8642a86dd005c5a9c5ae99899ce38feb50b8df35292b93a2dc2a3939625

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ed3134e738c3a739d05a72323ec1a25b

    SHA1

    6ffe4cedfa2f9d816375b42299463b657ebc3c20

    SHA256

    2fb8ed711976b1e5358ebb127ed71a164f4a273761a84d8a0706e1cee5c8d534

    SHA512

    6e03b4193f627a475d54c0856f1f50c6b2dadbb7c414a5223116d994896d1a8b158f1b3728632ea798650559f5f1081b441ffbb26cdcc4add531d55ecd600cf9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    77d6abdbfab416848bab3c85fc9089f0

    SHA1

    448fc6f6661270cb7880ac7e8523e331d63bd683

    SHA256

    fddd6f3ba907a1ccc956c0645ed4c9b5c9faed618cb5e411b713e2de5dc777c0

    SHA512

    46981493ed5a6ec81122e8aa4f1561c58982beb4c72645659869a3ea48bf61aa57b85eddb8461e00a0112309ae962be05f4dd70a807807978462a61c6a07d494

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    689aabf0f34e87e13193bc5ae07f82f0

    SHA1

    75e1f3db6a8258e14bbcbe866553e11a4c0a3eba

    SHA256

    9a16e73682a7a05a4c4ef7f68e2875f4605dba271992722f6aca28c3f56ba048

    SHA512

    a8e516bf46187d35e6a70da3c4ba3c30fe8808af1b6970b34ceaa62be4475ffa9ed8d87eeb96fed4818afce553690e975a6cf848863df6840e6ca5e388f31eaa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    93f04e903ab2f59e3047505993ece64e

    SHA1

    ee77ea77cacad236e81a7d6c54ebd0a7c8b8256c

    SHA256

    dabd3a03d842a6200ceaed5016ede9bbecd473573ff4f5cf39d37ee15fce49e5

    SHA512

    420a1bea3c78a3cc0756de5192e48490a3dbfc8a5dc901c57bec78dea507c4caa2d91dd0eff52e064962ab1598760130328e16527269a40675b93a400ca6b1dd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aaad862bdedebee4eb173793b5672d75

    SHA1

    70de8840fafdd82011f49ff26a2c9298c7e7f07c

    SHA256

    37128dbdb6400554acbf5dedbb2124fac32cb00b290d173e44dfa38477c0599e

    SHA512

    63338e2c349196a6cc5430d9d8ab8634d5d2d1495448d6f9d6a305b628bd943e36fc5c7e422e0a072f98407997cdf4ac7b9ce89ca95e02d1525cfae1a2c0a5ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a385bea9237eaeba50b59a0d4ff8dd9d

    SHA1

    59d32b68804edbba1dce08ed78c974e6329e88fa

    SHA256

    d4f0149ff807c9390413bcdafd254be6135bc6fa0eca4d6f060bd965ca0ae909

    SHA512

    e0dff759a714a9bc9ea07bc36e3b0489e9a04457c59f841baab662808dddad8b718a5d1e8502dd81dcbee03579c29bb2cae0b062c32f6dc2cc2e199a0140201c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c2cbd2addde84374bf846d6cf4cd8af2

    SHA1

    d39c924721473f2702cee21c00ca3d847683eab6

    SHA256

    eb94666b2d06ccbff615461c1bde0d8136d80bc4cd3a570cadeae6942de8e163

    SHA512

    853b17e30e88d642e391256791f98e568fbade5360e70a4a63f537e36259116eccf373a7d4bb8aea51185d6efb92ede5116bb5acf7cca0fa01d8aed0d09daac1

  • C:\Users\Admin\AppData\Local\Temp\Cab453D.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar463E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b