Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 22:29

General

  • Target

    8fa7b91d9e950a2205db2d989026e656_JaffaCakes118.html

  • Size

    32KB

  • MD5

    8fa7b91d9e950a2205db2d989026e656

  • SHA1

    e524f9b57cdfed9dabdf503ae3f99e5bae6b3e21

  • SHA256

    0a58b964be883a3f7a5b6efb3ffde802ca3565869e6a0bf6fee60b457aa0dc57

  • SHA512

    4c72a328360f50e698ffa455b252bb0e8bf2c6581536011933c503fe85c403472c984a24ddd5e94a8dbc96e72fb67719f4c1919ebad080e18b8bce4516880ff3

  • SSDEEP

    192:uWbq/b5nEdbnQjxn5Q/jnQieiNnFnQOkEntlhnQTbndnQZMCpAZSgphIWdgTrX85:/QQ/vrRg3I2qrcrsRAQbAeSh

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8fa7b91d9e950a2205db2d989026e656_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1740
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1740 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2172

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    54ddc4381818639fb674df5f03ae8122

    SHA1

    66903bdb0cc1b6e0b1755a4f0e26ad1799278d1f

    SHA256

    6db9863bf3133baab28c9d15560caf94cdd535e7614265f8d022542d26dd5a9b

    SHA512

    b9d417cfacc70ac523797a8798c991c144a015b65542d786898c320a33002f269c900e3ac78161e483cff7853c64f448708c36664c07efb2923949e43f2d82ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7a056c198cfc31faca2935f9c147c194

    SHA1

    86c0511b7918f35f0ac59b441b3f2d0ca083d735

    SHA256

    7d15c24caf6c7b63b2301855d926c4f21f4ad42fca917f1709f574fcc5c56ba8

    SHA512

    32c98a95bebab7d9584a804111bad6a67fd993f95fd8e18423787e11e3b2d6e52d3d8594af233d1d4139f5a1337781490eb93ba19d907a0a680a723aad54a5e2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    deafd410aa3e561b084f6daf15154184

    SHA1

    9bb46b1e78fe90956a2bf74004dbba7bd5447123

    SHA256

    b48c06bd419b76ab695348121fc9ce3c7007e4f0fd8f20fad889234eb372058a

    SHA512

    e06a51ae60d94e3501339b830b99ed1f88d414e01a0057bedcfeefb2e0ddd0c92f658528a642d747c3e93741b778651eccc97fca0e57783ddc436b159fd1cf6b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    788a918bea015f3871d9677d2403d30d

    SHA1

    4d9b914174073ed0fe4a124348ed630e78a7a65a

    SHA256

    6c3aa19a819dc18fd59027d2551a83b86ece104e5e4757f02f88553e6ec99479

    SHA512

    022e4bdd89c632434f65da0768a3f659f03d6c5a47d03bf46b2185ae90e2534137995dadaad2407f948e86a611707832d61dcd5a8930a11b16a9d4ad717f92fb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6c8067f846fd79a8cbfcfd6908720249

    SHA1

    1f75b77780baae695e944965469c26ac747ba0d0

    SHA256

    4b9a0d83b8b6cfb91fb783d94bfbdcf54becae31b996bf10ab9979d6d953845c

    SHA512

    3eeb36d7117a23951a01f6508e9d3403237cd3d80362f4257086bd679d60f2269a562f34c2298c73cad56c725089a8c3dc28299a759007d301a35b538749da92

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    56c5f371475d46b626c19dd66acdb3dc

    SHA1

    51ab12683dc29e036ac3c7da128e6ea11639f744

    SHA256

    6beb131792b717c5b7d16edbcb89701ca839fb3af198dc8ebbf7a23ed2e2df6f

    SHA512

    7138d05793222f785aa226ac29ac8697bee1dde7b77dabe51692881145411e2de5c3646a994ea809edd32e8b2841ae4e9f46660e048de65aa41fba8a96281c9e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b99ab2e3dc9c6c14ff077351744d1d19

    SHA1

    9967502ac994ceb2e9db44a3a4f215359aac28e6

    SHA256

    5d97c0603d329592f53c5403f486db5a73b4a38d87d8e14668a1809a08a2eef2

    SHA512

    7e0aa61eed1d21bee0fb9948b7ec2aface31d0bbc6899bfd897ea5317446fb06e12c53b588c9276a1e4b8bf569d2cce3a5b1cc67e76e70d11a63a972a77e18a0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    be5e4936bde129e33b4284915a22dbc3

    SHA1

    8bf06a1a1c7b38e63d1973b3a9316afdf79bd3be

    SHA256

    f8283bd1ef62d9832a784239f5b51902b3277ff9d3b484f112ca075864ac6deb

    SHA512

    16d02c0b9d60a778bcab94e2a725a4f2f6d85e99ed166a645786cb01fc54eb18b24e1633b4960087dd2b7ca5deb1677e1620b8ee607b70255ebb35dd537d03d0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    708a0e53e50145f7dc3a2a34b060e472

    SHA1

    d34289d4278b234decdec79180ee246b4b0707f9

    SHA256

    4b63d29da52caab86fb71a9cfe476a775130ecae100af2612370cdd2a547a856

    SHA512

    e5ccbf80d7dc6d6722e618a9abaab893b22b4cf64f6ae2bf7a25f8039ae6babc02133ee06dd09535f311377329d9d62dac90c90086214123a35115c8400aa139

  • C:\Users\Admin\AppData\Local\Temp\Cab2A5C.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab2B39.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar2B4E.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b