Analysis

  • max time kernel
    149s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 22:29

General

  • Target

    8fa7bafaa873ddd1d60087aab3c41205_JaffaCakes118.html

  • Size

    23KB

  • MD5

    8fa7bafaa873ddd1d60087aab3c41205

  • SHA1

    1e36a1e7a4db1875f3f3ed1f51f48983c9c786f8

  • SHA256

    e9d4f97e1eeb56646f1ec838995dc3d0b240d72a4154a1b6400691cf17da8830

  • SHA512

    c0343f59207ddc120448ac5565529f21335ba54bb366417f255a753f8119381bf8693d4dd233e9b9902f7141dc31375d132509e2eb516bf038e7292fb7dab5b2

  • SSDEEP

    384:w+2/3ow6V2VPgbWnZSzWTeXayMQ/nyRYhMhftO14mYKGisk7mbQGpGM:w+O3ow6V2VPgbWnZSzWTeXay1yRYhif/

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8fa7bafaa873ddd1d60087aab3c41205_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2896
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2896 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2372

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    240983df2bd17aeea36a466d4d58a3b2

    SHA1

    1ba9620430ce89ef20b5c26498acd49b265beb62

    SHA256

    5b9d95e2fa74ca768ae46ebf65d777f3c3ee3aec45c773533c5a2c548df16d26

    SHA512

    f78b97e9cc036052f6d20a05351d1281c067e6cc33461f96cbea65a1f76019c508f5287a2cd4c3aec5ea33604b27794a91d58c01e3483005a6f0e12fb25e77eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    73ecfb6255adee9afddeaf4cd4948550

    SHA1

    a0633f98f514d95e3c5043d22e639c7033d98c76

    SHA256

    b9a941ff0e686b7130226891e82322bc6c1da3f308c5d21f82c14fe8c957bb10

    SHA512

    ccd37de89e7d2aa82ea87d0a4c34ee25f74dd60ed1726995b08f0be06133bf25236324b737ec2fa00b38be355655da694213e2a85956f0a7ed0ec5ce0ad35a87

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e13189420419c0993c0dec3b8d019721

    SHA1

    573a17ac5a8880fe383fec33cc36743b78bcf91f

    SHA256

    12b87d3e76b59c9ac89293af7410f17208a40d64d7eb4ec5503aba8b3bef0a77

    SHA512

    2911f5c828bf42398e3fd93e36ba4a2ad5b67c7c7621d6161d6966fe4e499978fd1719b787420d2efc64181c16edb0638b7eee4ba6c79e7d6696bd2577e9ce2c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bbe0f9a2cc24245edde012a74c5b3cb8

    SHA1

    4bdaf88db09e262b12a06eec9cc6332f650b9ec5

    SHA256

    291950822687b8f813617cf675fa8435e4201f0b318ff5e3045d44a899c8ffa4

    SHA512

    55beeb83d6c6a816ac5b2bddb518792305a011b95cf55dd63e38451d65980c52e3151b4ac614125df765830a1f21fccfdb27d8b8699e35981557c5afe1304751

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e6718e800fdc965cf5a8f2707971b97c

    SHA1

    4905e62ad59146a82fab13667ed9a74397bb41e8

    SHA256

    c05d708b1b123b7801453dac70d6e253ab38d65829d7e4aa6526379a52f033d3

    SHA512

    a26efeb8fba5f7074807fe89b348fa55969e0598ccfd8454dc8e8b1a618690bc9504c3b7b513ae5c0e064129656747d37e9050323ce10eea946d2c2bc119951c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    858ee915d642d945a72d8b60bf892ed2

    SHA1

    9a9ce8b884683fd07b7a5e05031f6ce595cde286

    SHA256

    744723707ac4156580bc56a157570546f63aa76af7492eb646bc11f0a48b120d

    SHA512

    5385dbe2eb36c5116cad22d09cfca20543175b0dcfc6fbc93a5010d8a6eea1dfd6298dd876e5552195b35b1e6c3f345e52fd78153540c843e752b9b725d1c5a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    217414d9dbafe0d946f0ccaaca54e463

    SHA1

    55f2e1328ed4746f2fbb2e0affcd50ec6ff8951d

    SHA256

    e6a9e40e86e7ec75aa0f46c0847d087f51c1dd376d351c488a31f257adb84539

    SHA512

    fe0d84958ec3712c5457555f6eba82c8b07e14642cb00353cdeaacc244890b6e4795ab559ba78b8b07aa7b6d76a18f3f29d36a2b26dd1ecdb17f6289bbc59f38

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    763293dfa3d504ec6270b3816b574a88

    SHA1

    5cb62c7ab558920042dd9b3b3b66e4cf8d5a7d9b

    SHA256

    db63be97cd2478f1304b91481c92588340c89bb4715d51f91c65bde88a9a28bd

    SHA512

    05b5c741672a1ad8794392696f938ee4859b95c8cfe08b6ef03aed1e6fdf683172480b79067af4cb6498ebf6ffb31eb5f0b4761b5bee2d46a2b4d7d744e2864d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a20ae2ca5b8fc162c4697d5585f793fc

    SHA1

    22dac89771f755505dd8e4d2249c6cf37b5ff672

    SHA256

    2ebdb8bdfb3e3b509139358f66a28f2847229a00220c74af969132107c3b2b87

    SHA512

    2bfae703e35e6757e85890c8adee65734f24148b2335d70ee753c2511f55467322d2c416a1b23fdfcd868adc60e0413c2e0078ca5544d05ad20aa12f4d186626

  • C:\Users\Admin\AppData\Local\Temp\Cab2628.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Cab26E6.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar270A.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b