Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 22:30

General

  • Target

    8fa81641f96d0b556253740941f934e6_JaffaCakes118.html

  • Size

    27KB

  • MD5

    8fa81641f96d0b556253740941f934e6

  • SHA1

    518c7b3a81c8ef0ad67a021fe82af07108d7c334

  • SHA256

    0877d11db2d88579a7cee0faf0e60cb3ece2e5d6bdaac79467fb63e99989341a

  • SHA512

    9991f3a978c1f9a9dda41772fcfa8660e6c90927c8e9f386940e28af39403ce16904c74ec193b9f9a16ebbdc37fdc01d57d4ac9f355dee42a0400dc972efbf99

  • SSDEEP

    192:uwzcb5nbanQjxn5Q/CnQiexNnwnQOkEnt6UnQTbnNnQ9exhm6ubjVQl7MBRqnYnE:6Q/SALajUS/4h

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8fa81641f96d0b556253740941f934e6_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2440
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2440 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2872

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8d7f58f91a557f93375213d86c5f563a

    SHA1

    8d0f32363fa696e346c2fda107407a442778fa1d

    SHA256

    f3b0e399cf92c5a318c860db7e202ad626e97db0600b8c4a22aa0a4c0084494f

    SHA512

    fe0e00652a142d9c4f0eac202d231cef0c2d99a2f76e3170c4cd75424a645f27e5a8d0c2a524431155d15d603eb9e839b958a0771cb10068a0576ed3368ffe72

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    def247ba0c6d797409d8db10ad51b526

    SHA1

    ec29d1d3b5f30d70a60d7fbf3a87367446b4cdc3

    SHA256

    a1da0ca40ca4ddfaa393c81422f8f80359e7a08f94c01da15048c78e86cb2f2a

    SHA512

    2762b9e0e52deeccff58755baaf13119f2da89a4cca012e6013edf5b557dcd1c946d64430583a34cb9ef8f12e066fa379e3a3e52bd7508e3028ba43b1918a0ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0436f03cad60dc78ae48abca8166f020

    SHA1

    dcb1348b292e8d8859aa5a1ec091b89780cacae6

    SHA256

    c0b6176ccddadb094c05ea20a82cc7721e404fb3d9d74c52362fd02d507a97c7

    SHA512

    538acd4a1edbdf6915381a7242d96816b7549ce3a27ff67554d93c5a97bb55557ba1a7a7e7a351c8855233ca03e4de3905a481003256645cfa529c6b07122575

  • C:\Users\Admin\AppData\Local\Temp\CabE43.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\TarF36.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b