Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 22:36

General

  • Target

    8fad040af1121694a8a0f21d94ff8c46_JaffaCakes118.html

  • Size

    27KB

  • MD5

    8fad040af1121694a8a0f21d94ff8c46

  • SHA1

    c839f8a6022f87988f3c42bf7c30055eaf2576a3

  • SHA256

    c0dd235c7824db6f4224c06d8dce124ea453948c26bc0744ba2d027a0eba9ea8

  • SHA512

    c8df7aa0dc25ba6ba7cb748c969c6330e5afdc3518f6ef7b04b99d85052c530fc0c8227b1946985f85c24a718ed7b02eac406ed4ee083d8634aa3c1ee9e0d755

  • SSDEEP

    192:uw/8b5nC+nQjxn5Q/pnQieENn8VnQOkEntDTnQTbnRnQ9eegm6uXWaM1+6L+Ql7g:HQ/CzYMWaM9SmpS

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8fad040af1121694a8a0f21d94ff8c46_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2972
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2972 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2752

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    836090f7559a1e268083ef9edce52257

    SHA1

    faea8e390b5c9cd5ca6b5f7b538a03e43ec593ee

    SHA256

    aff9a5a07b025991d92bd3db3bb20300381c68bcc3ae3c6dd4f8656f62ab7a0c

    SHA512

    9b784f95f0e0fce31acbe543d144251fc66d843762a4830a6092192ad31b3189be1650fec24630954b84f760014ee0d0c809023541c34cb572ec2d839fc951be

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8f77a5d644a2e724fb9d2ad0c091d6b4

    SHA1

    cd8263add19457faaa6a38d48e2ed5c4a54af44e

    SHA256

    7362a9b078c1b73832caef704a19279957f8e00b3d44bd3ab624cebed91b2a6b

    SHA512

    fa192559d8bbb1f15502d86378f4c6bb6e692bf1b5ea2cd6a40a72d17cc579ceda674dc5bd5552359e182e3e9e5cf5040600f2f43dd0935f1f66860dfc3bbb2d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c12f106e4385272dac33793591af6a17

    SHA1

    6bc4a4ac9af8e0e551334d40c99a2cbb22eadfe5

    SHA256

    3a1d0045fc636f5c6e674cf7af55896b2e33eae299ab26634b72e4a3a32891c1

    SHA512

    ce5c8ce79aed55289cb6086a40f120a8dc898320ac1e7f7d205e2b0d75063497b67478f94f0a0852a3d23a0ce76e8478f084ca9ca9dc054198f52b14c399daf5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd7ecd422804edbcda9b030e42c9ce1f

    SHA1

    57ca2cfc9225c39c4c51fd701ddde5699a1968cc

    SHA256

    98a3db641a274992228ea6f3a6d36e9854ae1d73b65b4a975bb8d993706659b3

    SHA512

    ae13e43717fb742fc6304d4d6bb6fbd0a3090cf231cfc368ac926d40360e38cfbb332ad4a0058f33a7ff3372759083d4e47e4515b679aec92c4201d12a59904e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b43bce290cfab46954c69a704b66bc4d

    SHA1

    ad6232b011d327c990efc505dacba3be1dcfc395

    SHA256

    018bf25598fe519528b88d1f70bbe9decc721d92cd074257e2e76c58a4b6036a

    SHA512

    335766d52d38d97d931914439ed155de11567e5b75ea4e0a5072296bd8ae76fc985f0ddf1eaa501b138ed9ff4f907966b6d46376a38922a020be0f81b27f4b67

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fcf361cde14e17b81e4e2f8687bb8f72

    SHA1

    69caf8a16448532ea436ff0a1376a875bc2f65a4

    SHA256

    d446a0c54a4f0c03f4b9c2bfa6033a1160f111e1c408bbb968c679b695cac96a

    SHA512

    7535818cab5a763b1af0fea99f3a889f6709ed8c39a2d3b494c778c2c72136dd36e84d9ac76b9bb156aa5c55fe07598fc32a186da64e2fc3de3785c99ab40bc1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    42dad28f76fd93221b03621919cf9bf5

    SHA1

    627b6ad7f6a3bc1be55089c6c009653f638897ac

    SHA256

    bc2050ede7c7550e7863d44fbf583e3ddd9ebe152160316382e12dcc036c224f

    SHA512

    6775a4d83cd49181b514c55f72d34598f943fc0e0d71cea4a4fb9fc3f63d7ef1ef6f5f1ad055cb120253c43e48524dcf10fe893180ca7f1fbc34088054b71f6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f59e349b5189d5b6b66884536cb7c772

    SHA1

    812266b6a7893c53b864566d873c7d0c83467a89

    SHA256

    d31d666f87d5eeae3c74d59c413d227682dc6e7a46c5df048342ecfaf31d0aca

    SHA512

    b8743f7988bbc326669f0190dc5b90c61f91d7929b27258e4f70647b05a67017d2f2633aec7d1cb55a43475ae92675ae74527622474b18bb6dc2c837990d6eb9

  • C:\Users\Admin\AppData\Local\Temp\Cab250E.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar25C2.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b