Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 22:37

General

  • Target

    8fad6e6d220ad70464c7b144789c1438_JaffaCakes118.html

  • Size

    30KB

  • MD5

    8fad6e6d220ad70464c7b144789c1438

  • SHA1

    9f5bb40e566e2c74c7b7afe9ad678ec0119a62c2

  • SHA256

    b185afbabbe5f391b1b61fce8c7ce5741c748732f90b58efb3ca3bf3bd10c020

  • SHA512

    291311610a837ef93268def72d9f37e3ba4a51d7abfcf99275827213291dd9f460d76c32d8e41a3ffdee8f79dbbce25e3258f19d720152b30f5b3a3c8862a624

  • SSDEEP

    192:uWjhb5nxA4nQjxn5Q/knQie/NnznQOkEntwaHnQTbnBnQMMCrAq6K+iibI3serww:yFQ/POZjOcca5zARvfIOzQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8fad6e6d220ad70464c7b144789c1438_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2188
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2188 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3024

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    27068336c013469b4afc11aa90342f49

    SHA1

    b35554660e68e7dd8ef752c1df731be3ffa97282

    SHA256

    c29b9b815803c2fe5f84cf8f9220179f8256dfa45ca4065d0757620a1d007364

    SHA512

    d1ebe74c6613922b2d6124aace08abc4e1df0f909e5c010a2cc6e29820b759dc2f2a6e0f1edabf2d92b7e202bcddc34188f6dbb334e408e62f8df315494d907e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    92c21578bba0141443a08e63c84d9da7

    SHA1

    a9c3c49fe3d6c348ddd440845be7489ca6922800

    SHA256

    ff3881a7eb3e008f98277105e9d7e9d34729894bf1933de8144ae4e0e81352a9

    SHA512

    569923c779e742b67e2f678a2bff0ddb7107c66df54b5537b52fa64d69101896f1880f46dd9709f05c75ada967088cfea085c70426fb0c3307654b35095c7468

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ac6d420b189e8e33f54f271e33764c29

    SHA1

    0d6defd11accc88a0bda4bde3521029097ccc1cc

    SHA256

    f15f8cdc4298a93a758957f0f1cfd0a45fe0a86ed4b58231d17db46ce80bcb26

    SHA512

    4ebfd34e80ad5bf42742b2894e5705554b2bc532ad234407f5083d772b6cd3bae5289c7fc3ab5879faa6ba64ed23faf3565b9f74674444b5dc7e3c2341ed6f69

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c45bb7f3233804c1099f9a335bdaecb5

    SHA1

    0af4a7c0cd066a9149d5caeb27024f749072db0f

    SHA256

    47d03f3529c9d767297c1a6e8d08c75b79e03eecfa8d3c000050be9442fc03fb

    SHA512

    8db67d6e939246c74fcd88da811094f818ee7ee37691bf9a70472316b5a26709790b5e4cfc5522578b6f800fdf40f921aeb4a546aef8bfcc0ce8d52dd6802893

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c22476467fc2be6637802321a223b142

    SHA1

    ae9b16fd7a3055f010fa7ada91404e945a59a570

    SHA256

    6cfc723cf9c68d42bd4f31a013c781e273567b6bd280ed04844e7a7c54dadda3

    SHA512

    78adbf485018b1a6d11c527a9eb04ac1433dafe763f19ab6a13c7b6136d13812dcb619dad01caaed89da549076145529bac5a9db7c071025366906c8555d7256

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d42b4cb5476fdfa5161790fa615819a7

    SHA1

    9a152d378d5a4ced5f71e2e93b66fdbea004eac0

    SHA256

    c0647cac121341de687af1a95eeec880913fb320fd6e975b9bc5ad7bec1fa2e9

    SHA512

    997c0d0d77ac28ff230c493bba9ffcf62a976b7fa5829b99e2f263c2254a611838a6ae1850529f58f2c7e50483014f7b5bda96a8fef9a29bd101c33970797ba8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5090026860c60cd1ccafc55096c779d8

    SHA1

    08bd6e80aab093a1494b4b1645f6356884a5fbbe

    SHA256

    4c36baace9a2a48913b3c8356fd4db141afbc514a3a863ae3ef03c59b752be0f

    SHA512

    b0b6e29067b1c4df26f4687d76c56ac7d36287752e4385f71ee6be9bdd2b88720f1a41bd53fad081c66c2e0244a36540900da23bd378495469dcff5b36c7a355

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f96f38d3f02d31114bd7175c5ab721c4

    SHA1

    e59019e7b3bd0d8b4849789fdda8ee78782cc7fd

    SHA256

    c09ef9194631b3d546a1162b5d93d76e127e1b4747812541d150cc8c5bf6b76d

    SHA512

    a30564fa4217c1380b4264db313bff3da7e15601a48666e406f4bcdc5201496e17949e8653eb54b2fe72e8d1c636d8d41ecfa10f860a6462a46a3acc027d180f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5bea3bf0f2461dd21dbab321a5ed5525

    SHA1

    92d1f1048891c4219f5146f9fce9fd0d773c1b05

    SHA256

    bd51e4783dc7d42b72be4f01bfb369bfd048066f373b8c41a9800f47a6edbe11

    SHA512

    aa3c8b76223e501980f0eec34258a8866da8c3694d03babd94a3f5d24cb233dde2fce7613f2de78778a252a8dd6fa63dfd1b4930f4ced04a2ddaf5eda62d3a78

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d08c87bf3d6c08c82e10d3bdd48ba888

    SHA1

    b55d4daecbbe32956bad4ba17919ef2a37a81725

    SHA256

    296b1957e7c50b8c66868491a119c0bfa0b6a9fc1e8d39e15c328598dca620d5

    SHA512

    4fdcc727743759cbbb1c02def82af1633484a1601e78f333eff76b1817cd93a5f12bdf03a10136687517ff5a8ade4132eb7eb49230fa449babef53146d50473b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3e0010c2d90fadd5ed4cb973adc654fb

    SHA1

    f40c0f4f76d3323f7d2b1d1869c98866fb80ec6c

    SHA256

    1f878a26526c0ac71cc7fb92588d3cdb8ee0e46016c3b6b1cc9d8ac282e4a663

    SHA512

    736d9e404b92d556347fed25248eefca2d8f3c8e2e58ef8d2845e44ac218dfbf81ae7c806a6cb47fc44a9c052ffe49a84215d58203d61f317b8ca90be89b0fd8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    85912912b7a3eb81a0a426a70c2b53cc

    SHA1

    64e4761b668da71e1fb9cacf22107923c78f7211

    SHA256

    202d49aaa64e4c5e51288de22699e8b9d1534a04cc2ad78cdc067caf2ee4ac7c

    SHA512

    64f7e8addc0fd495b46c4cb0b4bfaa2f6abb0881cfd1fb830772227b7a74d8a8eee970cb19c79cdf1c12307f4e2f6ea6d41e607b84633b488bea467e8cc597ce

  • C:\Users\Admin\AppData\Local\Temp\Cab678.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar71B.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b