Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 23:43

General

  • Target

    8fd82186064662b140a72731473a44a4_JaffaCakes118.html

  • Size

    18KB

  • MD5

    8fd82186064662b140a72731473a44a4

  • SHA1

    7ed8a144c938cf7b521715d4df4c1ce9b5b31478

  • SHA256

    90b10f1948dd88246b714820874ce9fd0a452d337278522d2eefe93b458f834e

  • SHA512

    a992a5cfbd0f69cc5905c625f19428a9d9389ae5a386c096b4002488d89268144b82f08a2c7c1c2aff83ea08f5de3472b8125aa6e8adf18948c17569a7aa3d01

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAIV4FzUnjBhn582qDB8:SIMd0I5nvHtsvnSxDB8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8fd82186064662b140a72731473a44a4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2016
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2016 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2976

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          145ea10bff1ac5c43c8df91fdb11c4e2

          SHA1

          c8cd167abbb56c6d370cafdfd9bdc2ef575c3402

          SHA256

          8883fce64993858be2a3c806b74bd85f234f77159b4c8c5792e6251e1224ca7c

          SHA512

          61eee8ee1f213110adf21ec1296b1c483c27b51e8eb8a8015afb3445ff89e3914483d21249b2094a0e897a69da971f03b34c117f512b9faa694330c7e1c7d039

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bfea3174fea7654c61b1d16a6b46b74f

          SHA1

          0900440f7b3111740e4dad542d8c3b021ea24437

          SHA256

          ad0495d4566988b84316d9788864da5c802ee92a215d5e1f9d327f57ed9c60c6

          SHA512

          5360d0279c4ec9f0290d4bf63392fb75efd1fc7c718a635a7f40f61a384bdc71900b94b2f83731474849225e5d6fede8b512412b5b502fa254080b969e6708ab

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          445c3c879fdb9752b41fa40a8e852144

          SHA1

          3c8f9afcf36dcb785340bce9d6e20ef207e4f3de

          SHA256

          bed1f578c08eee9aceda9f37a5bb40a377f3f8bf175677b4cdb8512f2d79d138

          SHA512

          bfc758863acb8e6aa86d975f0150b66bfba76a9141331417ea472c1b3d0a95849005a6dda460546cc17f7f93534fbf8f2bebbe01637ae79ed341669f7e7083e5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          3ff56bc2449c449370b696f0bfd76a8c

          SHA1

          d490a914cdd8ca58ecafd3332a2d9ae8bbd19673

          SHA256

          02bc29361fbbd68f2a6698a98a6b58b87db0e99a9f81ae6f5fa4241b4555e863

          SHA512

          83ddc80922073bd7d42571a4a50d7c26dc661ae1e0cfd2625c677f315dd79b8dbcc5e4a300c10d06016b5c7636bd04ba7486895caf8b80a1490384ece6dc80d0

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          16d1d368d904070c5820abe31fc526e8

          SHA1

          3c319527be750b72f7270a4f717f9d7d5c0b6d1f

          SHA256

          3f2752d46a5d019ff255870886ee82618b5c46be009585d7fd83c7afb65e8f1f

          SHA512

          aab0d258a33b94a3e0b04c4367397e3679773874e85060326649c2ceb89872722ef38b07fa22d502fbecb30af848eca70985a1e94efba08f7a56f17193fb84d1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ec9af039a616f93c3aab0c667198f178

          SHA1

          a4b91d1d5b46389f135a1b635de6cf56543bed99

          SHA256

          1a60aa04e1f8158c6bcf5581a65ca4d4513942bc17be34bfc3a515c847ce5217

          SHA512

          5b4ef39f145d801a1bc5d89cf824ea89664932fddd80de53812fa973e38e7d89fc87e7a4b541babb6b98d159c3ff566dc5bf63cde4a13d1af4c9caacd5dc9526

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f6337d97e18e92e40d61919d3456ade4

          SHA1

          ee25218d9909de54a06b7015e11d3d7f7f6cda6c

          SHA256

          60be6d895710b85cdb340bd9d483445f50c7db1a55c2ecdacbacd7b02e8d17fe

          SHA512

          e830d03beb2f982bb3de5f45450d70138266424291aa1e995b8b8e40111cefcc056723d73bc8912b10d600d3a2cf5381ecbdecb2dc45089aa82fe304d310866d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          54adcb4435819175fb186c69c57fc087

          SHA1

          fe7c08099a86f6a3bff4c93d021a4063bd9e0f71

          SHA256

          869fc3ea9a1d35c690a8c67858d4686b368749027b4b670a1cc1a4c2902bcc4f

          SHA512

          1b6fda9572c69bc6717cd2a47b2c271aa651162bccf39e0dbc90242a892cc6885e5fd5a5c122d4c73006c112ca0402e754e0608f0f6eb3b3269d43e807f13b6e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          2b6184b01be0a634f0f63db2c7e21758

          SHA1

          c44ab65e77f66aef5a67d7eda0b713af635b1868

          SHA256

          9b3da16063e04c1670a58deb5a175263c0bf9ee43ad99ade5c40fd0d6bb2114d

          SHA512

          d114453bc6b3af35b82b503c1ab152f05ef5b115bd7ff82d8d95fc009c73fa6355ed676eef5f1fd68f0313164a8d51e11126503c93fdd3cb765335737f86f861

        • C:\Users\Admin\AppData\Local\Temp\Cab17F6.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar18D8.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b