Analysis

  • max time kernel
    149s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 23:43

General

  • Target

    8fd8506e8750348ded49f32c17bd5979_JaffaCakes118.html

  • Size

    18KB

  • MD5

    8fd8506e8750348ded49f32c17bd5979

  • SHA1

    b1d0d3d7aa22eb5b03017ff69182f4be862f1dcb

  • SHA256

    0e0f30d80494374fec6d0f4caed2870588981e2294ea0389ff6f256006b9c8b9

  • SHA512

    bb3a5ae170728379669f00f9aada394906d697974982464b5c59786245a4afdf702e4d79f56c654e6266d3ebba583526349b0c7a3c71cc35b5c3885eebd6f2fc

  • SSDEEP

    192:SIM3t0I5fo9cKivXQWxZxdkVSoAI74ZzUnjBhrN82qDB8:SIMd0I5nvHVsvr2xDB8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8fd8506e8750348ded49f32c17bd5979_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2480
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2480 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2252

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b83ffc2be22e1fe39275611b8351c498

          SHA1

          985582eed096f0ea4af8256aa1038740d76d06dd

          SHA256

          9ab7eaceea5368e499d4cfcf1735b27c6e2c212bab6a3861bd258bfee01b561a

          SHA512

          ba1c2796ef490ae9b20d9101f3a8e2fc6516f3f3855271f8ccffa1f57d3545a04457d9eb4ed4788b9274d459cc4569db86c0a4f47a9e138c9fb522e6313fcc98

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          40a6f7b8c081aab79d224ad74bcb7ec2

          SHA1

          f067ab187454aafcce311e3f313c0d9ba2d5bbd1

          SHA256

          1ba8e4408f82ca8f61c5b5766e966d33ed77666acfa45b5dc55d7d4b4de99cbd

          SHA512

          d08c62bbcecd24f47a8ff50c25ef0dfe702a0d3351727eb3ad8673039bc0deaa2134bce92a3845ab1bfca57c39ab6c87f68b44ba9c357cf4d3b98659673fc040

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e269650dfed6ce687821c64e1ee20ba4

          SHA1

          74a6923cab00840c158befa2503af2749054c9e9

          SHA256

          057fc5836c6d022bea301893dc4791fd04dd04c77f6b800858b6f4bdb9591c9f

          SHA512

          8534db30aca6f44cad613dbfaf35495b2fd3f3901fb6890028cdb23c0604292e1d7016ef1921f7adaf5f4f7a87891c243b75a7a5121839b89914335a071f1874

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d7aa65742ecb55b60a64afad03ab8c2c

          SHA1

          ea45d75b4fe20d498562287dbbc0e483887db366

          SHA256

          90a931a595404ec14af77075b655115b7e67035e67e7b81562cdffae67eda802

          SHA512

          9d2f2a13cd92ef5a7e62e795af67bbd0245d1ecd616780a9a8f78bfbdcda0b1e3625a22ba57be6c71648cf1fa4c96c137179a526c7e5b330cd8d420f8bd3b35a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          34990bb95b693208588d4c717f24d159

          SHA1

          f1000ba01b02019c447b6d6d099d4811218c8451

          SHA256

          ca2dac11893373ea36be943dc9e91b61a33b9f5715231fb3a83cdf5d2b32acf6

          SHA512

          34d620c2ef97aa0c9d446d8fc040a2b9040ed8767a238eca8ee67aff2b8d19bb371e7503fc43231ac4bbb357e3cec9540f697fd64836240c798cb35db80e2c80

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          abc96df7aceea46689e02a3d83644e7a

          SHA1

          59e3d41ab1eec0f38954b6eb84485df197b7b95a

          SHA256

          3c6888739e4529ba3cc51c8842af683407f61140d5bc1b65d7a9dd8c72554f20

          SHA512

          388f8c22afd44e0d17301a94f02112dc7e9aa5b8e50631752cd8540ff7b01b7b0ce0b40ab2efbb4325385c4fd8f3691521122e76c80539725c6f76428ad3e5a9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          46591d064113f3329919fe7abf8e9668

          SHA1

          8d442db394083e97e110c269d20589b0cabb39cd

          SHA256

          6392887c150d36904d18cbfd2da647cd240a7b093c45b621d5a7c887bfa403ff

          SHA512

          6c788102d2e6c1f69c57143b3d0676602c8e38f0fe0df2b9058caf8fb1d87e1e50fa41c8875af0337e7b35ad56627d1670a95ac038455e763139cf58bc25c55b

        • C:\Users\Admin\AppData\Local\Temp\Cab233A.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar23DF.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b