Analysis

  • max time kernel
    141s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:39

General

  • Target

    8c7d2f25e8757feb1d0fab1b4568c2ea_JaffaCakes118.html

  • Size

    139KB

  • MD5

    8c7d2f25e8757feb1d0fab1b4568c2ea

  • SHA1

    4afec5c8d2766bb295f6e9f14ff8607d66e0f813

  • SHA256

    4608c5e84d886122c03c027c16aab11979a05a8cc425f68ee18b0e71a2e51d4b

  • SHA512

    444a0960e5e30e78352bd5370dbb884601f57fcbe8cbbb5b750b2531e5299c1874a70a798cd8fbbc31397808b69d6876fdb101498849f7e12f4d03ceb233a8ab

  • SSDEEP

    1536:S3NMe/ARlzkyLi+rffMxqNisaQx4V5roEIfGJZN8qbV76EX1UP09weXA3oJrusBw:S3ofkyfkMY+BES09JXAnyrZalI+YQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8c7d2f25e8757feb1d0fab1b4568c2ea_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3068
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3068 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1272

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          8ff5f0e9d1eb74657e754311a25808f3

          SHA1

          edc518a8b5af93d21b2072501df52589057984c3

          SHA256

          0df28d96f96dd60a75d06545befeb2caedce04898c83416734380ee434fadf32

          SHA512

          258034d185c54119eb8f18d4626e162bb19af43d7227bd3c96b431e63afac6866e1b48371f62289c29f92f18e56d25c25ebccdc39dcae360705487c1d2cdf099

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          2be766c0c888e1685f21afc4d40c3a5a

          SHA1

          0ba46482a130555c90a5c52ad49ebc01c3fc7136

          SHA256

          099fee277600c8d912a872e82955ec45edf9da6d31bd90140d015d81b9316445

          SHA512

          7d98a665b6a9c0bf16f4b5f81810ff76f8bf9c92393b075b6ae5dc47550b3800bdc4049277a0a4941de94a8aa9abe88e274d0445345625bbdcd285eda86999b1

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          e290df254637fbc47a82dd6ade19915e

          SHA1

          a71ddc49b5f7faa423ed8a0ffb2e901dde4d0df1

          SHA256

          8452cafad828360f1516e757727c6ff9e791018a03d785749e56ba3bd5db2bb1

          SHA512

          31a26fe04fb2e80c744fd303984c7e6cad509678eed7854a1ce2ef7da99d816ce9818b41553b59ea4f38b1194e80cbbfa889d7f5ea9403d32606ea7516adfbd8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          d47cf15171a660a54d4240d085921ec6

          SHA1

          33331a1f4c13f56c208fcfe37c9873b6516f748c

          SHA256

          a31473f4da44ba51a8f2be913343446b7b2d06edfd1ead4252eee6c06aafee41

          SHA512

          74a1d925281222968e49c1b7258221f2c0dd6522283210e176868276e70e15ddaf535c1c1b2b8de82689ce86b7802815daba6f3e109e174838cdb934e5ef0c0a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          2b340e7f7007e7cb2e343e8f2a6a4fb7

          SHA1

          d09078c91bd3a59877ff829ac72c6b239bcd0671

          SHA256

          1b377dc6bd61cc4cbecf54cf868ffee12b9529656d6e40f18a6875bb9fa48417

          SHA512

          1575e11b118b4af830dff770f4f0570d584174ebc7a13b49e2e74302ffa1816e16310f52cff8241b44ec0ffdc3ea9e8645bff1417dc88b437bf7e75d38b9ad54

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          14c39a03161b7a45a85da88c975adca6

          SHA1

          ac4769811005f425785396aca9dd1954041b36ac

          SHA256

          e8aa7ab1a158883aade8466b96f5173625f55f01d6684c600bf687706cfe1327

          SHA512

          49882895ca27d1f95a2961af333dd141b05d9edf40d318cd2f7e7ec021ed0a8006c4e3fa0455cfde6d54637d7419abd7faa62f4076cb881244404c2f092b2729

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          545a843bd96ccf876677058f9039d172

          SHA1

          e3438ecec1e52b76dd27d142561c71f792e2a5fc

          SHA256

          f74f5717c3a4534b9f8df02ed77e077ff818ab7d00fcca0627421d78d06f1ad6

          SHA512

          7fb99707dd05654f124a2d431a03417f89753be822223d96278cb1046a19bc5df4b9e5f56ff94eacd9496ee06c138a7b0ce951d5dbf56ef5a6adadec960dea4f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          5ab38eccccfb319d932c93ead3656bab

          SHA1

          c896e046fbe12dd3a3690414f380e5f3a5a0da9e

          SHA256

          eda2668f451033c0b17bf58c7abb79b1ba558bc192f7914bd6188bb8a4922c3c

          SHA512

          160b4514f0d991745b063dbcc8e35a2279768019b877b30a6b6e4b63fdac50421f8b8d6fb5b458341b7f77cc8656a32e6b565b041e99ebebe1a63eda47b1f2ed

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          d29abd9db6c3c1503230816b3bb46124

          SHA1

          a04e457192efd9189268f5fc2375c289a673b83a

          SHA256

          5c4d035716e248c1b24f9a36c771750542913d4547aa97fc78230cd86a59672e

          SHA512

          fdf6b7111fc44783be7033fc90e63b0c24d2ea285a96bf87aae048e77404870cdbb176170cd8b9dc2bab9c100be93b8a6aab8aeca99756d12ab57662c90f3519

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          d6bba0734dc0a1dce33074a861b041c4

          SHA1

          f1056303db1da30b48e1a9b4586760670ee107b5

          SHA256

          468782d488afd436fa4d592868e3340a6996055a97fb5c1d0fd7dd98e79c83e6

          SHA512

          bc245377396a7ad60396fa73f61576040c32967faa0e6e9b57022f88f9d78b04aa21c1508e0e8b79243a247b05a2c69889ece1a4b4148430677b1f9032a436fb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          304B

          MD5

          92218d7ba10bb3c0631f0e00f35d39ae

          SHA1

          a40f6144c13f364775803429c4b2d35e2f06a15d

          SHA256

          0ff97daae212d19d3a9654000abb7d3e3a112dfb3440f8a17234c55f508f3621

          SHA512

          4efd0385d0def4a08e602b0e8b328f5500b04691921fd6eb37c4846093b1a92031719e63bfe338f211b59795e74777846565d13b48ef676252074512a471e453

        • C:\Users\Admin\AppData\Local\Temp\Cab23D8.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Cab2466.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar246B.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b