Analysis

  • max time kernel
    141s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:03

General

  • Target

    8c66d2790151719ad779c2b2dbb4556e_JaffaCakes118.html

  • Size

    53KB

  • MD5

    8c66d2790151719ad779c2b2dbb4556e

  • SHA1

    998ec7162a189b3de621f89088bda859507df1b1

  • SHA256

    b6be022b305651fa3bdea52ace343eed1b52fcd1f49aa94fda65a76f54d1b07e

  • SHA512

    b8326bda7b19c87b25501fbb5b7f5c9ae666078dd759d81f03b9b433696b2984790c9b78dcbafd081e40a50148d770c1a7bddf2ac0710de967851352c1e4b057

  • SSDEEP

    1536:pELGjG2rOlwX164dlA8ip1h968F9DSCMCDwlQ:VXrOz8ip1h96YtSCMCDwlQ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8c66d2790151719ad779c2b2dbb4556e_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3008
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3008 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1964

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          28acd937e753c78713f4080f898764ff

          SHA1

          6c259de57f461e0b2aa88bb36d1a306f607867ab

          SHA256

          da9c62c3fcf771ce26889f337aa18e36c14aaf57aca9fda6cc158dc35eecb34d

          SHA512

          b73c25d9b37d25be5ce60035aac9360f6cc4334a69453a5162e6ab684075eeaf3cad24e0df039e7ae65400d23fa4f9b180c7f38a15fe1f0c4d90c707fa5a12a3

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7257acae2c578d9bf8d2c62db57ca4c8

          SHA1

          21254de610b5bff2a3de0292418a95bfc75187cf

          SHA256

          aa09d95adfe53b643bba2c9d99da24bc13ef4dc61dfe4328327c3c31aebccdd9

          SHA512

          b40608837c1a3398433142366bebbeb714e5bebb57696d4a530b3848e74b18d2617ca663845676c1eaff7d4b11dca1f06968721b55f14b291eb3484ea9f105bc

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          57e4091578aa716c22f183a2f51f0c0c

          SHA1

          a6f1894a783e7eb28af88466e8284eeb0b11a33e

          SHA256

          0c33b7d74156599cd4e37f12c1350c3c4077d2e94b22c59e17417751c46cdbd4

          SHA512

          3a91fb7d0a63fe2550f9fdce30e5f51e4bded9a6707ba9753f04cc93441c67f0a3aff68bfc6ecc296fcd10c63ec1e84603528ad3a5649799669c0240f5fc4901

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d63b181e58542d2d6c88f67367a0c01b

          SHA1

          102d814f0c598e8c5cfd2cc9a01cce39976831e4

          SHA256

          7c34ceb3289a52e86dadf74fd36156e648c2892c0ae788f5258cc8fbe15ea3ed

          SHA512

          67eca48cff951d37b9fddc3b1ce50c4fb216864debcafaf5fdec1c2bd2339199a314a140a8941927ec64bf62b2f7b1e3dd4acbb05985370cf880b60318dd529a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7a5f13c9b22699f17018d80fa15d899f

          SHA1

          fda642249ad556c0360c0e2d8b1b70590ca968af

          SHA256

          649a1765ee59c1b6792a70e1968bf2f912efa736fffc1d746634675adfacd0b0

          SHA512

          66cc97cb677c29ac420a2492e5a125d84904fe6464aa87b1a4c41a6256d9015bd0fc6eb6343e747f6d948913c503fe36e6409a3dc303c64ad9d751a5e262dcda

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e520b3e33402e646f86741b080b88177

          SHA1

          f282e19df870d2ff8a09c2d5b365674a1e0d7a5c

          SHA256

          585af422ddd0b7d4d9d8097b2a9a1f44aee6698a8a482ab5bde66096b7d6f039

          SHA512

          fddf0edf97b4dfc86eea7b77e8e41c68a0bdacd08aad750c42076cb083886d4b79f24afb159bb7c89e8f4e93a2fa00ab739193fdc1971d522c390bf8775d129a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          b4a40b5437c0f3c2a2e04660820bb234

          SHA1

          e489852ac85e1babf28cb5d2ab4c4c79e04ab9cf

          SHA256

          ff7c94fdb794bff58453d802416f6aba64ef8ea4bafe97fcb7932562757d398a

          SHA512

          d67201c5cc3d1b887be441cbac0008b818beb678315a5c6a0fb7cfb2dc9ed99c2990b6a4e5a81246de2d65744f3e77181c46ac75fa26425d9eaad27c368d78d4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d1b6578337222ad13a137be97a5d7d23

          SHA1

          1f3403cf642d54bbcc26d9de1088634758b008fd

          SHA256

          b59c6b8aec76f1952be4643e630a159271b1b0f2ebc4d89cb5b946d26ca39a42

          SHA512

          1f1d399e20f68e5b8b47e87053fc1785ae58886509f012d2418f56ea94800e8738475e1c40037486c495989f990abb87761d845e83b59633d74e6b577084771d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          344B

          MD5

          8a24850f5540510c55e2aaa3c19fe724

          SHA1

          50c268e5d186146e5b404f4d935f241b0dc77bbf

          SHA256

          afa5816c35b8d30d7e6928c8343147f98be506ca3108111f93ec87aeb43b7bc9

          SHA512

          15445a150c3336f4bd902069225c2fa8cf8e6e8e8d631ddea745876ddb43d406e6f28fb1d93025dbb33608918590b95968ebc9bf8fffc2e710abd392127162e8

        • C:\Users\Admin\AppData\Local\Temp\Cab4673.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar5065.tmp

          Filesize

          177KB

          MD5

          435a9ac180383f9fa094131b173a2f7b

          SHA1

          76944ea657a9db94f9a4bef38f88c46ed4166983

          SHA256

          67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

          SHA512

          1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

        • C:\Users\Admin\AppData\Local\Temp\Tar5FE6.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b