Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:03

General

  • Target

    8c66d2af64dde9707e397c5725d36831_JaffaCakes118.html

  • Size

    213KB

  • MD5

    8c66d2af64dde9707e397c5725d36831

  • SHA1

    adfba3ce5afaec4a72dc3bae6cff7497acffc320

  • SHA256

    1208f6b6bdc1c2564522f58487a4b5db691e3dbfe97b13bf82342141df96b3cb

  • SHA512

    1f4e9f27cae104362fef7280ecbd19be29ecb6907f012fa611c4be8c1667e2cb63545c5dee155e69019b1af2fe44b6f2ea8b56d4a210801cfe0dc9b02d69e5f9

  • SSDEEP

    3072:mrhB9CyHxX7Be7iAvtLPbAwuBNKifXTJL:+z9VxLY7iAVLTBQJlL

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 41 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8c66d2af64dde9707e397c5725d36831_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2440
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2440 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2912

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          cb9e8f85b120c7d21fe72ba4a0363503

          SHA1

          0d6cab2d7af9dd0cf069cf492980746abd041d9b

          SHA256

          e528e60efe0c15c09907fdff13db09c64638268f16d29e29de3e5550b8635fab

          SHA512

          a23592debb640670f48e6248c34474c5132d2648aa668730bfd80d5d4446456ec92b8131a088af942bbc7b6d52125230818fde4f374fa752bf363a3669d4bcb4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1e3090408a623034c6d404935b4f5ead

          SHA1

          96cc287dc28a239f865c1ddbc2e1f0cfecbf5b24

          SHA256

          44ce0857326321f7cc32b37f3a664282f1073b007aca7c5fd029e1ea7038d23c

          SHA512

          41abfc86ed50448ee38bc6e6c45640edeb15fd9869547814956522ff803452179b4d4aa9a22bb2737954700322a8be7861e044c03be465d4e5a4d458e2ef0d1d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          df9f00abe6eb88958f5e97118aae5046

          SHA1

          ac58bc6af72be908ee6213cd9d6f23bcdfe0d043

          SHA256

          366a631b61703b6e0834b3f41eaeaf80ebff9121adade2368e1558b46181f2a6

          SHA512

          bfec9415e86d9ca5bf2fe400d06a84c7e0ac6ad1661d8c05cc780cb8645b10c7b6f14e0722229bade1159140e6470366dae9a172639b4e57a4089dce88ea9375

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          28a1fe9b3f754af2667959b1eb2f482f

          SHA1

          f4685123e0765db63c55a97df63d6aa58fce16e5

          SHA256

          adec7d9f36661dce5b703defdd62d30e4cbd3e69a17cab22873e816c2e4fc340

          SHA512

          38f85354247f811907a22bb9d187d48893f88b9ba1adae4abf1d7db5c16ca09aac0976a6341115fc154376d650223d768b071730679765ac21e962c58028f878

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          04363509a282b3c9eca6b4b871a5b6b9

          SHA1

          a1b5b89299f2b018058ec2293bd01a30b9f5b744

          SHA256

          10bad6aaab0661e230b7e9d4acb366975fa12bae6c59ef189aabad2652824105

          SHA512

          8f85004be66b652b6a369ec6c4830726673b49d752cd52f558893db17f22fcd62c0faff3cccccdff041561eea150f874fb28768bca4dae59aa2ebc3cdaaa2bb7

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          d3afc38afc99a5606500ad77e00e560d

          SHA1

          c3e11f39ffc604440cb618369ccd4d610ab36294

          SHA256

          2cd7418e1f94484e8723a4d16a27000c0ea2a868d9a16ff886b9706f54659ace

          SHA512

          f9f6d3ce4538fbfa5f7d05c4297c69d211da0bd05651bf36793eb0682ed18e4b3e9bb160ac1bbdf20290dce58864dc537a0d6c718a86abb3d2e8e1eaed25ef8a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          58e7fe0f7541aec96c2a564b665779cf

          SHA1

          6c534a3fe3035fb97dbb717f8a87a0444bfa8dc3

          SHA256

          47403a04d76f8ec632b1242ad7cf45e273c7168befd60400f3dcb2001d4c56d6

          SHA512

          2b236b15a7affe679a8229e342a131eb32817dc8a2dc1895f36ceedcdca8671090fa672e6474380fbbfb37477cbf66da5dc169433d84a5bfe9510edf332a605c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e98b429d24d80b69d60b082f8bb69c3b

          SHA1

          022177830c72e6e6c1182422358a32c2a9fba047

          SHA256

          288d21350b5d6cdb898312539c95abaef9360e04a9f178243821e1a7a0b793f1

          SHA512

          950487d3b0e5ab61b6ed618a701bbe4d2ed2822d97f06cc465224fed590196abc1f673b25270ba10294bc5a55117e954d2b31be5f53484a36529b2e76966ef93

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e132fff45b57c9b75be67b05298cc4a0

          SHA1

          64360c2518e4d5123c060cab47e78e53e3d1fe10

          SHA256

          9230adfc7b0428642b0d6b93383cbdc9943b9facd87bb005e552a309d15d6284

          SHA512

          b95e27582c68623b6acc24d0de2c80d5fd4ef8ccbc8040f4f94609da22c135387007a9cf84922656a1e7d345acf197152c26c151bd44c393b57d65efdba50f70

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          ac2c41266307ade833be5ea836ddc94f

          SHA1

          095fd9042780d3d92d79dc2d3c8beefc38edb752

          SHA256

          c7de7e00ff27d4bf68f4dbf4063ed6c1076ed9d56dbfff8937ab1fe2f6fd2745

          SHA512

          f84750d37147e86c9516246bb8fc2a270fc336d49df3bda0f1ac85cdc9cdf8f584b9047e0e4c86cef5aebf0cb29efd4c5a5fa4275a6a690928b5de061339d818

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          1fc1397dbd35dc1090e00befa069b95c

          SHA1

          e5cf433e981076ce18efca525dd7262e45cb5b4e

          SHA256

          77635165b0f22dc1af661fdfe3a5a38f92db4419a80855d9c7e582b713e6992d

          SHA512

          0043abbba60c450bf3078823d81ae8ff00ffa489da5651cc626b71f136fdc3b3f7c1652f3a9a022b0c3b436984a03a13d5d2dced23be37a71495c6e48422797e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          300afa27fae6f978b812508e38ef49e1

          SHA1

          09ee53fb9be83213f115766bb307673e59a1a223

          SHA256

          6bbbb23fb2471e3ceb8c3c3fdb11932e02a5464e0390e5cc5aee50e45ab6b577

          SHA512

          70c6227f1096ddf83ce9420463689d11ac77f5101fb0fd5af95abea736310b54528d1e93ec3e176f7ae43155daed10609713471ec5d5d14110afcd76bf951a57

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          65d1478baba65c29d2fef78b87a5db5c

          SHA1

          a02ce6fcfeb8dfee2ce63c0f9268f310f35b85b6

          SHA256

          44f27f2e5e4de6ece9372406575fabd3a20816c345297bfa46e8a86b0f3d94b1

          SHA512

          eb4a83d81082b6d4722e0e46292746ee783fd11e2da67d3123c82edaae06f59c7236a3731ae2c2cfcb7ec5a92c18918c1e8c2bc6046368fabe605603f40db913

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e739fad6b927378d87a4c6eba5b1ed61

          SHA1

          a3f0229191d39fb220ffb59ff6310f0d7e5077d4

          SHA256

          b839385d8551a2248bfafc2bcfaa838e1cb5029b2dbbe0a3ac3aae5211c3f81e

          SHA512

          cbee92f67cb6d1f9f34f6e8e3101ea722cb9f99998c65966c01aef2bcafcb07a02554024fbb94b9de04bc001adb75e6816beeeea9a314f534e804e47ad5f6cd9

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          7de71c93982d046121ceaff23220a1f7

          SHA1

          fe0c594bbb9001e1b8d8c22599f5d146586b9056

          SHA256

          645ba5e5b836a848a52214f1c3369b8c046db8a2906c9ca3262d37ef13617ed0

          SHA512

          90bb7016bef08f7310c84e5709cf241dbeaa1508b317cdb235a75bdc04a30853de1c81d3833e039dfb06cd29be4ec54cdc604ba47fe75ad2954a9644bc26d6e6

        • C:\Users\Admin\AppData\Local\Temp\Tar3599.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b