Analysis

  • max time kernel
    149s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:05

General

  • Target

    8c67b638ef2d27d2f4a1e3ccec05a15a_JaffaCakes118.html

  • Size

    27KB

  • MD5

    8c67b638ef2d27d2f4a1e3ccec05a15a

  • SHA1

    0aae4848d45619c0dc20b6766e13e443e0cf193e

  • SHA256

    feb586c7fc3c5724fb18776fb87917aa03a0ae1c0c6c5df533b5907912e2017d

  • SHA512

    aef857764fae084a68cd88a3e101f21530bd78bc42128d0c042d90c9b986ef021ba0c6da8f22f7369a0797ce707542fbade07c80f5f824e216ae49ebb55231c0

  • SSDEEP

    192:uw7gb5nfKnQjxn5Q/unQieFNnTnQOkEntKMnQTbnVnQ9ehvTFm6u/fRQl7MBlqnb:KQ/TQDKf4Sr0qa

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8c67b638ef2d27d2f4a1e3ccec05a15a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1636
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1636 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2944

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          0e282925638aca98d49dc4c197f2e36b

          SHA1

          4a3d3ab3e63d7d14a4cf322e96ed7349e412feaa

          SHA256

          8eede0152458abc5d4da5cf96c13d7bf9ac6c74c61b0c40734f2db7acb86b9af

          SHA512

          c74e6577302879abf3a79c2d7d99cf6a11cbc3c898f1dd4b54bea74886d788661e6a479e1195085b3ffa66751254b4422b628103e8cd669297e90f76451f585e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8590bbb898ba178289b3b3257742aacd

          SHA1

          b838652eafe3d95df18f1bbf6307ffd8accd77e2

          SHA256

          196edc63f3c410d8ffda829c33a9f0ab8eea41f30bf60416857e3c99c7bf3bfd

          SHA512

          089f580c1710e474802bf31cb91b96839b7756b5d19436b047729364d06fd1a2c27da8f77ab0fa265c6a24eec194f581ef6625d134c57afd72ff3e51be77321e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          9330f31bfefd508fec6c12250a2a9a55

          SHA1

          7ad401e3668a938f45899ebbb28ac6686ab73040

          SHA256

          db1acbb3ee138f7a97af5440375c009f2b6204e210bd4094f7b7209aaa841c59

          SHA512

          fb951c65fa3944c0082704a07f13d968f12ab2897dd7b4b7d1ad6cbaa59ede1553719240200a1339a5cbe18ee9624ee2d20c584c809a6311bec32fe1db5315cb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          00c6e8052b8388609de9d9dcfc85b065

          SHA1

          0f91af5763a8c953db0035d843630bfc497d7927

          SHA256

          339ab6e2ba0ad7f9c17f12ead641a1e08b7f30608920b97504558b63b812eb02

          SHA512

          681e39c2c05322e919eaac6ee575be6e402a5c565109906b8f9d12a237a5c56284b0870c356a3718fc1466478094c01d840b1354130193fddb85c74ee060c2ff

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f2a63c854a8b1fd2f2b6fc571989e975

          SHA1

          6bd42b302d8b6d9e28b797fd28142a55d35a6635

          SHA256

          4034592d75435badd761a4e430997e3fe8dc96a993c1e5e153a0c7e93f34f0c6

          SHA512

          e58a17d2830eb52118ffac87737fad13f4f82e7faf3a995ca95fc5db162315552136d9f604f89c733f9083b55f5259312e3d30f533d84c587336ce3f0d7bf3c6

        • C:\Users\Admin\AppData\Local\Temp\Cab2F98.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Tar303D.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b