Analysis

  • max time kernel
    120s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 01:05

General

  • Target

    8c67bc50fd98919ff170ac6501a37a0b_JaffaCakes118.html

  • Size

    461KB

  • MD5

    8c67bc50fd98919ff170ac6501a37a0b

  • SHA1

    846339333b5487b388eab9461a237815dd7eab9d

  • SHA256

    b11f94beec5ea8e1ba5cb20489cd01bd949651a3742b6213c07da27d438e5c38

  • SHA512

    62cdead43b9f3b612ed0cdfb1ad7a34683ca7132119b6f619d124f9032f01ded64fc21a9eb0b46ddec63815b09821dabfe9cdd41872c18c98f72821bea4a6d2d

  • SSDEEP

    6144:SRsMYod+X3oI+YssMYod+X3oI+YCsMYod+X3oI+YLsMYod+X3oI+YQ:A5d+X3I5d+X3W5d+X315d+X3+

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8c67bc50fd98919ff170ac6501a37a0b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1892
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1892 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1036

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          191ae910f8f05ee96de37bc02ce4981b

          SHA1

          8618333a1408c65088512c92c7171ec8ed72c92e

          SHA256

          6dba13f6c2241b8715bfcb0c10a32223cdc3ed263ee48a352f608b46b3b80c20

          SHA512

          c01bda5b45552d1d03673c4c4fcc7e9e59e70057a57f375e4e3c8bcf064da474faf7b969feb1b23108e69b114f01685a3f3b729077a6f9d00f41a1a592ae396d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          71395734afe631e360f48f1eb3ee7d22

          SHA1

          25def75d10e0c0f69850edf36a1bc44700238e09

          SHA256

          5fb977f8a367b8de4cb35c954e58af9734f0977dbf76d5a7e15c1b2c5cd2d696

          SHA512

          83260372ffe0bd36426b41417ad71d2568e555a3c157ee6b3c93b15dc79f329c15c2b292d80c8b1f6fd7e0ea36369a227f1db672bcfb275b33f227fc37c1c272

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8a42cbfe3fe474e451b312f6eca134cc

          SHA1

          661cc33cf5215d7ebec5fdb4334946b66146bd41

          SHA256

          d0a1eaa2bf46662eee02976e87821ce142bb3f4596c2b4200a2bed71c5ed91f2

          SHA512

          27662751540428e6a3af7207855cd7b5f9ad6ae20adc93eb151dc0b4f6323ce07dba483266505b1d8eda0a6cf4aee957bcb49c06b92042dfb73e6a97457430c4

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          4f8cf2d28221d7afae5f0d5ad6a910a7

          SHA1

          1e0296aa9adf360dd0ca62e43da61ac7ebb82704

          SHA256

          da38c1c039ec62a5ced9a64bf39a1a7be5fcbe9019b34619d70d1466aeb06f2e

          SHA512

          105d8d4bf5565918d3a124052c18839fc9ada4f24c6bafb0b875eb27c85c80d4d3a79a9f229d3912c7f0427d26cca3ea4e490ed4dd3b14977e87464264792ffb

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bcce68cb44b0739b06b6f369c903fd1b

          SHA1

          545212a03e2165245565029790dd3ffe170b432f

          SHA256

          895db84a417acf04e443ebd75cc4e86a48d4edcce7d08e6e28bfe3cc48509bd6

          SHA512

          b19fcf10360b15b11e5d89839fe09a1305966f115f6f6b95fcc2d205589f167bd6aa44a30787eb4af08fa682aa931b65962c7f72c3045894447a9ec27d9209a6

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          64f8f3fa49d55fa048cb279a543223b5

          SHA1

          fe8a6748e8b60b571266c8f82dd420eda2aebc9b

          SHA256

          13d051fdf2e1111f1b415325fc4794ddc9700dada48cb5d982db1edbd09754f2

          SHA512

          7d8449d105a3bd7afdda1bf76ff4234f8910ba968aadc93bf2d05ea209263c521f4e8f2ae5f108fd7ff2b48f5721175496aea677653ba5da0f36e401b055e276

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          94ef00aee0ecdc54ada088a507fe7e50

          SHA1

          d7ce63938f0830d2d75ac94af932b9ba413d0af8

          SHA256

          bbd4ade50dbf3413f96c63230305cf0d3ca8a56f8e010af3aee0be06faa1e7e3

          SHA512

          90e6c914dc747182f234fe2189173f43e3d97afa5103e25072cc529559576fde4dfbea8fc57c4d6c6cba7f951e10c48789ba0841b3049ae28947488948e75a9b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          353882da6a6f9076930a5801229ccdfd

          SHA1

          fa0f7187056a93a673dee0ef2a869bb4b5aae56f

          SHA256

          88033f90bb3d00411856dc8b7ee17ee6a5e4ea11f1bd94d897ccc5b7318372cb

          SHA512

          ce42dec7100903c5642162fe94d1db2e2003fac56b4493e8722d4db1677e67057a1c3cfeeb8c6af961b0f72f6cc04f9fd7bd168ce7b2d7ca197e6337a727f7c8

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          090f0fd7a91ca3569bcb7cdb8f397930

          SHA1

          624b6bb65b557b79736eed79c028acf40b46c393

          SHA256

          9ebe11aba04a4a5bb1095a7e809775c49c7a15552d3df40a18dd85cb6158f578

          SHA512

          b36d204adf88cc45e01740aefc9e6adaa036bf831cfaa9df7cfc616ceaf1c0184de6bb602c33eb1c284b5c28b6242176c93ab8e69b8245a374980d935ef94a42

        • C:\Users\Admin\AppData\Local\Temp\Cab478C.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\Tar4C94.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b