Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 05:22

General

  • Target

    8d0436e440b42c9265b23007fbb474d2_JaffaCakes118.html

  • Size

    23KB

  • MD5

    8d0436e440b42c9265b23007fbb474d2

  • SHA1

    6dba0c0405958ba2e893d9edf2038402d91127da

  • SHA256

    d4acd31793af40dcb45317bc100815572f4b4c6f761230ad7512aca0224fde0d

  • SHA512

    9bc39ca66c78146229ad51146ad119e071d56025824e079604730d82e52f92fa6c059c85c11be77f3350836df68656d748bd1be6f4af38197e2383bf319b378e

  • SSDEEP

    192:uwLkb5nK2nQjxn5Q/zBnQieANnmnQOkEntzXnQTbnRnQbGLnLnQteqMBgqnYnQ7q:PQ/zWGbyHP

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8d0436e440b42c9265b23007fbb474d2_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1912
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1912 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2504

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          13e1677dd193a78b801907699d775227

          SHA1

          f888ba8e89bb3202d1e79fcf72b48c4a2937f376

          SHA256

          c16d991493635e174841fe38054da7525b536d536244e8c67ca5547df259f740

          SHA512

          b32346957d8b8128635863152ffe45196e6013ca19734166184ae56175cc32125600f25928db9d15f5fb38bc02ccb44c06c149aa21f56f21cc6791dfe13c4a63

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          8ccba3a056408cdca8514ca500e5873d

          SHA1

          678ea30c8645d84dafd3a69b4aec101f25982389

          SHA256

          21aa406f831b09e58e83c71e27f983e40035408803224f61d66f80c8a0435b3a

          SHA512

          869a25b967bdd3a5823de15cd919489aeabdd4fae84362891e147bd1fa8b2a172dfd1bce50b012c5163d1604a12b65974c6059b34eaec1bcbd2e735289ad2206

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e7cf63ce6761824a9f5b1798e91a9b0c

          SHA1

          ca1c277ed230133cdd38ae9ab5fa9bb0e06a4596

          SHA256

          eaeb91e5b7f67b49d59527cf5218cdb8668a0c48236d3da4c84f951d382e3d89

          SHA512

          85225317c45f65a35be30664b9c11a892be8c853e0e397cf9fe1a828667590d94ff5243e308dbea975e31236c3b69fb4a8329e40567781ff9b4165b29ebe7d1f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5390f874d38f48693664dac538b2b067

          SHA1

          9029baccc9fb3cacd2370c1a930e88f37d7ee122

          SHA256

          57b4c784e6e3d08aea52f965beb7137226913acc013823f86acbcfae21c059ee

          SHA512

          de95cbb4e446fd0af75706565d55324d7405fbac5d36795b6d84ac202ad585f7052b8e264793f167586b7156f1b7aff3991bfd7197bff1728f68b21178a33296

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          982242c60c6566d3f84e61dbe3cfe49c

          SHA1

          620a6c8119d6b27b60d88e33e36d37b710c9db4e

          SHA256

          07e8b6e604499703c8b22be15d94a93b18206bac42f1b07eb30bcc4955f5de61

          SHA512

          74bd79a77a3be464a53bdbd8c0bb04b4c817dbc55f8ab82bd065fb89441ee7cc360d039517ea0f1fa7e50c526bf137565d202a3694466477cf8370a8feca67e5

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          45c2b0e6633ad7085034e70b00340a1a

          SHA1

          025095a796d88cc4393d51193315c4180668058c

          SHA256

          a272be1d47b7b9541635977cf2e57e2753a030754f0826e6b344f8762487c097

          SHA512

          be0a6fc9d79b50eeee79c620a0d68b8750c31e02682f7365bb28aaa045076ebe979f6bc038d40c0c486727464b10b33ae6a751199a3ca056ebacf7c6b35bb90e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          e9a57b2e4c417e219db4af97e3fe0cac

          SHA1

          669c6688abcea1e00bdd43580e0e72b76f5fd430

          SHA256

          dba71d299fa83f8a27916a832d6725fb1a48857ca411605c8f696efb40bb6bef

          SHA512

          5224e73ce6906dd05c81c8d08b6b3f295205d76b1258a02174bc60b0e13bed598ec136685a1b08407389c0a2a5bce955f9970a83514099595643b6548ff1f17f

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          64d2487a6bab80712b1870ac165d7799

          SHA1

          26eccd00f000b0ec9e6fbb8586da027788b5ee43

          SHA256

          8c96841885c99e2a035efea9620f2de67fccd9a075824a7b56ffff919ccbc692

          SHA512

          b6ccbe31f7aaadb78619ea819968039d5d39161a8fe8ebeeb5cd4befdea33e9c675695076194cbd3b9e6d92181fa2a00b59d9dde7261351348b931908e8c326e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          df8478ab2148116c8e9221c09b029174

          SHA1

          619b8936efffca58cd4e81ccfb063177a2ec2eb3

          SHA256

          eaa787fc04b5e7e4675b293a9d22ed7ee8b0ba132befcd1000774126758829e9

          SHA512

          d5893251f033f16d2b2a4ccf68d7d1cc03fc2e5890b14b1603fde0831bebe8aa0146b29f16209ba8296d0e9cdb903652c0c517ffe64692316aa95b2365b9bc3b

        • C:\Users\Admin\AppData\Local\Temp\CabABA.tmp

          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

        • C:\Users\Admin\AppData\Local\Temp\TarB9E.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b