Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 04:49

General

  • Target

    8ceeaa3c843909a6e109229ad7c60637_JaffaCakes118.html

  • Size

    34KB

  • MD5

    8ceeaa3c843909a6e109229ad7c60637

  • SHA1

    ab5dc498d0557965f1f81c240710c85bf8c4ed03

  • SHA256

    a97dcaa6108c31a5c5259d4e4b4ef1c53f22f7bdc4c683952a9d3a055dff3dfa

  • SHA512

    b456c30bca2ec0d5cf4a6b46fdb94556f0f24f81e834c1bf4632981d7cde6855680e54e7f7f299e13065e17974f76b63ee6a98962f885ffdf9340c4d4d76be50

  • SSDEEP

    192:uw7Yb5n4s1nQjxn5Q/znQieiNn8nQOkEntZFnQTbnZnQOgrcwqYGcwqYGcwqYQsq:KeQ/7XyE5sKix+4N3DbMX

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8ceeaa3c843909a6e109229ad7c60637_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3016
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3016 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2852

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          99a0f033c5e35c0b975a3aad62725c9e

          SHA1

          ad84962e8f929a58fd906d27a5092946609ad3ff

          SHA256

          15b8983bc0fa1ddeb84c587514c3ab2ef9593c6664ac470f8f5d5092812b4afe

          SHA512

          e8033ca61657f36a6b549ed5ec59ae5b685800c842ce1629f2f0f7b0cad0533e313b1f2df8b5410046231b7bf9f09fe3fb3d61f51a4bcfd1432ebf1f7555464a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          f2a034f4fd1fed49c7e76cf72a9a8454

          SHA1

          bacb418bed14d566e6b5f67e6020eef1a449761b

          SHA256

          4d6f719921d8e348805c22cdb139d504f4d262ca403b56dfb944c6cea94d16c4

          SHA512

          ce70d5f0a5e06f9cd42d0ec75a50842228a215af5680eaa4d831d217667551797098e975e09d340958ccd6017dc4a063e0b000bbd0cc369ee36abf5f61442271

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          bf54e624ae0cebdf404a5bdeb9eb4027

          SHA1

          867bd7040fc3a9ec8fa78e24aeb679bc5acd3f14

          SHA256

          1cf3a27143925428c62fad0622f04dbd0747050a66e2c99c4e2482e292e36686

          SHA512

          b3b9cc7e0c0aabba0143f140d00eef7accafd9b22db51f52e7fef03de6f56254ea36087c3755c34bf8f2a077c3a21ba6a084bbb0ef0ba22ca3542deabf2d2709

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          5d95477f49d2efb54300473853bb2e9d

          SHA1

          f47b13d6c2361a0285320fd89910d2a17b1c8a8e

          SHA256

          28ffebd174a913c02e21b6f57bffb34bf440fb4105bc9f63a5d110355c9f2b33

          SHA512

          d5844601b8a13fca9e3acfe0b9cfd7fd0f5a91aa75c0480e80fbfe2d82fa2cdc33494b6c642d96b6d6b0e7e9a6edd392c909610497678c7fac0b8ef3009c2fdd

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          72037a65cd2f2ac300e158b57712095d

          SHA1

          b06022d77d972afc2d6b37fb683371aaa2d1139a

          SHA256

          e7e16d30beef43c50237d1b6fb8583e6639c714b562c91b458065406a1340864

          SHA512

          1afd48332a2a6e589fbe7370802cfe71b5f0b011edbd46c77a58176bc0a042f65dee8afe0914f7507808db9dfbccad915320aa2613a8ecab65aa609b6572186e

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          32cc33bbfa200b88542d48fe94785f23

          SHA1

          15788b241f3bfee427527efb205ac924e1b0605e

          SHA256

          b680edcf1dd5d95cbcdf2cab18950302d600271f5a739d12f74e70042dafc98f

          SHA512

          11e53e1a6993fd59ac9c53648e16487a103ce11670e4f605abbf695b17e30c1d5f26e2687df38cc145bf495a3b75212c3c8e004619e65d784a4b9c5d3f1e365a

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          66dc7021d61190247bd21b790da84059

          SHA1

          79f10b4914a07d9df15a6c6d2006c9934645815a

          SHA256

          99721b3f27793b3e927c4ba19f729f42a8359dd9e171793eddc37c5f96abf6a1

          SHA512

          67a7c04ff632caf4defc4b54d1d9055394e6f47c2bcb3e7e8f60a5791d5030e9721447b1ac027509ed5268504ec5470997e725d0dd27d95ebf9cce5ec0bfae8d

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          476c595558145b596e6012790444371f

          SHA1

          2a6924c387b68d7b96abd88c215fb0e0fa7c53a4

          SHA256

          2c3697b76f09475b43e391eca35c23de2867ee6cc1d8e0e2cb0b13b19113b02c

          SHA512

          47603ac54e4081997ee4f09c6a1956b4543aa8f1fb9de9b31448cc9cc5844076e7f95da2f78232e72a7b888823d84f099bff7129b4015b08afa97824ea3b864c

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

          Filesize

          342B

          MD5

          369c18984f3956efdb42aa588b36b816

          SHA1

          b24f07189f950ed9e1c1bf8b943e12f26fa73ad2

          SHA256

          1bacacc2299b5ec989a83cd2f606fa856abc9f2e623eed3402018ba7370a5cc2

          SHA512

          6de970fe7fac97062a54ceec29b3adc1ec3404e2d99a7da2635e224c035bc94ce018d79d102a9bca38eb91253d25b206a1dd04ff5be5b0b56563e83972f9c7f5

        • C:\Users\Admin\AppData\Local\Temp\Cab698.tmp

          Filesize

          68KB

          MD5

          29f65ba8e88c063813cc50a4ea544e93

          SHA1

          05a7040d5c127e68c25d81cc51271ffb8bef3568

          SHA256

          1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

          SHA512

          e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

        • C:\Users\Admin\AppData\Local\Temp\Cab707.tmp

          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

        • C:\Users\Admin\AppData\Local\Temp\Tar72B.tmp

          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b