Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    02/06/2024, 06:46

General

  • Target

    8d33b33756e92071c89ba8e537b06fad_JaffaCakes118.html

  • Size

    32KB

  • MD5

    8d33b33756e92071c89ba8e537b06fad

  • SHA1

    abcf3a99ef1dd25601523ec3663d43f3f5e9bbff

  • SHA256

    2e0ee9f955277bec811496b44f7e35a22a11aea26a96f70e96d0d1366d0e3d46

  • SHA512

    25894e56c0a35093ba31cc4b7241d19f1aa8c30498ed4ee14190867472983f85d455356fd93ad63da73ccd6d0a30d7460b8d199d052402c1f2788d6c174cb404

  • SSDEEP

    192:uwj6b5nD+nQjxn5Q/pnQie8Nn2nQOkEntnDnQTbnxnQmIbxNxpkNeXM/d8ohJMD+:KQ//axOt/dM/mWb2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 31 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8d33b33756e92071c89ba8e537b06fad_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2900
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2900 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1564

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    069f4422cb553cb6c11ce8b82b06e5ce

    SHA1

    294374e698cbe20603feec7abb6a59f7fca02575

    SHA256

    28d14250db14a1b7ada209f9b32bdc00a4dfbd0ac5bc7939d7b472a64229216a

    SHA512

    efbdc293c923619c2f03bc503babbef260d88933de8a2051eb1bb783c2a50074a021621ffedcb974bdbc6e138207ece636566a22be54d62341dd0f68b5d52704

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    95033fb855ae7f9b96d71a0bc542a35c

    SHA1

    d52f92dae41ed77baa58baf919e25d08d02798b2

    SHA256

    c2f3fb12da3c4ef6dce13c39fd37c6c7b49eb455e5be05803c29b5b73b973447

    SHA512

    5f118c44341110aba63ef0c43631f0440babcf354b7390caab53532baf600b64b31a60948af11395216dfdde269a064fb6c29118bda64367cc9a1dba95199dde

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    955e96dad9992d3f597322b5e87c47e4

    SHA1

    395d7aea4f5c40710dabccd3fdc096744c2be60d

    SHA256

    7590e0311601df37b10e88a6862c22fc954125b6e9588a5632e29b3f51a3ad8c

    SHA512

    1e74f1d68440a5ad0e119389f28e7f9a1161957084d5b41108189ced676d4f74a36aa0c9dfd5160d9890874800becab474ecef51f32559f2277e41a519f07dd1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    de750b2b8c44d57dd228f55f2907b8d0

    SHA1

    4bd6ecc5bc17fd6a60c6708fd3e9a79b04c9e442

    SHA256

    ffca656346ece75364672c3e2dcdab368e03df75e07ca71c34826c7cfe669f7b

    SHA512

    6a3555c69f2ee7b823bc94c338ae660e9d2cceb57f050169b2e90170d3c6576e6df58061aaefb7a5e6b020c425428136eb39103d566bc4fdb6559d9d0fa13dec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    16c48049afbac12509b787bc0023d1ac

    SHA1

    30591b98f6aa95bc38cfdb1b8ddb8e16b54a8713

    SHA256

    326bd43e70be9cbf6bcf0be557a477f073eeac8b0ee970cf255ba458eb181a35

    SHA512

    68fae4da192f783159d9505a39f21ca2e66d9f94df4623aa725cc282e5289b8aea677d9847c2b80a696974ef2c71a6577446bc81abcd2c73271b88acdd4524ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc2ac6c75ec6517fc2ef32ded76f549b

    SHA1

    9072928bba2d3f901eeaa13912b07f52c34237ab

    SHA256

    36fa470ceb6f73721c5d677a06c33fd79295de359db11d55024683aa3e894e73

    SHA512

    34927825f778bac3de3b03e8b67f67d2fbdaba1a2262a8e99378c8a6132485bd2e50ec5ef60907c2e2ed9debca0b7c057692b729956174a89ab0b79b5248d7cd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c5df8984f22081043a0ed026d685ca85

    SHA1

    aaedba3567fcba2df96cbd8a035eb53705c19a8f

    SHA256

    f3855bbdfe4639fdd82006586b219903cbebb7a77554be1b71baf9b58ac8ae83

    SHA512

    fe4b587e69a84204fbd010305cce3cf0dbdbadc96390609816073d524525c413b54f3c4c6a3180db4a0832e07dc7dc2d63d69ff1e93e1b94ecdb2f216db67262

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b45895f371daa6b1900ce87da2f67796

    SHA1

    aea7d7a370f9621e9628ee6e5878dfc40a626dd0

    SHA256

    068414d9870c02f491d3df618a65bfa9fdbdb90642273eedd801ed03982511d0

    SHA512

    3ae07b1cd7e36bca89294f7892509295b492fa0ea9637c6219f5d537231f96dc343db348586426e575202ef824b555fadc34eaa4d09c564a3c75f960aa3a5a59

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    61d64a7a0fd5994eb924947fefc5cb85

    SHA1

    08b3b49449dfbdef0bebe1d0a670828bf6b3139a

    SHA256

    10815d06b5fc8be3a627b3aeff002b2873e62427bd9239f4212fdffe881d49f0

    SHA512

    2a36450da822141bc256abe0b047ffd9f633c186f2899d93ed305d3a5ccaba380979683588fdf311c6f8a6825acd23d748768abbdd59c36696ea9d62e7f1271c

  • C:\Users\Admin\AppData\Local\Temp\Cab1892.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar1983.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b