Overview

overview

10

Static

static

1

0118ce7b3b...d.html

windows7-x64

10

0118ce7b3b...d.html

windows10-2004-x64

1

Analysis

  • max time kernel
    145s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    24/12/2023, 14:31

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    0118ce7b3b3e95ccd8f0027947f0db3d.html

  • Size

    102KB

  • MD5

    0118ce7b3b3e95ccd8f0027947f0db3d

  • SHA1

    de14ed4eb7fb1c2eb93d5412a566107457b972c4

  • SHA256

    8f9365a94ee3dece034e38e97acbbbcb98773f525f8594a175592cc2a303b770

  • SHA512

    4176c65554d36ae70763fefe4d5a421549c5e46e3bb6c53fff72d5f6d5aa4404ca0134e5f595d351c0df390219c2810c1b9672d7f353d60777c4245f7e670cf2

  • SSDEEP

    3072:XFjq25u0h6+K+w6x9aY3GOgEt8aNaIDlNodBhJTrUJVyPIs/7K9tMZ:XFjq25u0hEFGZgEt8aNaQJVyPIsd

Score
10/10
socgholishdownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\0118ce7b3b3e95ccd8f0027947f0db3d.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2220 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2700

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8f94dda980404407e874092c5cdb5887

          SHA1

          5a183f3f1bff6d6c429abe94a9e9180745228d26

          SHA256

          b09348bda55b67d422ba18caa8a1cb4f8e3d1f86e4218e9ff477b478ded61b52

          SHA512

          79ae8a7f94a4953d6e07e6e5496ac93b7c807499e51a5bdbfa65f7d356e421f40fa19b1bc679c859049591290fe50f98130c37d44b783b7f56df823e3ffc82ff

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          80feb77cc4358842d9d8a1ec21d9e98b

          SHA1

          f04dd6d0838ec218986ed423bf5d3e51c1392afd

          SHA256

          8bb123082231ae8caa41dd02a7beae8001f99171a24c6eb5dff03a5325863e47

          SHA512

          8ad4c24b27f523042499155a0c03377df7756714c8119d8c8a70a505e57860c4b8b22ab99f8b6ee19e054a4fb67ae1c01607d1086071656928618e3497ce8292

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          acae8293a5041eeafddacbbf2f97b523

          SHA1

          c963840900a72e62a00c6b83976b1366383a94ce

          SHA256

          8b1fcedeb06883c38ed662a6292821bc0ecbc8cbd949f2bc56f1568e43affffd

          SHA512

          571ebb88dc15f5033ce85761b59a9ee100b58486578f4de95390e71dcde4fb5031d3b03436c447385dd49d164928c94413c79e51fe4219e869950b1589bd51b0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          221e4bd7dd8a9c23cad509d6aeeca61a

          SHA1

          56d3cedd1e8a032322c8969e679f25eea350f120

          SHA256

          4cf0f910349c1ade2146b2685cfbb3d54bfb2d54116e6fd16db5952802970515

          SHA512

          681d70378b5f94d13f859662960ffb33b711e6b2d382249b8573115ad92588bdac15c7ebd77789bdee4309fc2340fc7198042208790642dfb5bd3741212f00a0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c7465e5c45948c26693aa1c70a82e056

          SHA1

          5c1186fc72cb6b48b65bbfdbf88d3ae1a9c0b29e

          SHA256

          d6654b63541d8ab2d2d25bb1157fb6689f53772aba02c1875fb3e40ee080c910

          SHA512

          30362b56955daed726ec79a1e9d0f4295fed912d063cb347d5002ec522da687ee9011398a14712e5b8734909363ad597db8ffbe856787b75024ff60176ab2ad8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b6d2ad42bad549e4821524624293e70c

          SHA1

          4d6a0ecd65825adaa55d6630616c9ffa8c69c0e4

          SHA256

          1f9e98d0b9c61878c5a5c81be9fe5a5ddf21651bd571fc118eadd01798e1ab7c

          SHA512

          02af661a59cc98d52d11aa81e8d3f688bde2fd4fcc3596ea4e41232402ac0cd66da8516cc9b3fa17bf77c50b3c056d730fe06ac6640af4f8c5548aaafdad349e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1cdd9946437d63078609249718982a07

          SHA1

          31edd6b2498680157b188855e10960c9b3273b96

          SHA256

          1637e470e70649538fded35f4fbe29f2158d3107b3b7bb4432ad44626e3ea8df

          SHA512

          3383058255a8e27916b081ce12aa259813e477f6b13ac04cedb3535a12ab29f9aea166c745cdecc43065adec3198bd8c56f2572dafbfed150715c452bdf0428f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b70c89422780f10407223f6f7115f929

          SHA1

          eea2d7aaa766fd7711342c6f18f8c334b5ea7d1d

          SHA256

          d64eacbec089f44d422dcb49fa2ad7cfd44aaabafd2824052386f8dc735acd7b

          SHA512

          2d6a965f9be2d9f112b1e2a634b5963ae3056160e46737da2b179c1f0eecc1e0c982f5442ab80b7d029283c38695bd62843161d4d0592c5c71ff587b10ffae32

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5aaa361f7f868fb13caf572032bf8e88

          SHA1

          67bacfdaa6a65358c6d30ede5c530bc5a27ec5cf

          SHA256

          66ce972e8c71c64449d476eb98af6e3cb1e4479a4dadc0faf0ffd92efcb3a909

          SHA512

          76692e50f870f7a18933769bbfcccca854b82c4502fa8f53b5a8badd115af1f9ec7fcd4a3f00d830a4607b08ef82f1c79010ec5eb70e2ec2999754315f68d9e3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          66752bac2231c9790c925e1b843b03a6

          SHA1

          ee32317f1644199f9798ac23fa082b22631a41b3

          SHA256

          4b3945df88d15754ebbcb2efa4a646c3444453d924b92b5a983bbd6143d9ddbb

          SHA512

          825505ba8a698a2bf3f6108d1f1eec6ac10cbc83674e0983261957be3486244925a2d5e0ed40ad0bb261cc0da14e8e11a68ed8e67931af7269d60e39bdfb3a3f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          0a3713262cdc39cedb63958e2e978a19

          SHA1

          d4da5980a34cdaa0e6e2132938224254b05793ba

          SHA256

          28f9948ce1e3c1a44946d19a13de9b0540ce28f80a7f0b265c7be78ce764dbfa

          SHA512

          fdd22bec32c73de48b88adec8543f277f2ca6d96facf2ae2fe9a8a9c7a48e03d57dd59c9ca9f58e7e16d09baef9c33db619d32338d476fc666638e6dcd301b59

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c30014ffb7fdad08fd393d35698dfa63

          SHA1

          95be06b456178047201c99d35f7d4aca76e9e1c5

          SHA256

          14d7bd3c46aa43b8303920b2a9848e28e0b6f6c073947a4f85fc6f9356976fe5

          SHA512

          cea138955444efe1069eb63063f2ce2d684ce42a374ba978cd9157fea11b79a7d8ac38d414376a05449954cb443eb6f6bde80836515dd3648c981079c280edd2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f30e18637b67bdef6a47d5709bd3a53a

          SHA1

          98d3f1995a5aed7f5e24f248cb02b96fb5b8cc3a

          SHA256

          caca7d144b51139712e82d4a7e43106e119c36e1ad75f3d6c45c7034eecc1b5a

          SHA512

          ef5bfbf45076d5e0c20961c7396a874c86700a684942f6c2b6b29206c0a07130ea39c3702c110cbc9555cb6c23dc820d78540743db639fbd78fb0f774ed842e8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6b082e12c992a31d55d654dee765ed42

          SHA1

          f91fc7a7d3699bada3750bb737c225c91194b320

          SHA256

          065f26850c8eda38efc10c88170a1a3598536ac8d0320772409e0682428177b2

          SHA512

          32f4e9f3826b41a2e8eba611ef7cfe9cbe040e4f753356f7b96a8801a5f24560fc62b9d1742885dd28d77439b3e67c1c53f30eff423f776707388d794ecb5665

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\53STNJLW\platform_gapi.iframes.style.common[1].js
          Filesize

          56KB

          MD5

          f6140cf2e81a9d5b9bc96970fe1946f6

          SHA1

          e18cb20a08d0c13d44b72e36e9560aec2187abce

          SHA256

          68cc8a99c8ed5cc0eb3aa2146fd34bee0051bfd98faa3c03b83c78b4a12a8bd5

          SHA512

          1f61bf7228ae9fc1b36249223f4ca0675da05beaa6c00b28b7fff500e0527ee237d139eaf6793ece67f8730dfff0207bf945a848795aab7c57301433449a8acb

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\53STNJLW\rpc_shindig_random[1].js
          Filesize

          17KB

          MD5

          f019fdda31635d2a31b151ad8ad56c7a

          SHA1

          6adcbec55f66ffaef83d9a134423aa98eb2a2189

          SHA256

          c7fc0b1526533002c956ebf8e8c42c3ad3f96c41ace73fb4063cc89051944831

          SHA512

          fc278c12316e098976833882a38c788d812f9d36bd1b9b2b8c87dab4dc906af26a860df95436ea1b7d509236d44d0533d475a153437f8f5d42653fc28a77ad64

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\478691279-postmessagerelay[1].js
          Filesize

          12KB

          MD5

          92169c8a0fbf6e404267d0705cdbdf42

          SHA1

          a5cd88b74ca5ced239cdbfb458fe25540d671f46

          SHA256

          dba668b49a111527aac8f616b9053ea57c944e01a84ebdcd02a13da921223384

          SHA512

          8c5d35ea512fa7be367cd9a9ded2f23822dcce730e5502a355ed0d48949ef763eab13be0d50a66de6b0f8419d6a002c12c4ddbf20d97f5393ba922e48a4f02e2

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJ0GGVIM\cb=gapi[1].js
          Filesize

          133KB

          MD5

          288c5ba5b7001fe841c32f690f62cc93

          SHA1

          29aba9d8e4f7cbe25fa5e64b9ecbe256e51fc789

          SHA256

          c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52

          SHA512

          e375d41344a086d35accfb02bb1f91e2dd383db032af387fc3d6b1230057cc5e432e9b2cdd976e51425b4f587391d42f4d9d857c2e6f11e822a65edcb85f1c9f

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabD4DE.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarE593.tmp
          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

          Download Submit