Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

2e4def94ea...1.html

windows7-x64

10

2e4def94ea...1.html

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    138s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25/12/2023, 16:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2e4def94ea53dcf3f333b315bceb0b71.html

  • Size

    86KB

  • MD5

    2e4def94ea53dcf3f333b315bceb0b71

  • SHA1

    6481e23422d5965ac2e5c0df0fbb5412d92e0d5a

  • SHA256

    f6d6d0f82fce72dc59998fcd6b8b59a23c8aa9a780447019c8fd7e767613b12b

  • SHA512

    da26cf291961e1e7e22153bced84a95c1749372e5501b6ae575dbbc91c724ef1c94c47be0b21f46f0f351d93e96c517dd8e43aa927a0e384886864e70ac171d4

  • SSDEEP

    1536:Js8NcHH2E5ZNhUFp8JKo3FaqaksPtd5UzpZcE9oHr/VB:JJ2HWcZn2p8JKo3FaqAxUVyE9Y/VB

Score
10/10
socgholishdownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Modifies Internet Explorer settings 1 TTPs 42 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2e4def94ea53dcf3f333b315bceb0b71.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2472
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2472 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2792

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
    Filesize

    724B

    MD5

    ac89a852c2aaa3d389b2d2dd312ad367

    SHA1

    8f421dd6493c61dbda6b839e2debb7b50a20c930

    SHA256

    0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

    SHA512

    c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c8c89114b2e305920ad76fc5538de40

    SHA1

    939dd9181f010369fb94adecc02bcd112eda30f8

    SHA256

    1fcd73cf823595152926f66132da35a9ef0884582a1f8411e6d3da8d6e266bdf

    SHA512

    3d8ba16a1a241fcc435732d0a8cddd543779ca7ceecfac6dbd1f543541d183d61a0e1a5a5337c7ecc74bcb229b13c35647abd5e905c49387d549714a60149c71

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9443ac36064d6e5bed58b5911547e862

    SHA1

    33d7dca1f5f1ac2747be7eda7cd74c61360aa9e4

    SHA256

    4cd6d38e30332a2a71e1c81aed18599f7291cff861f431bed056591e8a53bb9a

    SHA512

    151a36695df7072bf45ca715e756269ed4b03c40d21c450d0c051ac67502a7b8a180fa20b6ea2e1b384f860b7f40dd369c73abc1bb8c4391ada8b9d4b3531b1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6e8edbed29229cf5258c4162b53484fa

    SHA1

    036e9cfd277664b8115f16764619ef26a43e880f

    SHA256

    c3c7acef52cf5b0bcbd324120a630a966e4b45f983176ebb1545f582467285b8

    SHA512

    f53facf1b39b7b46f1dfe9f300787c2168310a5c4ee92b7e74e0610cb05271090339567c3f8bf262555b59c6e5935abb45d72c352b6c649acf007a98de3c8c5c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    332498e4d161a1d342728d66fc665433

    SHA1

    814102beb0fff87441c659a2031b54cae0e5b7db

    SHA256

    7ffdfc79f753427f923651d42f4dcc61818642c081dc4a3ed34cdf5a308d84dd

    SHA512

    81eee2c264597d65372f0903a9ed12043ac497ee2f0289f4032ad30afe39a8d42acf0650a1aeefdbc90ada49ac2c12e8fe01148361b27cdc72d580de28aa0678

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    564282ececc5bb95878273f538e0d8c9

    SHA1

    8b97fdc6914b02854297a7f4d97cad25fa0f45cd

    SHA256

    c418818d153eb5be2f8dfb97f2accf3548d11c46d384fb9d983544da89e8d9fc

    SHA512

    f26f21ed73d946167a414efcebaad41a7a271589f62fe2e85e0cd0134fdbc1a0419008a508ed54be73cb16a420467fd6785437ffa72f8702eb860c82184021ee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0f2d7e7f808724deb6cb861b973c4c31

    SHA1

    0c48966629f7f7b7f6140ccbe547894cab357150

    SHA256

    bc90f059ee124ade061d857a9d542a75b3c0dc44673198e087bd117f064d1ee9

    SHA512

    e856097b57553aec97431e7822fdfc48e2b7d58997cc4f95c767c38da328761ceb3ddb05eef4220f6961674af26360b481b94ae3f0cd3d23c514897c22df8613

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ffe8acdba88ef565b202875e34fd9d52

    SHA1

    61bb4fc186bb197439a2b23f4f0d7b1c095da589

    SHA256

    1a74d096959a22a5dd72bf2c58a7c5974e65bcacf90bef74d0830320e883b68b

    SHA512

    67a651fd12bbf0b598435df160a6ae40bd8b62e00d8ad2397739fc4a82b4305dbd80bfd4a14eac72fcb5da54eea0e4ba167f2512d8cdd66d09d8c905909e03d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d07a85d575ac65cc0f06736f14b7c651

    SHA1

    51321ef82e444c6f1ca5ee82eb3f8817e9437f1d

    SHA256

    feb82cea1451bfe6c511946f5a70432ac4163485315a207af2c0fa4d09a480b9

    SHA512

    450f7ca29e8d0837c818fb11cd3850cd808cada8a8624be486a7052fd2b97b2beb36a5c6bc03f819df1347c96d27214152b8673bf1230978f70d523bb79d9bb1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\I2COXBSO\www.google[1].xml
    Filesize

    92B

    MD5

    25fa8e60858fb48c9a035cffe24db461

    SHA1

    3c1ca2474c3cbe0b5d5e141fc3544ad33132c000

    SHA256

    e521df7530f334ad67bc06cf5807e717c7a194c9cd233f13bc56f185eff63c02

    SHA512

    93c1a1a6e5f3e85abb7adc17be7d6945ced435ee5c2001e9d645daf324d96e422bd48f7a6dd77cd129f2b973ed1d0a82a9efc5b2b5221199e066d59955988218

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6IJYZ6B5\www-widgetapi[1].js
    Filesize

    93KB

    MD5

    5e3888e4430cd0a2f2df65ed780483fb

    SHA1

    261843f42867777c78317acc5e480a72df85d3f0

    SHA256

    bd782c3dc60b848d23830e04a6e745aadb468e64ab4e3cd3add84560f6f33759

    SHA512

    56ac4d4598769a80cae00f0a3cb6226e5e31c4ca4ab8f66382eeba5d893946c25a2c2f0c265b1718b7b95a44826d2a11341d044637a70f49a9c2dd3e6f8f7174

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FIEDGG3E\cb=gapi[1].js
    Filesize

    133KB

    MD5

    288c5ba5b7001fe841c32f690f62cc93

    SHA1

    29aba9d8e4f7cbe25fa5e64b9ecbe256e51fc789

    SHA256

    c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52

    SHA512

    e375d41344a086d35accfb02bb1f91e2dd383db032af387fc3d6b1230057cc5e432e9b2cdd976e51425b4f587391d42f4d9d857c2e6f11e822a65edcb85f1c9f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FIEDGG3E\eplayaV5.32[1].js
    Filesize

    55KB

    MD5

    0aeddfd0239afecf7b9b4318b1f112b2

    SHA1

    727e2e7fe8ba4a32a4fe64249f69249e5724424c

    SHA256

    46d3b5f65effacd7b313cdd23ceaabdb21308863cc42c98736bff951aeb29661

    SHA512

    7d584ea932585fdaec284319e91df36946b796409951e89fdf48b64b64c0d7b88d86b7d6144f5b7161458f03f8eeccc0bc62df083eb3686b5ffaa4dfa50118c1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FIEDGG3E\iframe_api[1].js
    Filesize

    993B

    MD5

    e6b8c6a53822277e162a5dcd268e98cb

    SHA1

    d300eeea8098ded931149ac1f9849f253d2615b1

    SHA256

    7ac9f0e85d1ed4d4ccf7a151ec6b9b80f89baa745841db8efd82713671ff5ab8

    SHA512

    3126e75e5e05c953893a7db3d0be878d35d73b0ae03ea9cde26059de7db4abe066b27c54178078aa6ad09a46f0eb202f4f9b1335c6494ac94b68ac761a55463a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FIEDGG3E\platform_gapi.iframes.style.common[1].js
    Filesize

    56KB

    MD5

    f6140cf2e81a9d5b9bc96970fe1946f6

    SHA1

    e18cb20a08d0c13d44b72e36e9560aec2187abce

    SHA256

    68cc8a99c8ed5cc0eb3aa2146fd34bee0051bfd98faa3c03b83c78b4a12a8bd5

    SHA512

    1f61bf7228ae9fc1b36249223f4ca0675da05beaa6c00b28b7fff500e0527ee237d139eaf6793ece67f8730dfff0207bf945a848795aab7c57301433449a8acb

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFLWQ602\f[1].txt
    Filesize

    34KB

    MD5

    d854bbb2246d993bd1f8687e79493f60

    SHA1

    28fbae93bc5e4e99a6c905fdda488be72057c307

    SHA256

    707248d75606cc53aad966797dc2cc86997d1ea1a74b1c99b9191716600c74e3

    SHA512

    ba4e7ef0a590c84310fb36ea64202cf821058eb7bd52ada1cc9fefff544b7500bf54a8ee43ce80b6cf8989071b0deaf2bf9a50c8063c192f24063f318585c3f2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1B40.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit