Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

1956d0ddc3...4.html

windows7-x64

10

1956d0ddc3...4.html

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 13:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1956d0ddc3b33854f32a9c7b14b90d64.html

  • Size

    61KB

  • MD5

    1956d0ddc3b33854f32a9c7b14b90d64

  • SHA1

    1e4d6d9086058babe7503bd358ae8f21a5638a02

  • SHA256

    8f748be4d74fad1d53e5cc31063b859a0b57e024625b00899faebc3648083949

  • SHA512

    a271ebfadb5bda768ab06fd1cded5b83fe956e707571a9c57b92f8404680743030e153e706b445ff05f4e37a591689f937d9df19863ca872fd12b5f2b263b1a6

  • SSDEEP

    1536:FHvYoFU288lFZqxUvC93IxgdR6TJGv8f6GlnKF+B:FHA6p8SFZqxUvC93IxgdR6TJrNlnKF+B

Score
10/10
socgholishdownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\1956d0ddc3b33854f32a9c7b14b90d64.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2240
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2240 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2576

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    08e558b6122b368704b2a5c7535bd1f0

    SHA1

    6fec45705b888cc454c7c9c866feab6f546406b6

    SHA256

    c4bbb4ee20dadd97ef0ca2bcf9625c05875b8556fb8b8a4944ee593b7bb331c5

    SHA512

    07c19f517b726a1251d99bf078664e32906b51e0bd884572315d82699d1616728327be5357df82a409347963ab4e6c2612204127a5943ceac5417b6c18e16c2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1c038dc3bd177eb76c3cd28b1a4931f4

    SHA1

    e96abc78ddfadaa9f4aa4bb2963bd08df2a21d9f

    SHA256

    1fd9460ad9563c7fd9afc2d05c6b78d619cf03e306b5a4ebe13fba9281c5bb0e

    SHA512

    c1078a2e0cdb7809aae92b52475e30b3bdd5d461796189b696037d027cc7ebed3f849d6f50791cbaaf98ca7b4776c3f4249b0470f771127fd0ac061c74c2c5a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ddff909677e50fd39273e4134a3df5ab

    SHA1

    bcff25b10140c108ccce2ed7f6b388cc29e38a27

    SHA256

    41d464720a7c3153d65a97fde9d4192bd62145dca20dc079e44de449c792f900

    SHA512

    c8d8887733cf28a9315715bdad2d1fb2c3eb69d61604dbcdf5968d79a2ee73e3805b485932e92aa37634f49602e42551033f3073b64d2ad9a81ca9e0680572bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a805311a5038b23ee9ec5d2629b1cce2

    SHA1

    5ff59be8f04e6ba2973181f21324192a49d3575e

    SHA256

    256d5de48d09d3a2b4195e7ef8aa92f8cc2704b9e7609081772cdac08072b730

    SHA512

    6a60fded8ba26f787f859b7c0f22a9175aec39d5d1eded375c8aa480381082e07d27aa9ff2bebb01844829a354fd3b4565232d1e29dbd760e9b3b7bcc913e52e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3814f72f873a65c9d1e97860575ae06c

    SHA1

    245efda8d3bd967f012a4c5ac3dce1c9a4c43c6c

    SHA256

    62a428d97e30fae651ae76e10b0f5972f45331d1404b37c65b7c2d7e7fb8532e

    SHA512

    d4fc03986f27839c7de8e71f0d143c5c03644af43d15622ef042e8a206c9affd07a0733f120923cf67fb097cdf187cda41b6d071980a35ba3a1ee6092ec77fee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e54f2755241c25238c9f52ac6681349d

    SHA1

    9a4a36109b7016fa6b6773671dad60686c33500c

    SHA256

    81976bf260ff657fcfef1b744ddeee116aa9ba0d8c61ebc701c6a3d2af79c9f8

    SHA512

    7850fcc5c799e24e3de5b1173c8f80f3113870281e2dad5913fff08a717433403f99a7aa51d2d8d950b565e12d71572fb51e49850c35168e3d8ff5420dac6b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d3491f7a4e7ab63a7da4de041a96ab1d

    SHA1

    6fb345fdd0c43797068942612aa31503ef46b9cd

    SHA256

    a2a02b25c356b13b7a177742e8afaa324e81db939dbf85ecd63d456ca4fb45d7

    SHA512

    2dccc3db73dd4e4f8f28d6b48ef4f722876c0dbe57c820a1dcc7c5094943dd1b79b43bc324f997ee153e84d217c700b0146e6ea030ee356bb55e4ddc0bcbcdcd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b963fba251600c787fdafe39b4c61a34

    SHA1

    e44e2f6dce018d774d4374435e98fd7e144f81e6

    SHA256

    707dae2d6449238482e38bc82c069b735941ffcd7538bbce763771f5a0477699

    SHA512

    ffc78a94fac1c5c9b91e9182b61ef55e0b155762cce34537405068e92c3e6ab8cb5b27c953c94ce1def6cbb710240bb3600f23991e8737d52d3954a7dfe4705e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a66cc78820d937268a61845d32955ed1

    SHA1

    80b95f0c1d196af9e6b89e4a23547548f3c50c67

    SHA256

    3de34825a439ad79df464708dd89581174adf9c83279c9470b323af051cb1c5d

    SHA512

    58a596ff04474e6ec787ea28b9016b79f7b6843f511920de1de2346a4b56d65263e2c2abb9cce366aa6bb505f3b6295e057a57a20ce31f743947bd21f160b56b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    93d8170d4fd41aec66cd28bfc59039dd

    SHA1

    4fd40030a4b78959bdce92927484e08df15da297

    SHA256

    b40aabf3792711498229947de2edbe455ae498ddaf467ae773069b45ab432af7

    SHA512

    ad0e5b8b4a6ed791994888b9f414a7759601a3ff0bda4a8f7824560998ab445cf8c0fd70a23b7ddc765ad3e31bc4d1586bd47be015f457d656204f7e100d2830

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3c3e733ed07f7fc0b783ee147645d3c4

    SHA1

    68878d5bab65f6ee914371c442c10a364a1f431c

    SHA256

    3444ae4e3de355f7b018cdca201564d5e038fa1488af81fd913d2ae0bce332ee

    SHA512

    738ceaaf58992565616087e88fb8807e56dcae9bb32dbf390b79603b2b4e19b89cfb23b1d217d6b13e449ea2a445a8b6bba923073a3e952ed27ba9e2c74b9625

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6a8f59cd2009e70438b9ab5874cf9f95

    SHA1

    848f26b2d3a2b73e3bcb6ac3f1650a8bcf9ca75e

    SHA256

    a6d877842cb3f1e042b8b21da5cf2a7f69d9ce7bb69e68d6bd95a885c3f2e584

    SHA512

    b31fd2ffefc02ab0ed0a708b505f1eea7fbcbdb507f35d8662a6e300e637a81d87c3d628bcb14fcc09a2396198345c747676f48166ff891cb3d77de7ac2b96ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    861a7e5adb41a9d9a2fa9714cbab87cf

    SHA1

    8334ad4cbebd2c7bf66be15a5ad344e5ab0414b3

    SHA256

    e2710c4fcf3db0bc456ff41045e5ca39e077e4ccc018a277f322f181c5559f57

    SHA512

    5b8500f38f9e97eb38071d205dc57320e63c54293e6b7d8e2b787897e42c11447b16a2830a57302d08f7076599f8a9eff39519db9c072f3c34496473f21f34d1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FIEDGG3E\cb=gapi[3].js
    Filesize

    133KB

    MD5

    288c5ba5b7001fe841c32f690f62cc93

    SHA1

    29aba9d8e4f7cbe25fa5e64b9ecbe256e51fc789

    SHA256

    c2f33dc18eae27d4e878bf837dd97f1bde5151e44b0271408535bb93265b8c52

    SHA512

    e375d41344a086d35accfb02bb1f91e2dd383db032af387fc3d6b1230057cc5e432e9b2cdd976e51425b4f587391d42f4d9d857c2e6f11e822a65edcb85f1c9f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFLWQ602\platform_gapi.iframes.style.common[1].js
    Filesize

    56KB

    MD5

    f6140cf2e81a9d5b9bc96970fe1946f6

    SHA1

    e18cb20a08d0c13d44b72e36e9560aec2187abce

    SHA256

    68cc8a99c8ed5cc0eb3aa2146fd34bee0051bfd98faa3c03b83c78b4a12a8bd5

    SHA512

    1f61bf7228ae9fc1b36249223f4ca0675da05beaa6c00b28b7fff500e0527ee237d139eaf6793ece67f8730dfff0207bf945a848795aab7c57301433449a8acb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab3A55.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar3A56.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit