Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    22/01/2024, 07:55

General

  • Target

    6f223e15ae440f2c0a7dba90fa7ae3b7.html

  • Size

    74KB

  • MD5

    6f223e15ae440f2c0a7dba90fa7ae3b7

  • SHA1

    ed54de81859addb4b55d29df885f13c711e9918b

  • SHA256

    e545dcbf8266d3539ca530de5693c4b740632194ab6c1570bb322125c1bf70f5

  • SHA512

    0144e0099291f68828e00980169e6f2a988e71799c76b6fc78bc0028d29f3262a71a1405c21838bcac9e2aa0d276574a1896ac2905b4c467ca5bf612ab6ea200

  • SSDEEP

    768:sCQpXH/pBsKH/E7fodzhMFro+RSXxneN/KIs5odzhvJjtmlcFSiKoYRuQG:bc/pBsQiodzhMF0+RyEZqodzhNCXUQG

Score
10/10

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6f223e15ae440f2c0a7dba90fa7ae3b7.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2024
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2024 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2384

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

    Filesize

    1KB

    MD5

    55540a230bdab55187a841cfe1aa1545

    SHA1

    363e4734f757bdeb89868efe94907774a327695e

    SHA256

    d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

    SHA512

    c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

    Filesize

    230B

    MD5

    58088b75a383c90a0151349c3e1094af

    SHA1

    a716a80836749d1b0be5845cb47483585e9b1aa5

    SHA256

    f9a66085f3954e713b8d9ad1ca6aa83b1946de9b63df30cf1d61950fe383ace4

    SHA512

    e24e074a97eaa7881e763318a214ca7903e4ff04c1ab257d6432d9160d73af012de24154f7bdcd4873688b0a257f50599c2772f03a24443ea076a468febebe7e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    bb9e53d0e921d570dd18a3a3b1434002

    SHA1

    b88bc1f1b3dba66d5923239dc7d69686dfac43f4

    SHA256

    185b9fafddf6aba9c2a32bf98e329d8ae052f5828831d342f2876327546ee1b1

    SHA512

    1793b22962788cf49dfb7c5ee6b5dc6a16bed4126b494e48ca67a791311fd330c7421075609af3d9121e0f038b64261da566eae62314264d3932a05c70be3447

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3228a36bb450526016c955fd0cd30046

    SHA1

    ccc8b00f7f22bbef20080fa1c39ad058b4c84dfc

    SHA256

    940b8aea62cb21b49a8c023033e9c1005856d17caa418919250567387c733891

    SHA512

    b18098d1987d66201db055a8bc5f3d31bd23a4197ee72572f964d82897e18fbd349086d5ae573306c23bc355b40816073bd3890bd52d8d6cc5738e1e2f3694d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    af7559fd2377c6852202e5e97123279e

    SHA1

    d1b9fb055f34a3e5b2f5027f7a14b580074a5e31

    SHA256

    a7e9efcd03afc66affcb66ad82e0328714de0ad94f6ad4120112660c72837783

    SHA512

    21ea8ae2c26fde5f2d07218f431cef76530f3b1aee6962a184fc305425f4ad084608b8150aa747cbe94e26518a2f953b7ba40f742e58a500c791e592138ce6b2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fee826695bbb39be2c63f0ffa0b0e3cf

    SHA1

    6a23aa54d5407e6617ed6deee7a979b25b1c03ec

    SHA256

    c7e3b6d2ded67b15fcbcba53ca33f89d979d3b5c031456b39f964fc3b923b11c

    SHA512

    2f74d6bed1ae95ef321ddde5a476ade19071076edd39de1fa2a286cd71d26081052eae972442d5ac02012057012cb09690f0e4249b482ae9d527098f844c7bf8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c81d2023b6541cca9f66e38a7efc3f09

    SHA1

    5d23924ca3b3fe0f1c451de9da771fac6f270a3c

    SHA256

    561ca000242d0cf12fc0116895a0e0d3c9492986cd7d52df383c9f40d9eade30

    SHA512

    d972cb058466d7440f4bb87e654adba812cdba57addbf8ff8addeeeafce3429dc818608e2210c1e6079484e0295b5797f35d0c4feb13127a64865adb0ef3a89c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7cbcfb874d3e99dcc2fd9a791860c664

    SHA1

    8663f7769c81b92b7843a1745c1443f4fb2e6364

    SHA256

    112d9a2ab03b73867493c031b34ac190de6448652606dac56da7414b499fc96e

    SHA512

    4cf078515ed7b4b3a9716ba1bafc17ddc0e5c414b3d8a12bb8bbaac9fcddd5fc09be7f7b7e1367b0455e602f79b0c29aea031b3f236a7214b78bf7b54d569e69

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    42bfe28ca91451024e1e49c2d14a3989

    SHA1

    b4a1dc5c13f22e6e3566c444533fcec077f42e6d

    SHA256

    eb14814a401fa1feb9b60a2c416b299cc8fbe6d84a0120058aff568022f8335b

    SHA512

    9bc7250c987a2b671f738dabc88712fdf7cc7b5b047ee688634e873e870140c28d179f66ff429f33117fc66227172e03a30b8e122083632b21d47ea901519675

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8398cf6991fff4499e5f2ff786e17cf9

    SHA1

    fd656c237c70413d71b6aa61dbe30096925a404e

    SHA256

    7f0acda4572f18e6258436ea50a8786f1f3129fa634bfc30716ea4ae11b45421

    SHA512

    59629963a3c4d5168bede76dd306bc2f05e75676fc2b5b05927a282a70477c12bf5cda7d14e0ad2784fa81d6cc7c1f894092f1992e117337074377d6ac095d8c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d50779ee7c0e883d8f783a53b1b79b12

    SHA1

    31dcecf01ae411dde5c11f538649ed0a07cb3688

    SHA256

    9d857ad79414eace1a58ebc34c5be758da223e549fea1e49de22a72c3703a3ea

    SHA512

    66a599a62bbaa82439284977f638065005305cf5d40236390894f3fd62bbe1f32891bc9f9756957ba71421c84b94c7a2b49d4b39d01a73c55b195eab2f8ad7b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a29d9e652c35cbb0342c0ff9ef2b1664

    SHA1

    1bc81caa3ae9127ec0467229bfe76588cee2e445

    SHA256

    9b2e102806b139c9bdec71efb4b88951cc76eb89cafefe61ee9c65f25a223114

    SHA512

    7b67bcce2403eaf746bc607d04e9ec8d3120f4e4c9d8c7ded9b745c2c0937ee6f6806c036d2a514719881c7ca0c25ff23d328cb5943f3134db0bc6f1bfa2e59c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a8b1835897117304aa25dcb4c53c626b

    SHA1

    9902f4a91cbd8802e70277e0a9d4f45a8ba7324d

    SHA256

    7d9a545f9ed895a74cc3146c5c68020f2455abb709b79cd1629a8f792b8e3556

    SHA512

    a7e98226485fc6048f784656077f0f956a56e42e67640606c24a57dff10f9a045e78e467d6d5fda8c36349bb6a0bb4744a11b5ff524451309211d2b3678fb3c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    34e00834476a4e90a1d1c79ef6de5108

    SHA1

    4349f0d462e611e3fddb3437a9e27f1c0934e80f

    SHA256

    4058239bfb7bc48dfe0019fa9ecdaff12a25e18fc6875a59f9090691923284b7

    SHA512

    8e2afdb9aa4d9c931c888306b2be151df407074fe14119abf3d290a6d09baed87c7cc3c3544310a3c8701f79662e41ed3b0b21258ee2313b8919fb1945e88889

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    997cbc11d2a3d74992b580df455bc4bb

    SHA1

    20dfda045387bc60ab70a0e3fe16d0bf3b859ac0

    SHA256

    666cc6a99c3b46e81f1a1b99da5633cfb860558cf139f59db5903f38d6a2f46a

    SHA512

    673d7efa7f427bc483ce0f798f33d0f662b97edb720ccfdcdce0da535d9404396bc93f0748ef9ff5c9cdb97022203889c2e3ccb27f56bd205e4d82de77149f0b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8b15dbe70bee5e563033a3f1a05c0d7e

    SHA1

    b72b8c7e1f074c9b8ea788c6e276285ec0d35dbb

    SHA256

    39f46f41d11b6c3a266d49fec5b7e693e61b210cc3d9682aadae4de62d7d822e

    SHA512

    b495aeabf7d2f90f4fa630dd2cac8bc91ec466436f1f07d05fcaa06c03eca71e3bd5d8d1bc9a887333a7663de050f9df8199ada8de8cf2274747efbb40e8d4fc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d889ba0af0debe436ad431c80d55e295

    SHA1

    bf8aba4f017c3c5302e3b62d599c57db85ad437e

    SHA256

    00712af7e6d9d77b2891de7674929f239bb27369a10eb512d2e7ff380a45ff94

    SHA512

    aff3324e2b31a21a6764a15361131ef3e1686941eb4daa291337802da7c7030e84819641a285ecc164dc30a2031bfb40f64784674eddcd15fc02582212a29dd5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5b26b2bb693d347d4130cf1dab45e903

    SHA1

    53735c9ac44cc9aa0c2f8659806892d6b3ff2be0

    SHA256

    016455512a9a346578a7c9d3b6b89bad32caaf0c256b677c7bfb8b276546c58c

    SHA512

    9a510a364923250a30f7c0f03727fe9483f37ec24a57c855401efd8588af74b99d20fb10a1c06673e9131a87b491cdfc06dadfe14e43027b7ba4d75f5031eedb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a01afb00b4fb2c8c157f4e7297160d41

    SHA1

    a6d44bda9c9f1543bedadd588c7056796f9beb9e

    SHA256

    193e96c0d82f801de19174a0aa2748db79ac8ef159f88ff3b35061cde02410b1

    SHA512

    e8a62a7f7f1775566a98a9838e9640666355c798a23089e42ed0be2b6d1cf80e09414f6e682384bca4ca61cacefd0307a95376dd466918b6f906f4aa28e05ad6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9ed894497d753b7cb2858864270eee48

    SHA1

    18f83d02e77e3eec3e743db2f2da94c498891bb8

    SHA256

    3d8cb41a4e34dde691b70e58712721c8f7dae6d640205e7d8af46d745a189876

    SHA512

    07626b2b12e0bd223c5cd64c2f569e55855dde131a2015481d6f5c178309b960bbd26e26b22a7c5b6ffdd7725a0ef9c5a9a1e315c6d1e7c781edbc9483db00e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d1e16b39abc1be7f5f4f57f31f397997

    SHA1

    dda4f55d8b8923ccc99875d1701812c48ae226cb

    SHA256

    1a6f17875b5de3631879f81fd1e669c7197c066a39346f0dcca908c7da796f81

    SHA512

    34507e707e2e627eb520119e137081e1279a849de93da7bd15664592112a687f5b5acb0597a05570aa3ca6cd3a68dfd1622986508275b076bdb36343fab39a9c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1ac99055bc5eb0790fe2e7de1cf452f4

    SHA1

    11d36990cf65d7a7d662a580f6999a3216863469

    SHA256

    9be36c1315d0476cbd394187d5f912f93b9d50af7a2efccf156bb027d5738ce8

    SHA512

    589d048b0cf680fdb77aa0da5651f6a096a45c92e568857a53471726038542c875864beb21707b65d0c3546fb9809f7c311116ed7811e38e74521b471aab212d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3b8d6ce5ad96e4be308ea332deff37a6

    SHA1

    248bdeadde9c065d3651e1d474c2ca24a17b6ea6

    SHA256

    160c35cbe2863614c54967ab5b0d9c810c146de187eb28686a74beed3f00d4ef

    SHA512

    474b969e8e0de5570560e93ba8faff0f5aa5f9c6f17f4f190a0e120990ab949f3a306d030a20f6390b43d7d7d7705914f374234aad28d550bab51f70c4e49d0b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    bd2c26fb182f3056e105a8de36cc3422

    SHA1

    49c8d3bc5fa864410e15d5666d46bfd0d4f33eed

    SHA256

    a4feccaf2769b1d9753351b8cf08a18ed09ea132a1e36557bbb37b3a028f2a2a

    SHA512

    783df06b4862cf78fb76b9376fc9cb401240de5831b38a9390fcb563e188914493432c3a49366b018c3b62406e976c21ed2a4f5ed25d923a6e71d916c9e84067

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFLWQ602\f[1].txt

    Filesize

    36KB

    MD5

    34ec933eb7ef97c67e81f24dab5b7a59

    SHA1

    9367ecbdb0bfe1fbcdaf0dd70a9ee41f6085c325

    SHA256

    3491978fa48e0e12b2933299e6e0b464bf9e1b7b92c7571864d28f072d392c2a

    SHA512

    50c35062366a36c2467762f5852da47d939c013500cb756dea05561c7c6d622cbdb5b3d7a897a8b6654220752484fa3a15f95ff2fea1cef135c4c1d51bcb060a

  • C:\Users\Admin\AppData\Local\Temp\Cab238A.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar238D.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06