Analysis

  • max time kernel
    119s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10-05-2024 08:42

General

  • Target

    2e46ef6398d99937111e6aba0cb59d73_JaffaCakes118.html

  • Size

    324KB

  • MD5

    2e46ef6398d99937111e6aba0cb59d73

  • SHA1

    1adfb1f264794a03a455e7f9b9b6ebb907247ec6

  • SHA256

    21565eb26be415321972ed20c1f84419e75fd5ee5b6dedc1afc92f19b35fb023

  • SHA512

    708ea0f3cc9467f7569002e695aedc51fa1c045b891868eaa9944e4f7cb1be462273b73e94e2257ba286b44af711f1effbd7a1283839c753b703678c01fac18c

  • SSDEEP

    3072:Xxxjt0G8qxAGXmNJUzi64nAPai5xvLVbhxz4j6awwwDZgpDFlDCv5C+zMNYq0FL:XNHXmNJ0vLVbhxz4Re

Score
10/10

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • Program crash 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2e46ef6398d99937111e6aba0cb59d73_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1928
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1928 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1760
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1760 -s 3040
        3⤵
        • Program crash
        PID:2348

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    fca8af0dc8436b9952fdf961f8c7f401

    SHA1

    ac194f887a84a4538985ece94daf59cea48fe65b

    SHA256

    477645c7b83bbde8bdcf6d066f0de596d5b02fd47c223f89dde7d86903338cf9

    SHA512

    ba0d8f654216d9530bec83aa011a3433cea27873be327ac60eb1244997995489db76e25077dead09fcd43009b05deda51fd37b30a33fff01c94ba3927e1c21d5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_F82FCC341F124F6AC9D153F6ECE89FFA

    Filesize

    472B

    MD5

    172831834ea62b24f27ae09586544041

    SHA1

    1bb2f6eb9c319fe96051c9a7db6cc4b882912471

    SHA256

    c88fedc9c4ce58c474cbda40048f9c60ea139d81438401ca3f9f38de59e57319

    SHA512

    ab2e156cf49e575074aabec3dc76df497408755944acb34ea9a67f85eb75bfd1fc4eb898b445cab38d6cfb799288668ca6ca9338422de9d774264dffcda4de44

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    724B

    MD5

    ac89a852c2aaa3d389b2d2dd312ad367

    SHA1

    8f421dd6493c61dbda6b839e2debb7b50a20c930

    SHA256

    0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

    SHA512

    c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    97c19b7c7a7e129987f32dc4d39dde8c

    SHA1

    b28db264b403c9d2f28a05268493c77ef6d3c991

    SHA256

    f8ca15727d88543e44a1f2ab760aaa673a9d7115e96d2c12bdfa25c21199ecb5

    SHA512

    6541dee1f066d727a489aed996a92c340eeda4b63498f0fa255c4641cdb77d4f333f30fb50fd72c8b9f30ef1ece39f72668233fc0e8e2c38b96fd584974a84e8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    c00c3577b6f3ee44f80293f09ebe04a5

    SHA1

    c94a9ea2285dc6ae6ade52716880feb5208d1d8f

    SHA256

    5d17cd191da582591a90e59eb7db2fa64b5005b208585e40a25e5b1d884e53b9

    SHA512

    4d3ee21424c0170a1f6a1fcb8996ebd9976fa0f59aba35c449c89a51817efd41f9288ea001d6b2ffed9af2fe58c24729907dc34d4117456547a8de8ec1d3864d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    34becbbb461e910bd4e048efcdde1b54

    SHA1

    1b56ff323e25675838c5c5aa4f2d0666438bbf91

    SHA256

    ede76391bd0d40042c94f04a4fbda5fea211ab6d564374c55cd988587be29309

    SHA512

    fddf0bb198b877de292f8cd93957fc78f30ca54ec0cae85ab031b1d71eb3bf1803829a4b2052a417dd56b70e803532c5ffc258e0b5e3c6180157c3341037a9a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b50ba941fc9378e3036767b092368179

    SHA1

    e6d6172a5dee7f86ce6c7d80d26782524ca2a14e

    SHA256

    3bea420d750df3caa9b142e08814f48f891410a616fde1175edafbffca2df5b6

    SHA512

    baaae83563ed63c03373cfd02a033af70e40ee5359419e79642469077d8725c24895c32616ff86e9a2a778598bf48abb4b6a0e288ea463bd1e385f0ef59152f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c6111319918b4f03b29fe5849deeb864

    SHA1

    cd6354a3f65e7e1f4d8fb277027b833687c9c12c

    SHA256

    90bed9ff1ccee4ab4accc07bfecb7a1b09008e42dec42f48d552a5441c41745e

    SHA512

    435e0b1e36756f9a207eb84fc177640ea8a90ae436ce182ebc7977efd13e180ad6aaff12dfbab36db2e81408a381677e97c0845398d1346b0e11a4d5136e47e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d219d580c618bb1584173ecb57586704

    SHA1

    58938c4cb5df465a77bdd848a9e2357d4f57cf1d

    SHA256

    afa8680bdf2170e28830bb10ba9162769a7933eadde7dee03d78bd4b7e829eac

    SHA512

    45f064fe5ffe127af5665aebb11e0bc6baccc77b84140c6fbca83f44c2f20c4cd3ef322b8ae2b997e1dd737e26cb0b8c4863f9131e5ab97480b6dfe2e8fa30ec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    67abcff1fdd49bab8d5d1d81f9a9398e

    SHA1

    df410e9597d3cef1271917d97f8bd7758982b25c

    SHA256

    b0b0e1de4ca32b98b372a22649e0d5172880cc405d0c96e166a618f4c8bb45d2

    SHA512

    6935a0cdd1d3643044a9e50d00e60b54f7ff1fa9d8ffec3ec771ac97bef8e02d58335e609360eb151e2c0af23d60cef1109c34b081789b5c7efc013951803596

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0e0402c61c9df9c3ef036adb95df5a58

    SHA1

    0c84d9fde7dd4c974f37063d61cab2104ebf4ba3

    SHA256

    ce7f586fc99893c342ca25398db3ff6b8079e14ab9bfe69052d4d1daeae20558

    SHA512

    859c094d1e71adafe0663b2329f5f7416da588875b096fb04401fde3aa59119bce24ea14662ec90217dd4a1c85bcf700205cb5edf73f6102fcfd2880df3b1251

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d1ae02bbff083c5fb56c2301c1faab27

    SHA1

    aa610cad84c2ca3cb3d26eafdc68d7ccfaa4c672

    SHA256

    d368e23c265635c7869a6d5049370b0f70330a38ff447d3f9d6009de56642e5e

    SHA512

    ad6deafee39fef9a2955a44356dc230e035ab7289f727e2198b01c638f07c6e6f07390f9f89f902c0680c41dacb63c755e1af1d4b7a8fa58190d9ecc6de986d7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fb52a37f8b3147a6f958dd29424cf80e

    SHA1

    91e344e613da093fa32b993b2c703f233b40f3f3

    SHA256

    9487fc4a193a4337347c939978199e55d23505bc863d7fcae8ef193df6803543

    SHA512

    293c0dc3397985013d5d6725036e1a46d43fb213c73bd6b95f0fc2a97b26c309e4c53b29345aa02def453f00b5716691c7e5906a4860cdcd383164ea216dfaaf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4ee04df1a37c154a6791b8fba6ddd840

    SHA1

    9a4b9ba7777e8a80a5eecc9c242615632acf1b03

    SHA256

    3d205f894da7078d4ec0a8cc61dcb3c3be3ad4e8bb608810332150fd434c755f

    SHA512

    cc59593059f0377cf4aca8cf9a6e8a07cd41af15d92ae7106a004e298f01bd30f9305c28707576f4d93799141942ee0732ed52b8da15ca698e84502a2424e17b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    459191fea6ff1da8877e12ae179b6eb4

    SHA1

    a1230a307456ea64e549fc5dbc46cfe224676cf6

    SHA256

    6e74d4364673a22aa4d25891169f3bcf2001ac7c2ed7acc15df3f7774956326d

    SHA512

    fb2c96ef1fae0ec0e38f720847cb7e3773cd7043526a6407c0305bcdcb0f5f2bccac70643630d4316238abf5b2f24aceb4a145e6029cf30519cb36bcc2c54368

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a35624d2b662365b186096aee5de2743

    SHA1

    d86c53a1509796c11094d950798e235585ae80d5

    SHA256

    d04baa7685f0bab94f6baed54e955088a1bc3785127470d9db40dbf27616007b

    SHA512

    776348d17c90bc7fa95adfe6e924ae2c66abbf02079fd8343269500f451e8c8c8c9679196f60128a73bbc19061a40eac5ad9fb569a6ba7d3de79acef071127eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6e91b5fbc7a4610654ffe0ea37a3b76f

    SHA1

    57ef7711233c1b8d81963158f7e0852ffae59a52

    SHA256

    e7f90e264b9c64968ae255b37a3a17a9dac1955600d69d3b389f058cff650ecf

    SHA512

    e402b8a4c3831b6c35da5450c227d4519f3dfaf3786f34515bbb3239907a5b319406efbde37ae3762473bace635dd65df9ecf8a8b384d9deeb8e0f9dbbd714ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    da21e907fb0128213658f310ccdf49d8

    SHA1

    4a6e02bd879473679b1b0ca700e78239ca1e8452

    SHA256

    efbdc49dc6ff72f12ae29f348d067e007a2a22e84d338eb5225bed69ec6e1920

    SHA512

    5c9ba553e48883b180816a350c7c19c8cd5273c2754d0b6693065cfb9e75b74a604159ec70d7e556bd2b1bedf137fde3ff22e0b2d6420ce5156f51add488314c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    91162f8d3d377a3dc10659291e189772

    SHA1

    1fba040d545c6be3b82ca895d841c86e613bba2d

    SHA256

    36302b25a0a6a57df5b7ceea804fa65d948d553db47738f7a6d9668954d4c0a6

    SHA512

    3e8cd4888767612c72ede7b17ad476cd4dd388a3a77d91f69aaedf0ea03c0318540f5908b54a920834079ac6488405b41d12de937727794b3354ec8a1d94af34

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    229883ef76a23f420434b62dd61f1ee5

    SHA1

    3d23ae920fac879dede3c771832033ae8adb33d0

    SHA256

    b86b6dd0ac9abe7eda7abc3d266e89dd86ed97fd02beeeeb28435d9bc1b075eb

    SHA512

    9e25bbadc2adec9a3ca93a343fc11fe049935017c3f72ddc1b3ec10179a59f8e416d781972372a74cef11b64eb5f5ac7115c7d715bf93323f64c8439034daa90

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_F82FCC341F124F6AC9D153F6ECE89FFA

    Filesize

    406B

    MD5

    f07c0f9a66ace6f300b1cb1758034a2e

    SHA1

    ffbed2d93287aac1f93556339514d8e399462615

    SHA256

    2acb032b653b924893e01986a8206ca169a4f4228d63ae7f0f5f7211a9ca29d4

    SHA512

    10f78864670af4c14261ca4ef60a2c98a705fda8c71d26c50f4f4fe9282397167dce5c01985d4cce0d39b34a7796c39ca8a53ab3c5425a669964ef020d44d302

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    392B

    MD5

    d2c8ee205c698af372692e6a9ef5ca79

    SHA1

    84c2a3546ecd2466d899e5ad4150eadc663e511d

    SHA256

    75a5fe3a11eb7d39193f20135e02b532bb0275b6ce3c7898019826ff15831e74

    SHA512

    73640a0b047ef85055e6ef354cc1ce61b0da3a63e260f759e058f698518fc111f0b5048914601a9e968425cd63758a27d597381ac61b50766b8b8919acadb58e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    2d8db7bc3586f796be0c840d43e3c6e2

    SHA1

    3f56434009be23494379c2dacf296ea7f4c36add

    SHA256

    869fdc268895f15e547108527c5214d1d0ddd38b51bada778c6c79d80b4db02d

    SHA512

    a99183944b5085ef86c2eb8f75cdab1de61ed5711db19476d0e0029980f7fa50453d857ce2f84cbf4948ca1b975a37902edaf94c966b6ae581a49acf0f400be0

  • C:\Users\Admin\AppData\Local\Temp\Cab9188.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar92D6.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a