Analysis

  • max time kernel
    146s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10-05-2024 12:12

General

  • Target

    2f0866f12f8f456ad4eaeac60b3bc62d_JaffaCakes118.html

  • Size

    82KB

  • MD5

    2f0866f12f8f456ad4eaeac60b3bc62d

  • SHA1

    1a1d506fa5e19e0d9a4632dac588fb7e2168770d

  • SHA256

    7b42fb5060cac55b4ad023230b0c1c4af36d0136d90a5bc3adaa63af10615175

  • SHA512

    4d86695ed736d1e4002168429aa7a63b765ea807b3ebaf6251d9ebc172a0bdf5df161dddba6078d011073c0e888257af6713fd0e8923b4b6844117087d33f1fe

  • SSDEEP

    1536:FMk5hP2zRqpyqHqzApk/89rCX7CesY8seatMmSOlYW5D:FX5NyRqJHWAak9rCX7CeiseatMpQYMD

Score
10/10

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2f0866f12f8f456ad4eaeac60b3bc62d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2344
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2344 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2932

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    2150287b1f702c2c0aa2ec3047ab812a

    SHA1

    38523b2a813a83f6a614c4eb31561310747f0c87

    SHA256

    5e7098150b113b2c694c0997f1a49b99e16627e086980d68d5b437313bbf35f9

    SHA512

    571d498547354f0fede8fcf9234895e0eb30bb39d43df8230091a4f968eb561a639a52dd696a8934f3ac9969ebc3b9cbcdbde370edbd990bd5cd4831adad9077

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ad887452ad833e64f90a3e41176a01d5

    SHA1

    933e7240400b3b4cfe70f430307584f55043f8e9

    SHA256

    5c12d4980929ab3e9facbe64a2e4f7548f8d2f3cddd2dc8efe9eae0ca80535f2

    SHA512

    a1d4f418a66152a47757aa7ef9639903123dcffc9731fc931c7dad45b418539d9ef49e4e4a18af315b72a243f2f02a1ad73ebf8255e70b1a8fdf9f172aa675ee

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    910e39804e6dfda09db636b5c5af409d

    SHA1

    3f6f1f65d79590c53f8cf999186f24a44fcaf744

    SHA256

    256901d0952b02a878386bacc93a32f152f74bb71fc079b04520d4655b1cd397

    SHA512

    ac4d6139dda0d3637beb2ce8863d95bb36c9c67b31c578e31682ab0ee90f4701dd78249a362905ceedb604c241d454d6d490875c92940c3f4104b2df934afc11

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3b6d5bc103f3ccd961bb2bbe4216021d

    SHA1

    a026a31b7b828995c6a615c401a2fec9814da0ca

    SHA256

    89887174f65c9b5cbb3b06d5a57150a5fba322eb2831067a207bb2306a7c39a8

    SHA512

    481b570c37c0828dc23ad24ba0bcfe860aa62897fa87e8891cfca6c59b5bde509e164f13b02450a0e5ea45bbaca3cf8fbfcbaee1610ac89c8422e90404742d6e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2213ee535281125318441171166f9446

    SHA1

    a55f78e8da93f7e285fa79550a98afa1b24e5f3b

    SHA256

    bed3864c1ec4d7649386c0de5006f94e45840fae3180e6192528d06812438a0d

    SHA512

    560ca4afdb4bc5750daf253179fe604e869a3043eb14d4bcbef4b4b83d7d1672022734e49efbbdfa031102884c6356ffede65be24ea0e28814e63bf203ba9f72

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    70be3043fa94e09cbc6eb1251b8c2cfb

    SHA1

    9283c965e3780f5cae0b2fd68d314eaf61b86688

    SHA256

    8170d1cf9dec41312dc813ba6641b05e69838fff3e9a3e16447a6f45e9988919

    SHA512

    f72ae38e9867982afd5d81a56374e825598b46a3377ccd614e6328e89fc3434533fbe6b568323c29652759814248890688651cb064247e4b38d524ff2c158416

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9fd148549ce08e7a80eabc7627631e06

    SHA1

    1f0015c27f5e93a49c7a32f53abad55e3c6e40fb

    SHA256

    eeec470f84854a1bccd3a092547eca8c541fbef5edf163d88da7d9328f9884ff

    SHA512

    49d65a2a4c8d4e42ed9eb2443432a75fb6f235d01d102db34f67a4c6b233ade64f65106ac3d5626fba1c3c5bcfdb26f778f6dfad93a545a2ee3fab6d6b59c574

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    364d27b9ea2cdfb91380937e62044ddb

    SHA1

    6d4c62664bcaaab6201b81ac753c16284dd9df0b

    SHA256

    a7416c324bc7663d2db115ff130de946c7861f1b2a45af356c1f6b832e85748b

    SHA512

    cc03c6407d34e7b6e1db13ad7d48e89d2dc764f1dd61cb6f343a6dfc8050e9511228d42f947813c6571bb81d50ddd6c6b65df602c5897d14942f66bb8ffe82b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8c81edd62a7e7a78ccc38293e9fca579

    SHA1

    4b93035835bcd3873180484e0f2d4fb412cc9814

    SHA256

    5e039d0ed7de4597c68491aad8f7dce20e56503a5b6bc4ee740ef9decfa0bf15

    SHA512

    e2726783e937f3d59452ec1a6a0029e14a2868647b45b6131ad211b3c05ae38865d51726a16d9ed1507b333b2b0748b622ce30c02e8afabc3a6aae40bd37fa4c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    818cf8ccfb9fff7f269c91d6daf0a1d2

    SHA1

    4306f276c06dd2b774212e26d7a1cc24c8152055

    SHA256

    219ce496b85a8130d717095d8c93b6ddceb884f905f59cf6696bb93dedfbed85

    SHA512

    e579e72a97f0c13d7b5a2d01bafc5b0b3072be86b7915c43d72dd94b734a3f3bfc9918513a7fc43ccb379c9a090970900e27e5523c2d8d8633cf42f7479d68a4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fb9cbcc10133958559fb741cd77cb9ee

    SHA1

    563aaaeb600715c0fac2886753b45d46da055c4e

    SHA256

    8b223ab699711f0672a11e7ed76e05323553e0e3e8a94624928c8e822e548165

    SHA512

    a999dbdc1b30f51ab636e8e98f28cbe868305c0d9d7b420ad73815382f66e5adeb71602a19c4272cf6858f42eb4782361b9bc67c3c0b3f7493eaf92ce274410a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0352615e3a9a9c921643b7302da8e7d8

    SHA1

    031df715387d589d4c5b7730737bdbb466119320

    SHA256

    a9d32014d826fec6b70e231dde1f3521a2cd75e80065b30584090cab4b385430

    SHA512

    3ec94d62130e265564001a3be50211b467dcea5f9488690f1b411fbdaa012c035aa777c8d43de114fda4b743dcdca2a46ad280ab14ddacee91ad19112ae26ccd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    24481f429b08d688b7c7430e5222e632

    SHA1

    a20adbe63b6d7594274c145fa920f93d746e0ce5

    SHA256

    83697fc16b0333cb04b02cf6d38aa25f44df3b7704d318ff007ac58be8dc6505

    SHA512

    115094b0959c921f2cff021c2a762a9be961307ac3b06206fe0f037aaa16ae481a46c809441cf725a3e2cfc51a749730b43619d9d05b383077c1790932f1c639

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    62746c9cb3839f4def1f7a67721a5b5d

    SHA1

    432b021fb575767d4a0392626445e5b2b1c172c8

    SHA256

    5f8e55ab5d9e2aff579876961e9f267af958ef9f2d000b241d8b8cff503d7120

    SHA512

    7bf29fa9462b689a1cca81ef62313fd9292f24288a51ef876947f5c5011a529e1fb2001285b04475076d2de278ab575c0fa77f2e6636c551f07b34effda1da49

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3e0b1785ce6c51d2f17783cfa91a2b4b

    SHA1

    6f3ef6fea1aa6f25c523de5514234b47fd514b0a

    SHA256

    b163d9780cbc027ab29cbf13fb0abaa45e982f887320a0b9603db43304674bfd

    SHA512

    9910596c58290a37b9ddb21bc13e1901fd7e9ce4ea151c4715a8a28f8a414a407f4445c6bbe95c60b00daa25b64e8116291c25f58ded3724aee12d1496c5926e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    08fcec2c2e94217fd3eb0439205ab982

    SHA1

    ec0414996dce5e3a5ae1b0bdefdb11da7256a7ec

    SHA256

    8ae1ae6bef43e4db6795b1dd45928a62157ee9805984a678707fdac3285e4e1e

    SHA512

    9b7bf48de60b9bbf7ddf09baceee02daa18088afb57c0687b5518e5a807c84c15d2ab05a162dfc5c45f660adee67b15cb361f0ccbd191ec2df6aff8fd4669cd4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    97621a68f2b0ecb2c74e0b95b11f8124

    SHA1

    82e12f2b9b8b69bf0a89f0cb436fc8996bde182e

    SHA256

    e5e97ad6fad3c00a8b736773d1183afcee68bf476ae140244af1d71b1bdb0b03

    SHA512

    4ce46b25cc2bf9546d1dfbcccfb13637e17abac333cf34a26e989363f298541c53fc37431cd587ec5d90b4874065934cb02befec833babb26d302574011220a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4b65fe67deef2537f6056c08797d88f9

    SHA1

    4efeefb2123b0787f136941a8b4c97caa2b41167

    SHA256

    d09ad6832bf7e7ae0e370c86205f25ae31bdfd6e894f53770d3107c00607d4d1

    SHA512

    7f896a6b64a6e0d53037f5b37a6c66f954e4619e89faf61cda3bbe17fa8eb0dc954ff03eb10280bbf33d0c250d5adc6d3772c627e83c0200711f759042ddde04

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8324885721010463e5c2f197de78668d

    SHA1

    1bd8bd9bd94142a4e110cebad938f67aa4d740ae

    SHA256

    c360b73bb9d5f3724613a72d3754ae3ebd1ff58add727aea5526ec7ed692ace8

    SHA512

    71cad096f1a44703dc67c8ecf97acb061e843d1ccf1fd6b2c33201582ba7435113bfe655db5ab633c1790428fc4e96c451f5fa68108c8d8fd1f0972194edeb91

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bc4ee30f1a6edb7094915d4b3889f53c

    SHA1

    fdf148f637c317a221d3442f47c7667eec6f3352

    SHA256

    431e5fa0a0124c5dcf05ade1a7a96066f6a83d1246b9d7ccc04e4c466a31a245

    SHA512

    b3b2d9d68f9c808b5c6432fb6fc77875cb716bc979d76ed32e83a24e336ba985a5fa00f383009539090590f6e9c1c146a193889b21cef3d3223bc98eeb9f9f6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    262cafde6e27fceac998c425fff02f95

    SHA1

    66d5af52502c0700a38774cbcf120f5bf1a5d591

    SHA256

    ba501af97d10c45782a37851059e6ed99bb62ce233accacfad97806f49a6b355

    SHA512

    65483d7daf5e4a2526e06d81046cb659381323eadfeee6b1a9b2459aca91544032fac5866d0b73916a95fbf7d071c9a2f3334218da2e9e796906c655b94378d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    392B

    MD5

    cd16131ce2c1bd74ed30b4747bcb7c59

    SHA1

    70a2b7130dd4fc000aebf1c45f3028d64092a347

    SHA256

    92bb3e78de6c380eecf463fd574337450f9903401694528137b5be197928bfdd

    SHA512

    85e9be0e76c278c285183eec878c2dc850690035fed5d37c111b85ec0f81cafe279152fd43e103e67a9c8f07b9aa4c8cc8cf19c225683285612fc8bf5aa12d1a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    f030e73f1dbd9abb06f630055164a03c

    SHA1

    7db64bb7f5f2acc30ae408fdbc0e23549f605842

    SHA256

    cd7c6d5c608a6392aa22a6978ea48fb54b5ec3e20fd747d4b01242c34f887594

    SHA512

    a0d93b73db4632717fbfcdedcaff874cf5b1e749e3191d0d15e029333afdd155ae65f1d78fcbe9874606cf22b3de5f2944a2756f2d5f4269067757a1836ee1ad

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\all[1].js

    Filesize

    3KB

    MD5

    1dfe1f4cf5a73cf4d47684f22a2bae57

    SHA1

    60b3901c0f35462bb88ef28983a327878dff5bc6

    SHA256

    54f19d0ac2d754a6d2cbb941844ff9ee8d9c1abce7c931888d29d3c1f11d07b2

    SHA512

    10d6abfa9c1bfa34934888ff62bdb3b6a9ef6b1bc863116366b887c688f2cfe7bd2d72eb757dcb6c157310adb2d61d8d701d1da34b292fddd1abd0c4ed8de706

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\plusone[1].js

    Filesize

    54KB

    MD5

    fb86282646c76d835cd2e6c49b8625f7

    SHA1

    d1b33142b0ce10c3e883e4799dcb0a2f9ddaa3d0

    SHA256

    638374c6c6251af66fe3f5018eb3ff62b47df830a0137afb51e36ac3279d8109

    SHA512

    07dff3229f08df2d213f24f62a4610f2736b3d1092599b8fc27602330aafbb5bd1cd9039ffee7f76958f4b75796bb75dd7cd483eaa278c9902e712c256a9b7b9

  • C:\Users\Admin\AppData\Local\Temp\CabA3ED.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarB0BE.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\TarB40E.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a