Analysis

  • max time kernel
    142s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    10-05-2024 13:48

General

  • Target

    2f6ab08e78a8ea7ba734380a66760cb5_JaffaCakes118.html

  • Size

    127KB

  • MD5

    2f6ab08e78a8ea7ba734380a66760cb5

  • SHA1

    23aece98605ffc7062d440466206d4452f9c0c7c

  • SHA256

    2fc0ebec58f7acd7a92d5ab5905d3a0afcd5f5ed1751d1597f87f7b406f3115c

  • SHA512

    876176d6861533a1c3e5906f8a6453ae00ba9a1bdf2e270ae85c0838630f6d8db1aad1e765d96053ef9fce32d885956d87b21385df89f6ee69616efc5467a3a0

  • SSDEEP

    3072:HU9CWDxYxQ2PDxYxC2T/Z1s4oE6OTerik2o4LE7ofBqezwtdtap:HU91DxYxQ2PDxYxC2T/ZHMK

Score
10/10

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2f6ab08e78a8ea7ba734380a66760cb5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1960
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1960 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1684

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    30ba39f0d9dfc242bcf5a13148c65714

    SHA1

    f35a36a5dd87eec68ee6d1e621224995838f30f2

    SHA256

    6cb7722d1559158bb31024e172b224988f0963e043cb8f60065c94c0e9f5b0a8

    SHA512

    bf732a235af263d14562f0f10495e910f18affdf4dd1f1f0507c470de7e9cc0d3f122f4e114962ab3342c434d71b20e97ee78dde7339a42300cb5a394f500a45

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_F82FCC341F124F6AC9D153F6ECE89FFA

    Filesize

    472B

    MD5

    43ae1240e82a88c27729aa2e43fdcd18

    SHA1

    d3d075e4a91481cb936b162a4aef36a7ec25ee70

    SHA256

    e3502b118ac5ee1eb32690694f604b973f3d5c4a8bc00c7a41e71c63ed96bdf2

    SHA512

    b41079e60d4fc1c4640a119dc1fa47bec6efadabbc0e5f4e4a3f4c89abb160e74914531088e273feaa670d3a92b00a0e6380fd94fa480913709f34ad1c971a5a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    724B

    MD5

    ac89a852c2aaa3d389b2d2dd312ad367

    SHA1

    8f421dd6493c61dbda6b839e2debb7b50a20c930

    SHA256

    0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

    SHA512

    c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    172f88efccc0977574e3236593bdbfda

    SHA1

    09904bc810d58416803fc5a0531ba991a0d290b4

    SHA256

    cfc63357ebc6b03b14f3b818083ba8e9159b6e62beb399fbd07ab966a508137c

    SHA512

    60b6ace0aeaca7d04a305e19006866a446b8cc2299b12054d4a775607a72d316d72b0a051261281dc3474ed89cfae3751bbe9a3575eca899e127adcf4158c2b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    063bdff77ae188a9f12acfa73811c734

    SHA1

    3016ae91662d8f085bd0e64013090c863a0d8eee

    SHA256

    77613c002623271e8b30efc69e6264e342b7d87a32ca7c7025547191163a133a

    SHA512

    c82c0a7c9dc8807a7d90c2ea1a7bf9010c1ceccd05fb11fe3498d836e2e54eb19902cc405727996f7220134e2646c4d8bcec4c42e1f48b138558174647c6fb7e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b23d7f8b146aa6831201bb43d5598503

    SHA1

    6c9675cd2c0d3911e676cc60e1b7ed884e8a7bb5

    SHA256

    450351a18e9d3d5839f422d6f7a41cd3d9f58ecee6ec41fa254bbb1fb624b0b1

    SHA512

    90d0b0d12e6859c36500afcb17b9b199e006c7d2e0e086159f210643332386a034a604e62a127e9deed3901c574a830af40e486276059cad036fd3ab4478ba54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ec0587a79a86aaccf08b463cbfcbad4b

    SHA1

    b557e61eac6f3f5ee929eac7f65cd730b3ee1d22

    SHA256

    cd74c1031ef8f97db37096c50fecdec38dc9d44a6b70f96aa83d9bc77c487a0e

    SHA512

    c02b0181ef9d1a421aa663ab85d49a31b21e59c3bfc0dc8c4df3866df5336791aabd21323fb9fc64278d4c3991eb897e24379920a56ed0c14c3adc2b045ea273

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a2863b860cd9ccb7dc627949f485e02e

    SHA1

    869c542d959a4525815ba0cbbcdfeb67884c2b9c

    SHA256

    0dc3135184e5e5eafddf149623bfe837c1dafeb49af47cc0d6ebea8e586451a9

    SHA512

    ad1ce2933e1add2e716a76ed979e09ef1e4da73f8cdb66b694ddb157b991bb9709c3c58df56a422a5ca20d9c8d104981a238cfc7c629db30a52a40bf416cfd1e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a8e62250721c595448dc26f5e2dea379

    SHA1

    b5c3e22ae78d25d3b2ac432d4cee8796caf61d9e

    SHA256

    d817e4b21195358840281cffd18747ea1ad743be2614f67ba5345a632f623df2

    SHA512

    25ea604052b1ba4ee1129973510709c453b6eb2e115a4c620bce51e1fad9913959fb461b431ba6fd1fdeac49a816238b7f464cfc687adbad03459250a3e11bb8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ef868b554768c9dddf12299fe2b4f389

    SHA1

    be20d73c658d118f8729f3ce30eafc2b0c8dbb7a

    SHA256

    b93743c405a2ac8650d7143bfc7094bf7904ebfc0e4fbe75816f2ad760160d1a

    SHA512

    dcc585719205f2c3fac91bd69816e54dd61611881125497c6f52af5315d0db4f5aaff20676ec9c2a6e700250e48c620cf209b1ecfed216ef95c1eaff5e0cd35b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    75ac814e9490ad973f06595e06fc925a

    SHA1

    7964ad8262cb314c1d0825001dcdb6f1cb278004

    SHA256

    49791a8cfa175730bee65871b73049e6586199e3597e13c9eea37bad99918f8b

    SHA512

    b840beeb4c1aa36a94e156e3d38ddb97d5f9c8aed46ab5091ef5ff3bbeb2de4dbb8af83171bfbbfc462543d1b0fbda8528e321e5b977be42fee288b06def0bcc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b02c1554c7b201043b8fda510ebd7f69

    SHA1

    5c3847bbb7c4f43ae2d6ff7fe997f8061d0ce165

    SHA256

    faee19b379310cff6db5c3f8a17e80524929297fdd573d33cb799106f0eb67f5

    SHA512

    182860f78416cb5d01ae3321b024ad581d2a225e6dc2df71a0e1a699a59532fbe67caef7d56392a415676c2a384c6b905ff848b0b1759af7c4c914f267e310e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    82da6ba69f48a66d5daf49cabc95765d

    SHA1

    96199cc10bd6154980916489053c344a02a0a4a0

    SHA256

    a5b5c10427196b8811de8990de362620366490b9f346b4c8c3bb948a167c4d7d

    SHA512

    8c98bb012cb921dd3d6546e1211297b298fc212b95da94c0a88452b1a1e9f2716da1aab645018e966f3d2645f541d18c22a81adfdd30babb1c07d54c93b1f25f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3d89b09cba7bf895eaa817f320026360

    SHA1

    58d6c52304aa031d74e971fe139ec946dd4213ff

    SHA256

    a08fbc0543ccbf1c8e8c798458781157519ca12319bc33d6f6d17cab4a221fbc

    SHA512

    36fa0eef43ccad6716462d30b6ecd1145b1930c06516e279cbf58483f83958c1973126b3bb6c5c9247c44ebe2eefad5c4f3e5a71cee7a40fd04c51738eee210f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    db0172439e7bb6a93fab2e9a30e51a80

    SHA1

    7609bd46e1930fb61b08ab8ca0c27323b0d85b71

    SHA256

    61143cca638bc6cc8faf6b7f705ee7bf6537a8b85ca65c2263483ab0808a9cf1

    SHA512

    127643551198cf1f946cd1ae0bf3d706f924ae5a4f158e9c59fb80d36478529ac11d437fd08942fe68d7af11b5aa547f0bc7f99583e1edf5637fd7e82b7077f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0210d2edc07b9fff5b9adcc4c6049ad9

    SHA1

    458719c7a602e22202b19855418b2658498b7708

    SHA256

    d00a3e57c0a9566711ed63e1e79d7cd1af40e132ba72336d0d34474865557aec

    SHA512

    30ddc6a084d5b23ebdfa00ebc3e78f293ba1cc68eeb30d838cec7baa2abf6f65ca10513d792c72b07819d463863a35076bfa7ed6a63a709f4e02b18df8f164e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9874212e9c19b15dab8bd5f830a27bfb

    SHA1

    1f09538a6cc17ad27f7e10f33a520ca279ec447f

    SHA256

    e3e072eb9494253a7d3b93e5214b4de68a7ec8e3fe5e4d46ea0f85da44a8c45d

    SHA512

    43332a8bbf2920c6b58dd7dc46dc79e0d704eb30dd939525557f213d72be3bc511bf315f7bf598705ed4cfac06302dfc6ca9a55419d6fd1c98646cb8952dd341

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8c759f0d90aceb96814c11a780fa491c

    SHA1

    7ff8364723f6d2a716c4dd2f46884472db4064d0

    SHA256

    a50634bb1ce791401b0e99ffcccf084bfd745321b5a6ad6e8909a8f8389b0d57

    SHA512

    e508456f586e9a0414f89badc4ae92d10babd59f2aa465ce266bfc5bb86408414dbe529d92791a37cb678e87b57c22d529df33a149ad89e17593d41fd0bd457a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    48648f18791367fb03db8873b66a03da

    SHA1

    84616eaa2a5761ff6b80e4e5cfe88239d1b44499

    SHA256

    e88d36fe546e4b05d6aa36ae5b83c743db753e476ae34c92f6a1d0f8ff9971b9

    SHA512

    1d68681784d65d98aa5b974a4b79e66aedb6356b70f4bba5c8e5b64546c5a8168dd8c768a8ad2c3114bb7a32c2c50fe53163bd54f4d508235837a56d2c597114

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0040a9adf0b1c6e5de3f20b80363c35d

    SHA1

    e18538a22f717d0faa644a7bdc711799f1f2eb3e

    SHA256

    5e03e84de6b898eb9334d6549aa8673ab57bd468e233985a3650880fa5c5d4ac

    SHA512

    9908747275f031efabdf763038ce3f652bb340e7943e9b719054b4e0efcf38b6e280057d17be8194dbc6c265440e172ddaef56ec256b9acc53bd726719c997e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a06ed359c010633a2bcbb966f3199293

    SHA1

    c3ed825cb411457aeca563360cb36d620d338c05

    SHA256

    e79cac5c7a925d0c0fc6058ff5488a5944a9c1a6eab4f71a18cca80339583bc7

    SHA512

    f8b72389f33331cbc913e0b7e903d61cd2eba5bf51c5d611b477273420c69137deb475a67313b8b730b9800ac0f48a0db86127acde68272f05d124b56d4d5105

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6f7a769017b43584897a1cc6342c5d43

    SHA1

    af7b254420738c5952e33ab6960a0f6e2870039f

    SHA256

    75e89d930253efec0b8557c40a1ebbdf4976f395622a49f9c59371cc0a79baef

    SHA512

    fb17839ad2e2a183d0eb507d81eba7ea8364f239eaddc60c814a437d6a9b2b246b8627f57d180344fda03f24ab1d4cdb277157840a5d3a9f5869776659b2225c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c821c9d00ccb9e0d77cb5be233430dde

    SHA1

    27eed6d5b5961a3e23fb148f4053638dafcc2bab

    SHA256

    c073138fb3785f93e6f26bdaacc06822f852033b05cb5399cea682d12bbf271b

    SHA512

    c79ec7661e9c89ff693cf234d2c92896f65f4828c8f3696cb4b34bef0d683c42e989f834db967f95cc250ba51b87583ce5f0c43b144db7e010052c530dccca28

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bdfd59772d90c16050f55532a27e9a0a

    SHA1

    d9c6841bf17f84137da03b824616e212c8e60ba5

    SHA256

    a68bf3997f6bb1df95b28b689bb5987ec20d60bfb600af9051e2a595e6791adb

    SHA512

    5c84811f76255506cc0098c5c3099c131926c0c286d4faf68e09828da13f0d9b5f8ab6fa519d92cf09099aee9cac4eb12d7791fff5f07478f01e0394b45a79a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    44f5e9cc1fdb9e6befef05873b251679

    SHA1

    f23201098ce1b8c47693fa3c928e4ba3c400f470

    SHA256

    6d58363ad603c341d675eff14b92732b7479810334b711d322913aacc72b744d

    SHA512

    7419dbb581c9bb1402daec2674d1be03cdd95d2822cd3992ff56caeef168050480f53b037d34025388a54d0514b3c4aa440e93b4e7c327030f2f133dcefa50db

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6a662a74713af2e999a211293320bdbc

    SHA1

    8eccdb7e57c126a0f04e66a2adf0db233baba423

    SHA256

    ca5b60fd3ea287b0a482732e7359dff9a09e46d7b2818960b5010cf91579ce8d

    SHA512

    ac58128d65b1bc86649779b84202731ba0c13baab0e8af252fc83997b25633a304ae5c76ed710c504a542b9e6c83b9860d4cb7e71a2dc2e91582322ab5c812e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1af8261a9055b973f01ee28124a4942c

    SHA1

    19f68cc9735f99f12f14a3104fcbec021edb533a

    SHA256

    9a6edd6ca7a04514f769e4c2b1c98d901d6658d322b4e7c2edcd28f7210278e0

    SHA512

    a275a9c26bd6756c7388ab5fb8fe825dbcfe2ae4ce3a8b9ba85ad0d75c395a01743cae667e1dc99650da359848806fce79cfe52a96def80b6c1de47a2aaba27f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3ab12093d1f1b9f36e6aae70a9b6ad3b

    SHA1

    1f96210c1bf6c8924f2113d8fd2fa3931b6e1b10

    SHA256

    907264f1e70ac4ed826b9d22b25399c6f6a7bae4af22e65d7f4a2fa944c01ce0

    SHA512

    8baee2db1112745124b552b0e93f8ff3278994a3fb1f9cafe50289139d8c539837e100d6d28229af3581c9589ac8c37111939148b0073caaa8e0c4b154b70891

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    392B

    MD5

    75df04dbe67b5eea5be997f67038639e

    SHA1

    8f62fea6b9b86994f4e9dbc6572ad08879ce5b0f

    SHA256

    93a97e5ef9641bb5a03e1f435cbd0f6db3743cef451c12046082f8571c465153

    SHA512

    e7b93512a6aeda64f795ef89d7ceb939959a7ec8237429daebfbca484878091e5df3e355bc477c499fd8b691eada38a6d08344baace714d898ff798907d420de

  • C:\Users\Admin\AppData\Local\Temp\Cab1E4B.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar20A0.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a