Overview

overview

10

Static

static

1

2f456680be...8.html

windows7-x64

10

2f456680be...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    10/05/2024, 13:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2f456680be64ed75be386dcac3112d0b_JaffaCakes118.html

  • Size

    225KB

  • MD5

    2f456680be64ed75be386dcac3112d0b

  • SHA1

    d07ff483373c2d59c131c46c97914e058ee485bf

  • SHA256

    6215feaa02b7aa75e7a549fa634720369a011ed8e2083836a538413f22fe462d

  • SHA512

    637f7cb5f679218a8a57dd71848b359b506e5001e23b2d94b173922571b11ba332a17ed8cead799e703cb5d3d4ff406571d184943228a1c9399ee51d55d52ef2

  • SSDEEP

    3072:h69C6mreaxKY40wZAQKwb9Q5blc7fWMOxe+xlOlDJju2Jr:h69myaxKY4069XoCR

Score
10/10
socgholishdownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2f456680be64ed75be386dcac3112d0b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1716
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1716 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2196

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    da5f1347902d9bf0828089e4147dab19

    SHA1

    a0ef159c407404fc21890e3b7e6af237fdfe1258

    SHA256

    3301463f86398c07f496a4954cabfcb7c1889e18d2a41b9dcf3140103e54bcf6

    SHA512

    08de97e46412c1148454fa406a0826f0e4d8c37b2a947cd67a36f4ad1c2f38cf8a1d5082382cc3d35fa24cf8e3c6d7c684e93f307690637aa125399da436fdc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b2197df44bc0ce9ac39068878bba5f41

    SHA1

    05abb1765b5a65ab2f4356ee420b27db2e0a8a02

    SHA256

    1f12dd4413d64ccd73bf540d3268105f5839577e13ee964238d61a19d72fa968

    SHA512

    371004ac568b110f3aa9dc78def894c8a8ef4a2fc2b0258e14cb5dc5c31e602b82cc5e686a7218f4dcdabdb30611f473d55b9f2ad06fc795748b9a9657801da2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4825662e5404a6817941ebd0cc36232b

    SHA1

    991a8c3b0d54ec73506530dab1d0486efc94b3fd

    SHA256

    b7b7badbe570fc57e56a8ee2b171d1ef530b0658b5de496221c5b98e4317d214

    SHA512

    a8c7b01b2b503e8ff38cca9ed820dea0797cfcbe5dbbfca04dc90189bf330e744f587ce97bf53f466eca2b05581f7b29ae7616f0efd8c83894dbd5b069352337

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    01a4cf9b2e872bb235abb221e0030434

    SHA1

    4fc486d74567afc7efbefae0cf843a94cad1dff0

    SHA256

    252576f01e3a28ef7c9d51f8622f053ca90edcbbe414f7dcc058298225cf0d4d

    SHA512

    300dd2497a21e090cde48d7a625de283d0e8a19fd07fba39634b597cfd40ba6fe8d8b8f7bb7eb49edbb8694980d5a9d70c9a26b6491ee8219b1bf88fe782e2a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aee101fe32d0cdc9211c79083d92d513

    SHA1

    8f5581003f56b6dc392ab8e5402ab0c498d14b74

    SHA256

    c213e237f6d13eeb7d833b7dd3016d8b2579bd9cfa75f810b65ebaaa4fb4e6f7

    SHA512

    d94b4890d911a6910492a5ba8ae9a326368a0f6a54d74b0961690d411c8e150dc0a4cbed1025742f1bf7800c9be99a302769c3d1a1f0b56e736cd1be19fafbc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5efa3bd2056775225b5a1cf33372d540

    SHA1

    281d0b17262662e1cc12c432a663dd44ce0873c6

    SHA256

    514e35ba0a5a049f9c8ce4cf5ab83476a7a8fcb931aec04725d14785ac7df4ce

    SHA512

    ee87f29045169277b7b4bb71fb68fb535be2164d3e81c6ada075fadc3c2b8c47fa07c3e43cd9ad85b39d8656f4e563a03b81700c2faa6e1f2d9f57d9f3e6f488

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    65be215ee7b35cb2b3a9193f7f9e9ed0

    SHA1

    42fd7c2e68b061921fdcd0ba2fa6df61c07c06ad

    SHA256

    9d007c1a4783eec5b763d96c71c510185735494892e39f32921b623ccde28fc2

    SHA512

    68b87da28f3be01fae6b2343a230271172fe02354086657ed40ad12c978506fef5b7a5cbd6547d1d3fda14a0b96393332b52f09deb93154423150b23a48fb8e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    522e40617aef35c605b80027df1fdce0

    SHA1

    11c649661e5847297789551c90bf32daa24d5443

    SHA256

    f907fa32f1940bc5d7ac39a5f983f807f79150f35f46510fa0ce18ea89e0a8d2

    SHA512

    df1e12d5f3066bfcb9f1fe04b10aa49647b0d7827465c6f2e1e1d7bde049674bf3670457324ea749cd1f5df40408ecd5bcbf8816031e19e836f409c72e90b181

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6c40c52cd9ed4323a7cd6b12c641fd86

    SHA1

    ed9e2342b72034bc5b798123e6b6c19db032b1cf

    SHA256

    005b73c6025925b70a2a533519cff535c710a54ae0cfa5d07cd830ce27349684

    SHA512

    02bb170df41c195f919c061424df2192c450a57f460316055dfa75c1c1f1fcc74843f8b2b9d9f0378579955dda607bb2b89239185ba010f5a7625ae15768fcc0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6af5abab6b6faac48e001ee025ba887d

    SHA1

    0e0428e44fa88f735022238f74c4a5030571df96

    SHA256

    32ac452aa8b70451a5c3663654d058338f21d70af6f378363cb575a31fa73277

    SHA512

    c028f935d99cd6bdaba5c09b053986686ca022ac67bb86fea0d5d5e9bbce15468f7a9619f538d11d509ea4a71226a24178333fceab402032025dc10028aeefb1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2241e78bd76197014f2fa2cd87f01e1c

    SHA1

    c2d5e2483c9e1a70323f0017526c7cdd686a2cea

    SHA256

    d50596d7e5738b5636a947f6a94a2b48c6bd5a62d0b37e0b88daaf6db311b0b3

    SHA512

    53c488fe5dbc244415438c24413ba183ce7089859590c6e0e823f3a72a2a8275764ef3e23d22f977943c9fb5d941514324995713c874ef70659360f719a156cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    50ff55c5d6bc96d56f296e2703456606

    SHA1

    9a11027b6d754d510e8aaeacd17e32761a3981dc

    SHA256

    b3244e363d749e179107a2852d35d2c52d734c5778da5def3be042ff705185bd

    SHA512

    aee5f36a1cb1f0a74bdbf5fec31e33f2c6880d9aabcd24af32324f0f478baae727a94f589138b5ef83ac92dd5efd9698780a6e5a1a8e826c8f865666a7bdf89e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    38f3635ad49f41111d7b1c0298a33979

    SHA1

    afe09a613a3d9c94254fe37acec93021fee64144

    SHA256

    895d7217617851c2fefb931ec0bb8908f5345321f553c60a607c1f821a41558b

    SHA512

    3729415cbf78cc784d5d4256ef8f2cd9ae996df30fff93655bb886865b0dfa6c48afcba1bc8bab55260f3c7341f01b093a7d688da995df1cecb4571d381c9208

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    df986dd5b5999304c542908939854859

    SHA1

    69df6092ee71789548255c0286f677f9bff14cd9

    SHA256

    21df60b45032ce553fd07cea660f8373f1e13aabcf45ce5fac4af3fa79343649

    SHA512

    64a5e09de04da4f57b938f01bab2646d0a7cf8332a574790bdf9f9ccac6c9d1fe3fe18558ef52be318930f0fcf5c2664d0b34691c89accfa17cd31ca05e087e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b5ff52e78e22a87467843c5cb0e32d46

    SHA1

    b5276db6ee6c0eb0a660b347fd2c0a43e7caca87

    SHA256

    59711e5de251f6266d627681b4a02ea753d9d3bab0acb3cf1164b2d5db3cd37f

    SHA512

    05eb88ea1b4412e285f9f5bc8bbf3b3d2e8a3e7b19eb0fb110bce358084ac25c2544aee0aae0c063350d1dc63f05e05aa59aca7e5d64fe1f074027492f9b35a0

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2XHJXO3H\plusone[1].js
    Filesize

    54KB

    MD5

    fb86282646c76d835cd2e6c49b8625f7

    SHA1

    d1b33142b0ce10c3e883e4799dcb0a2f9ddaa3d0

    SHA256

    638374c6c6251af66fe3f5018eb3ff62b47df830a0137afb51e36ac3279d8109

    SHA512

    07dff3229f08df2d213f24f62a4610f2736b3d1092599b8fc27602330aafbb5bd1cd9039ffee7f76958f4b75796bb75dd7cd483eaa278c9902e712c256a9b7b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab30C3.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar30E5.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit