Analysis

  • max time kernel
    139s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    10-05-2024 16:20

General

  • Target

    2ffcd63801dda60d84319b7b8ecd8c70_JaffaCakes118.html

  • Size

    75KB

  • MD5

    2ffcd63801dda60d84319b7b8ecd8c70

  • SHA1

    c5b003b7ac8f893319e9c966aabc96fdc32a5351

  • SHA256

    391bb78a74eb56df9e7623c759a9630caea029c1fc45fa27348707c22d2de680

  • SHA512

    e1cfcffe70da203e829d11683c0e6ad2221bc04a58623f5d9b3a5e6a480d4ea4d0880a790a06d8a0f1a8191050a7ddd413716fd098e8572affc4eb84b0ebd0a5

  • SSDEEP

    1536:txQkspBhgfpzh5qEmaGtbM5Yo516sQj/oT:txQkspBh6pzh5Hm/O5Yo516sA/oT

Score
10/10

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\2ffcd63801dda60d84319b7b8ecd8c70_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2052 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2604

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    30ba39f0d9dfc242bcf5a13148c65714

    SHA1

    f35a36a5dd87eec68ee6d1e621224995838f30f2

    SHA256

    6cb7722d1559158bb31024e172b224988f0963e043cb8f60065c94c0e9f5b0a8

    SHA512

    bf732a235af263d14562f0f10495e910f18affdf4dd1f1f0507c470de7e9cc0d3f122f4e114962ab3342c434d71b20e97ee78dde7339a42300cb5a394f500a45

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_F82FCC341F124F6AC9D153F6ECE89FFA

    Filesize

    472B

    MD5

    43ae1240e82a88c27729aa2e43fdcd18

    SHA1

    d3d075e4a91481cb936b162a4aef36a7ec25ee70

    SHA256

    e3502b118ac5ee1eb32690694f604b973f3d5c4a8bc00c7a41e71c63ed96bdf2

    SHA512

    b41079e60d4fc1c4640a119dc1fa47bec6efadabbc0e5f4e4a3f4c89abb160e74914531088e273feaa670d3a92b00a0e6380fd94fa480913709f34ad1c971a5a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    724B

    MD5

    ac89a852c2aaa3d389b2d2dd312ad367

    SHA1

    8f421dd6493c61dbda6b839e2debb7b50a20c930

    SHA256

    0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

    SHA512

    c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    0e2e2c163f52d2975a07adfb1034e5e1

    SHA1

    2f99117a05b2b15350c168421af912516f53b40b

    SHA256

    ed4c159e1e0e77d8edb180666bca1d23a5b288c9b46939b5226547bcde949766

    SHA512

    855b0a4b7fe16de5d88b0c5ab4c957f285523c916b8bac9bd6e9a0220c4b2d260cb67d9b5e9fca8539ce79d63d95078934b3e3c618b79f33a0c0c6db4ed950bd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    794bfc1c91ebeab3e88350f166ed8498

    SHA1

    e15f7e4d2b22e63c328b17b20e28026b8bf14c88

    SHA256

    d7a622df45d560fcdae406a27b4e7cfabd34ee0ad1ab486cb0ccfe4e2167b460

    SHA512

    00a669586cbd305d4eea328eba245cf6110b8cf7ff246c7d79e20ee7d6cca200813f080ff6b55e6f2be1433dd0804b90813cc3ce6bfc1ec4b532ced8bc37767b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ed575b679ff1a2db4c575b36a8df5912

    SHA1

    1d85af54dad93b3b4df4ab4db0ee4636f6882fa1

    SHA256

    ac1a68fe5158d1e2097b58cc3fb866ec93ba86cc88088536e32a5134d1a10f7b

    SHA512

    5585f4880e7fe9805bec2c0ca5583c835d97d976322b520463e7aa4157666f138c5b8437d74c50ea8ef7fb8cf86947be8c89674a1e3c602980334379e1f0e0aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    495db3ec8d27e0833527d9d684e43503

    SHA1

    0309421a7b723258488fb63ca59bea946c19da1f

    SHA256

    5dfc349391ca2bd703a37786b8647ee3135c8d1429ba61ede20e813d4a22760e

    SHA512

    da818bfa3a7c8ea9e59a274521921d0e394d8517e5d91e62a5e1e1e8d38651c2cf780d4f070c7cc7434b94c35d33e05e254e58fd3e0582f81db4249fd3be4c1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c520a21a65f239ac351f0b3e80b6d689

    SHA1

    3fb59e7ab99dcc35156c156ea5efb4f0ea452828

    SHA256

    b55dad655a47ee2ca977fcc03ec9eb1aefa08d8ff00d726beaf891c6a395408f

    SHA512

    416125d0eddc33247dbe24685ab1d5f5fa701f9f01f87f921410ae4c1a05c302ba3bdad04f8ed0788f93632ac1d5a142e9b3645c8e7121d56efa8444ec84bae0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e4b7318ee55108ec561c68ef350d222b

    SHA1

    74e1ff3f1bc8d8aa5f55ca28a83243bf558404e3

    SHA256

    6bbb81ee9636fc46e13ef7f311b162149aef928d5d2bd0563560a370aaa91b4a

    SHA512

    6f7837a7c153a1846a87a46a247eb1351e248b50c007d3697d34a6c399822b9d015cec12eea7b632a892923af465d35262a01e0a4208c72ee9fe5b6dca1ef763

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8eb2897d5ade75208c68eb55a38e6e3b

    SHA1

    479e93ac3b83b284f3e8c100c3d854258e1ae43e

    SHA256

    f425d88b2156d7fe0c7cac9889c4c4632a9290fadc9fd89fbfa6eeca09eb6234

    SHA512

    0330ca28f49657212f8a12911318b62dfe8cab31ce450ecd1e3357c6f59a2087a3e8390741a32bfccf5e093b084067f747faed72c64c4dc6d79adfab5e3e5821

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    87503b4238c1d25d52e87448aa507832

    SHA1

    97e80815ae55fd40ad4755effc61b220b35baa1c

    SHA256

    fa4af84cd0acb49a8e8026744a0fe56ae52331d3fc783a7b926aca380f10ea1a

    SHA512

    274b321ee9339b73885aae23f52554265076733b2c1113707a4eb8970e6e3294cba673eba9f708846f8bfdada96e9478534d0e5c0b5702d41e6bce76e3064c19

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    356d8a6268cf964894497ccc54ff2e26

    SHA1

    8509bf33a08806cb0a960b401f68d9ad0ddd4985

    SHA256

    c59bb5b1c226ddf421abb2ceb5a2d86ae08d09ffd10dd3340c8468018334eb6b

    SHA512

    77fefb73bbd053e1d25c8b4d3903751b927490ce0f56df3636caad58464ba6fac4cb138f6b8cda3e62e93760fcd05c678ab8d33d0e4db2d9014c81c8e743bf46

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    130d57fa1e63e6f37f9bd39c51edef9f

    SHA1

    ff6ea0d68a73efcd98ba19ee2bd5d5f9e8cf6b1d

    SHA256

    55f890144244b54fedef09b1e49ea6c9adc7faf37bd51a8da907e5b1759301a6

    SHA512

    97595b128bc6fbf477d9d7e010c3189c63ca4ceae0f48b181d1a56c7d551638f3d95b1b9cecffe4a7125a8a71937293b6a8dd931299c91905d0f0ce05cac9407

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1183330e85c71a7c478821a1cc15bdeb

    SHA1

    78f6717656ea0a323ec856c31fbd8053d52940d9

    SHA256

    aa3dcd5e763e230d352cc4eefbe3d615ec2a2b46a4505db85a93ca16d7e8ab2a

    SHA512

    bd96ecc71d3cd9b564a9233c7a1d70f5e347c676605828bd6dfb6440e48997a1d90086b28c218e6d36c5655fd9e64421be0dabb4e0c6f9f138fb28e8ee79ac82

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d2225890e974b16d8a092a0f24ef3f69

    SHA1

    31c7f50093a01c8d30878ab3f9d3dc73a07926ea

    SHA256

    6f23cb1f75bdb94d411be524fafe9a0a85bfda076ed66cd8d75ffc26b13522ac

    SHA512

    4c14c75132afd101503bf15bea4f13cba5f2b48880c325ccffccc11f27e287912d5343e8ad4b4fa0f0c0c016e343829b51e5d9035edfd3c33abc43cb0820044d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7bd5c682daa0ac9c99d831e25e4224b1

    SHA1

    6832beb4a715285cf51cbc9ddd720de50820667d

    SHA256

    df0397fc809e1a4807581fb0bb0f44099cf957844bed54ae7378293e0898a276

    SHA512

    215476c74a5109b4bc0a13c2c3b1c5b254aa0ce41f060a0e9a653847e419f1367a31b69e8c319366ce0daf6baf0bb677eda8506f7bd822a92d21aaf471644941

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a5426588053b2c98e9f2c870fb1900e5

    SHA1

    5c573ff8738219522103e8e78190ec419c4b75ca

    SHA256

    dc712fb05bcb6755ccecd234f90fb100a611a7fbe3162b029fcf68513942142c

    SHA512

    aeca25521e41b2b0c0911824ff48d2678d4f65fa1848041256d2f3ecd79cfbc0359e016443c809ed06c7e86e33b1ab0e8e9f722b018fb255629c1281e80247d1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ccafb10bb54830c5f011a17922d669d2

    SHA1

    a1e515d21f3969f3b2658ec977f62f283ac829b2

    SHA256

    8bd274efbf3453e65d192512e95bde6092c146ef80dfbdd0b92e5938d7aab057

    SHA512

    950750baf7d4eec69451e48e3ba9c7f28f135a9a3783457b6bf9d9db6d77c6b526582c2cd7c5fc5b518bb78d913da4e33b9ac3e700d4692973d501f9ba781122

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9989a54b5059a242f5c32bf26463e0df

    SHA1

    92a5f6e32d328505e26783c8d22d1c4a2106a834

    SHA256

    1383c023b5637ef58b3cd6e5421f68b1698b28adb0d7be1f5cf2d023152f12f4

    SHA512

    c66e56f530177ace354e89658f8daf0b01aeae3e442330f048181898f9ce9fb2c0a4c9b2886f8f073a85fd279f0c526bcdb4eef8defb0fa6a63615827abd7313

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    adff69ddf1f0d4266374a6643cbdde17

    SHA1

    0605f56af5bf6a0405ee9310a643f4f4abaf4d99

    SHA256

    e5275084a78e4057118e21f3f18c5ed1d64a25a20cac90c24698a7833645b5ca

    SHA512

    a766c71ccb7f3f659e8cc9b5b9856141b262f46697b0a6bcb9c2abd2145c03e0a8c2f7390f9a3dce2b51201a9d70841be84052e791c29e4f70b53192dc2035b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e8712cb26883561a240e274f789a6253

    SHA1

    0e0fbe83f400564aa68b8b14c33731196c6f4457

    SHA256

    a3a019bee0524c2bfefaa454a65c0daa25962bfca002df8fc67f28d84c353f61

    SHA512

    fe55b05ce012f38c0eb2ac3269566718f2fc2fd9fae7b0cd27733d9dd99df30944f41ad52c573bd2d6ac146b01c4d0f6f3099546ba67960e0e4ebe959588a039

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c530f0def842cc8cdf1b10dfc7ffbec9

    SHA1

    861e621df475312ae6d9bc3eebbb03286789fa6d

    SHA256

    83547fe33a1f66db71929ec21d48f1286fe94b131eecc50d7c23ed70f1b02032

    SHA512

    8ee7e6b8ec3274c2fb7f968c6c77cdcb69fbeb23c6097fb129f81e06a54c10715920821c76458143ef076c241ac3e04a4daa247e5f05a3e4dadb3f38bd72d892

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    272dca4c9a350d90bbbbef8ecf60404a

    SHA1

    592ff875cd15fc54f24f74d062f26248c1d07a51

    SHA256

    508b9fbd269bfa9d06da65c68d8eb0484ec4ee292c250440f134f14811b233b8

    SHA512

    7e510099f2b5649af46ab69923c8fb8f660a5e9c5f31791cd794df492f8cc265b6b913cf47ecc0b09d99c885be89002f1ab5e4809a298f5ce8441d0bccf9354e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    80a8dae85a9cb5a00974f9597f66d4c2

    SHA1

    c1a4256ebfa990531301e4dfdcc758647c474ea3

    SHA256

    e75771a7f24679ecebe49ccbb9b28682feb7e020d4d32cd9b98bc52220615179

    SHA512

    a2a6e3d3bd3930a4970f5799afbfbfa727b0b9eda75d32e1ee9398b650a1379d159e04d073ab341abc0a29da56cdae47f8fc8544f9f3caf2bf15d9c1eadf4240

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    01869febe4b793bfbbef9802089305c2

    SHA1

    2124694760882d1e16d18eba15b0c4313a3332a1

    SHA256

    e6f77fce84fa1586678087cc1cf5f8f0dd37ac498ab9868cdebcaa17e9ddfdea

    SHA512

    bca8bbd761bfcdef3d24a97aa45c618f6897d7aef343f988f3f3ec26d2ec82c3cd47431506350905c45f4ecf87bb89294014e10a99dcc05fe3a37259cad3c042

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e58c198fdf06aa7eeb042b6807b1b966

    SHA1

    1a4473483d2775ccd7ab7ada0c8166259c76e1c3

    SHA256

    b4c13fc0c6a0461c506349abec867ad0ad1da047b222870dbcd1d70abdebe350

    SHA512

    0a290e4a3e855006bc583ccd42dcd8ebd93dbb925d391f0d8ad250f1952f46ac11e420dc341860c56753c10d3b58d3cfac517c29c31c6aed4be7ac291d40cce3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_F82FCC341F124F6AC9D153F6ECE89FFA

    Filesize

    406B

    MD5

    3a6afc8cd24e1d153ea7da8f3b113e5e

    SHA1

    8f21cd0c8402eaefe6d5a9351b903a83c5de04fd

    SHA256

    4c11f375d421a64a03413e298d9d5a877987ff284ff1e1b39f1e4fc51845f7f1

    SHA512

    790fcad59344dd5b36777e534011bb8e4a422ccd83a1719ffc827a9a8afab40ebdea4674af39bbb0d44cc79ec7a7572c7af0bf659239c82c49d82b17d8e55244

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    392B

    MD5

    66d2ec23c4e347e9be0f75f05067ba3a

    SHA1

    562643eac16753f94ba062868477798515e10c5c

    SHA256

    9e5ad6a89ad6acdb7b87ae7547b432af6ab808d7f66c7e3dfbaffb1bd6127139

    SHA512

    6d218239d8457cec0d3f128191173e2de787fc35efc16ab55f90e1afe3b4da5344c3e0c5cfd3f92b4b61b03af4c0a3999a73f9d97a34c83f24fd8da2e154f55c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    392B

    MD5

    17bfc27d34198766916ceca9055da4c1

    SHA1

    066a12a310cb6e94a7b1a5dff793edda3a836060

    SHA256

    52383ce5eb43addf0f8da45befd5ac3912a4eb13924b2da5a873bccbdd48b2a6

    SHA512

    b042fe47103fd983a94d32d14dd7d1804cc80ad608e0ffec137771a03d98eecee5990572b2c442bc4a7c64bbafe882d0ff2d0908750eaeabc4ab49255a27c1fc

  • C:\Users\Admin\AppData\Local\Temp\Cab18B0.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar3112.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a