Analysis

  • max time kernel
    140s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10-05-2024 16:50

General

  • Target

    3017acc267cbd3f7a0973b89ce691f35_JaffaCakes118.html

  • Size

    70KB

  • MD5

    3017acc267cbd3f7a0973b89ce691f35

  • SHA1

    4edf85d946da1aa8f53ba071497fe34890d9b920

  • SHA256

    de01589177ea79f0e57e0f141a92744f6e5e5f7fa9fdf5796471a7ce19c35e9a

  • SHA512

    029a406a2eb170f029e7d5c0206b23fdc88e538d65533db826da04a6fe9bd7ada61419c6d5e547592944397b8f0e9330c5fe02c418250d469daf99afeeba1222

  • SSDEEP

    768:SUMyuVNdSvHdTVztSwr9NOlIgAzYQZQ6aOEelfZ/o2c9IbUHiM:SUNuVNdSvLzwg7Y0YQW6HBfZpxbUHiM

Score
10/10

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3017acc267cbd3f7a0973b89ce691f35_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2100
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2100 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2480

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    741df118ebcd7020afb278dd303c0c9c

    SHA1

    18f2fbe16c61acc319e70a4a18cea2f0b5382cbf

    SHA256

    a48c29a481734568e247e30f94b4f91b7e430e0f7fb35714c156a5c551c03308

    SHA512

    43f02da303550d88e5ba2d948f0299a3771a385c4c147e3a56f9adf3d5e014554648f21a817873bf07ace5c33a946be4870b10fbdd55192b60f15cb25c7dfdd0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    7ba2f219019d00580a18155ce3866fb7

    SHA1

    1ed76c3e8bc1de9f19389b88a922b88b81455e0e

    SHA256

    4a8abf5537442af4f21f4f1f92c486e6fe6706c170ce71a6fa5fd7f8b002897c

    SHA512

    efba54884e6a74320b9f5e6c87f30ed9c50279fe6f649e3935c45e8791c4ce595a897168d3e36d8c7b9c37781fb985dd5d8a3888922459b153bdd3ce5fbee166

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8e96f0aab15b811924d0dcde9324fd64

    SHA1

    545605c62fae05eef33c8ba6735cb7d6fdc693c2

    SHA256

    bb9c1ee616c77e9829c815cd295a3862ea8a99e07798cd8307a08e9fdfb8f3f0

    SHA512

    6ed5af39c35887a3a067f67fa66d2fa94c59f50558067ea34d5f72f9cd379bbae246eb54b45ed38cb9d8651c9aedc1b1d1098427fed8fe38787e52ef8d09211f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bf73e57ed8be54cfdf9e948cfa8d0d71

    SHA1

    c175a61669a65a6f8d2db3f577e037f459ad263a

    SHA256

    bddb02cf801ccd0710ea7a3c09092af1363e9c9ae08d6b7eee6bc30b7f9ddf47

    SHA512

    0b99c3deb6999b573898ad3d6de9c78affabd8d5e0d0eded46353967b4374b0330e044984871d8974ebbfd78f93f0dd196f3885d135973278096d19563b16175

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ce917903d33005506e408a64d27c4c86

    SHA1

    8d94c8c6b79734b642dee429252cd1900f7ffb25

    SHA256

    dcbdb73717a38acd1e502a0b52a965c7f264434531c3ef2d5058dd045d39fa3d

    SHA512

    34cd9c91c39ef98254b044bd1e9a607bf83b4b2fa2e81079597e4b0b34806a81605ccfae3742d2f06bdfaed7c4a0edcb7493ede70ce521563f862335e2f5e41e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c98154d58648000d62c8c1c62e523593

    SHA1

    57bce7e3c877249e8791e02e1d3d596d882ca2f2

    SHA256

    3fa403c5344099eecd2523644da72ad1257df7dad71ddb3345a3a562c6011121

    SHA512

    db1c8b1571300118e459217bd65c5f895234add86f64ed4158661b2d6de627fdec84f2539937088acc5da6a4c815c0ca71a088c93ceaf8a35c4644abdbb27880

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a10e8891f33ba8219635b75f01b92535

    SHA1

    e3325334b15929a9005d3e9cd4b0d68996ccee43

    SHA256

    a8e9cac64e765a4404f80f4c4411514a552c863b5c4ec4ef5abb45ecb189a61c

    SHA512

    19de531ac4857106fff9a946712b9f9f9acb45fcb168c85227a3c335d5e9fc8826fcd2f028f4ca0c349eaa245716fec8693e96fd48ef332df3bb15cde91319d9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e6b2169531bc63e4bed541eaa15b869f

    SHA1

    c9c7550c209eb3bdf2b21f20160a199ff66cbd4b

    SHA256

    2984a4434db60d9a84426c9fe6a5ab6cf5530d753e531f3a3d38472ce2d5b311

    SHA512

    d521f10114ff6f31e5e874db3ae82f40e57148c25a7b474f536ea55ea7148b6cbecedf115adf8a346edb2cda4f4558d98e79fe0f79a4d17fd3a8ee3d6d8cdaec

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    bd740f4b97a2055c14c7742d57c98c01

    SHA1

    760b366f536451fcd1ba69a9bfe3eb57f90c395e

    SHA256

    bb353fdf21e995bf591ad396bf60c4a3a598a9bfa0c6bf29c849162fd68a330c

    SHA512

    b0fd4eec8a244d2d477e3f0da743aecff319c5ded3fcc956d0ddc7c0ceab9c5a1ea5b781275a0de3ec7f01084e9e14748d9528e5e610442923b99e5b6b1bec9a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    31a465a12e05a8a83b8e176d3bfb2eee

    SHA1

    e79ff69780ce230276fd94de8488aa15e3b54cf0

    SHA256

    788d1d6e1bf9bedcdb0cc730f315dec05b196c36c31ee9b74f7857837696ad1f

    SHA512

    d1756d93c6b7d9b36e244d224be00255031f9b6ddb9a05966dfa4896fc373b2144b833fa7a946ce4af5407d8277845c6291d08f258c4ca766c4ac02c3b720fc3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    87be0a86abd97ef57fe499e3c8c33e66

    SHA1

    78cf5e1d6aa5fe2116eb171de5b562e3dd0b30b4

    SHA256

    1e5618e2d359687753707020872c5c872a2e2091af004dadd77f39626434c31c

    SHA512

    1f69c7c854cb2aff3fda241a5249d797dc9f2612666de74cf1268c107851d766ffa98cee847cf2ce6829c6d836876db5cc1050b05711dfe180e223400853ef98

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2a756c9a0c27da72d642bf3f3aea5dbc

    SHA1

    1bbc95568545b1892a16d7b2a09496743651f3f5

    SHA256

    8567af5d06d27afb93d546fa2226edae0d1230b9d6cc4896dc954a4a915f7026

    SHA512

    b210b0df09cb03c26febda9a05b82cbbe6fd53e68b0fdbda5a10a7b5d693ca9108ca1f97c0632c47dd5abbd0e2546abb06d1813541d75abe29f83df985280db5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    28ec88a566b866aeee4354d36dbeb02b

    SHA1

    b0395e556f9b94bf0701d25b35db80fc03618aa7

    SHA256

    8037d76f00b51b8d8a0e3c72a3a892517347260459d98a217ffb8b35e961af77

    SHA512

    d6958056547caa1ac5a716f571b0b4fad8d879e20f867fa76a354521d5878454901dc8b74d2a92c88969290346ac2dd92caf19d69b33350760dfa2726f740e40

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2f051a6522a79ab7421a18a9e8c2e294

    SHA1

    15365b1889a9c7489de66e80e35a78e6f2d7b5b5

    SHA256

    eeb4c1db3ee1a831d4b3a26ccbaa7d90d327736dc28f1b255c752c4a80aaf31e

    SHA512

    82cddff88e5f7032edbe94dd8deafa0b5d82ec7b691fb84f710221dff1c13930e6e7ed0d19a7845172e9698422a1e362eb92e5f4f5ba0e3ff295730b7b1ca2cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    520ef4af1537dcd7b7788ba53abd6917

    SHA1

    71d3f87dbf668e59bda1492bcc76ab67cfbe6fff

    SHA256

    094f4f956fce3d40bd97523d636624c5cc1df0b23bf2d77ddb2ad3ac589ecd2e

    SHA512

    192196fd47fd78faedee9e5b3196bc9833aa802af407dc73572d94c2f6fdcdefb1129da199161ef4ad3c8a352c80bfd6377ab560cc3ed07a6391350b96e5847f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    88bc029c8c8aff40ff5a81b777d109eb

    SHA1

    08a380d55cce7f008017a110af37206aeda77bcf

    SHA256

    407ea83b053fad8789a658b78bc92b9a1f2558c05c166d6a5fe435b585fa4adb

    SHA512

    8f807fbd9c7ff9ee47b0d520caca2f8fc80511e026d1c9a707161d0588463eda80a8e62e8dc716ba5ad1c3d09d758ef2ae9c3910c3fa101f1ef799b6dfb7fa11

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5d0dc9da82befb22e8d60259ac143484

    SHA1

    710856857d60fa546eea4f035a9d05518b26f9e7

    SHA256

    6efe41e6d62bcf0ef354d6561dc4b5d4cc61c8005b764106b1d4aae5a38ff702

    SHA512

    1b64ee3efb600bd2414ba4d9598142899bd6463b3e9813228e2af03b514c67a6f42f13c32e24c5202104a3a6048c0cfadd7a50f923c304c900642e9ec624d975

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    80da4787e06df1bf04abf473d54aa162

    SHA1

    75564f67918af7cebcec53a9b9f77194f340bffb

    SHA256

    bbbcabbec6f6b09a815668c338537a300dd7d7b3158a69d2e161fe60725e693b

    SHA512

    7940b44af8cf2dbb5e60cf18eb571ef885ac9a6c95dc6eee671de49ca07bcfd11d0dc7795674ae33829194c8a6c3adbac3d1768c8b08f9a23ae8c485e97251e7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1c14bbe2f7105b17a0d18c5349f6cceb

    SHA1

    520702f9bf7706f15e86cd6e2103f678dbeb3aff

    SHA256

    f726dfc114f3ab11d36d357859abb633cc0deee6cacdb4139eef7e6ea0801d65

    SHA512

    0e9bca843a6cab91fc915955914c685f1133efa2104fe60bb8286ab85eaae15944d9393492e026257da1a213728871c167b3bb5547800187d0de8b06fda69a82

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2502e7307728bbc461c24472f536708b

    SHA1

    7a32502bbf08c5f8b130e823aabcfc1e52853499

    SHA256

    22cd58bc982b13ca777943fc2fedd9e24581f9cd6a64da2f72880c525a13430c

    SHA512

    f157d286d5b982553a5cc72210e61ca063480c1aacfe713a195f7f4e5a10a47f3864abdace521e98f99aeaf0602a2b366b0b44870ea244045344934519e73c37

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    567009e44aa0857baf0ed7598a49c70a

    SHA1

    6be3c00ef21f756a609ff679146a89d9f7aef8b1

    SHA256

    1b4359a781e9549bf50ae0af8c6ff708264c9e74cacf99dc2b2c0ede4a5e5002

    SHA512

    d66d3b4818d836b41ef274e4c7a027ea275f72bcd1f8ee15d52ecbc6061828277a29fb87f0cc7d8890dc90a31360d2d8616f5aee5d36c2addcecd28ae265664f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3411379bf6b8029008a3e006ff43dcdd

    SHA1

    6b95f583c27645c6ea8b35b581cd0e2658b061bb

    SHA256

    e764d49e1dd2ff308e669f1ebafbeee1b93e66c15ec8d01afbef71a4ec2115c9

    SHA512

    e10532aa66376f6d4538842cfcac016a8a7351f0ab59f8e4c4d3b85f3407aad6e0f60b28ddbe52a64074d1448ab20f3fd0f887353688384dbaa2e0a4f2259e33

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    4de4d998d68937adba4eb1a883870de6

    SHA1

    9181c16da79c1dbe358aaaa19864403afebc19eb

    SHA256

    d248b4371f77ed6a281a6ed0bfbf2b0e699530ac570577109153ec2c52f9c69c

    SHA512

    0ca52f903ca445bdcf34c339052051a50384032b0c2b117cfd96c8f0cf5d04492246838fe7c79ed74a687b48133cad51d049be9c279018eec1c16854bb7e808e

  • C:\Users\Admin\AppData\Local\Temp\Cab1526.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Cab162C.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar153B.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar1640.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a