Analysis

  • max time kernel
    143s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    10-05-2024 17:17

General

  • Target

    302f26f73d615a152efa2788ba1b8d9b_JaffaCakes118.html

  • Size

    76KB

  • MD5

    302f26f73d615a152efa2788ba1b8d9b

  • SHA1

    5de889474b68a02584b3ca43e4c7d014694f76a3

  • SHA256

    1d433a9db414ebca5d90ee55218abd0a8c8702462faf0a5831cfe5edc6e247db

  • SHA512

    746ab946f5f65368ee0cb115de436bb9d2417bb4aff47a0edc8debc99e398018d8987518dd131629991bb3baa25de4a864f416dfa05cd3b0551cce6066fb0f6c

  • SSDEEP

    1536:O5KiY8+8UMk5hP2z2CJyCeyCLaX1qMEXLfU5P2KsxFF7z4xML4OaP3nFgZFFRocK:TX5Ny2s5jzJXyPW2iKA5jYgd2Ll9rCXp

Score
10/10

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\302f26f73d615a152efa2788ba1b8d9b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2424
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2424 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2912

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    61c515b0e561946ac55482c5a3fb82c2

    SHA1

    f7c0e4f8695e97f78bcca5fac4e5bf85a94fca81

    SHA256

    fea29766498fad36b387df34ebc5232a17c59e3269e4c0e3aad5db366cfe0753

    SHA512

    c8f05de4385f922ee3b0ce9b96fbe43d818636285d8f74ab3137185a1d3987db982fe24e45971b79385b0369b55a5ca65e4775434e33fe3c1f2f9068de017f0c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ac2345956209d32545ec52210494ed09

    SHA1

    d1c90c6408dad43cd12692486eb8d00859328d49

    SHA256

    6bfa9ad7704f71b627496da0c7e37c5aeca53277a20501cc139eadb5e45932ba

    SHA512

    5314fe0beb041281b104bcace3100e2aefa29b05c32c1e20b0cba0d6b7328cce6317d1b97fe3b64fd1c5d1138b4bea81fc67e3a8358f2a983aba62358509e674

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2eb8d5c03f2f763972e07dfe24909a6d

    SHA1

    fa0a917428daee03b9c494fc42c64e1a85af7e28

    SHA256

    a40ae6a623a093a902b111d656f9a956defdfcfc96ba2a3463e18d0fb5209643

    SHA512

    c7d32cf87a5a9c51a004329f0f5fb6082ff9abd4cb6519a01690d08907f01b932e18734df744f04a21a16eccac98c5f45ec3f93196a0b92bda8aa94d5b5fd089

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    527556366674d8f5101654969675fabd

    SHA1

    095f162e4803ea748804d467fd5add6a858b3978

    SHA256

    52c183d20ae88b20f4bd753292657cba5511894eb321ae935716acb7cc5735b1

    SHA512

    50c729b1e40aca1cbb2853428016b7930609ad70cccce6a7672a6c66bea28782ccf7bda47ac70ccb99ad678ce229e476ec83ac584e1440665284f31cb69f5147

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    fc6efcd0371205f614660d7e14334c60

    SHA1

    5aa489fa32c302a86eb70c3fef5b648f41f99329

    SHA256

    dd99868367e684edcc3a397acc8613950247f3fd85ea6822896dd30fe4cb847a

    SHA512

    b64d6f5d9310106752e3e0a4b5f73d480d9a47789a8fa2b13327d26aadaa917a187937f2e8deb58212d4f6ab689c7c13c3c6097efd755b6b9778831740c9c85c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b06877b897bc5e2104f6630b7c93070a

    SHA1

    90ada77722607c4602ee30d0d878e3da6e5aae69

    SHA256

    ffcdb718d3015deda8ab80e372d1fc08526987a9fe3eec169dc50cb08c255de7

    SHA512

    9a104d6ad9d8528802eae142f1ff03da8f29b6c181e6e5d9d030d956545c10744625945121d393682cf3fc5bb6a4e31a80e8ae5b6f80d7621b36e8ba57812d8f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e65b89f9a420a8fc558d28ad88f0254f

    SHA1

    a97650a9d1e7eeeadfc08875ea5d4c575bd887e2

    SHA256

    a52449cf021561415fd98e923a09773ed6e2e55eefad064d424a48b52b9d72e6

    SHA512

    0e9fd14b85e0eb4c739cd9ea87fcff98acd42807a78313323267fa51e4e4d61937739d131d24be3e7d7e945101e5e34273710781c23568494d8e6493695fe801

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    32eff306b77cfaf86cfe091d41b83b33

    SHA1

    e5be7fdf1c2128431cffa75279d9c10a7652e4d3

    SHA256

    e7bdc838964797b7a12383a192219dfbb055fd058db660633650effaaa1b9aa5

    SHA512

    1b672d8fc37132e0363df67328975615fe5cc7c1c7b54f1936cf6daa3fa63a6dce53a6d801f09854fbb01b5440002d1c31ac2be488a423f5a30b2864eac74380

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3a2d675ebc3774736da307f9f0241d4b

    SHA1

    6555fc63db65f01a9db78c2043a32f9d9677a001

    SHA256

    f88b617c11fbfa3261692683fd96b941493de7a1826503304c4a6ddec9baa444

    SHA512

    9731fd5ea719d0f665826fef9f2aada7d99703839cbf14c0bc9017c7463f7b99f86321889aefe3d07e7c0ae107c5d0cc170b4edb2a9ec614574425bdef1cb7ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    63a06f9ef092cfe1c66acffad0fd4f70

    SHA1

    037c85ac2cb7e4e0a0b71679131ac665770041c1

    SHA256

    3561ceff34f640bf8a61576d7dbb6f785a4c0efc4eeb830bdbcbf09936b212e1

    SHA512

    5de79f8b12669e22b1775d6156de6cd5124c8bc01b7b81c64819ed58d3707dc855345b0113d595bd1da286704077389bc1c9e123315d68f607f41780302d6649

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5f86965f64dfbd32e3142f59dd11c452

    SHA1

    5c16c29ed448282a884f7478af33fa6e09685eab

    SHA256

    6347ff409ac2b3d9976b2132c29a1f504720cd3a3c3bbf664c0cfb6ef9668a28

    SHA512

    18602b5615317a5df4f668bdf3c9a73c7fd710bdfd5fc82fd3d3c350ad63b52a4ff82d3f1e713d156e3b9c768c457e1b02aff6de7e53ece359659c4f8df7da4d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    648fee867e0133d7910e08e99ed44a88

    SHA1

    35d8b32e70dd0fc2cd63b51b2dd4c2256c86ac68

    SHA256

    8fd7837b10fb46d28de70cf052fc099cca63eb242ea2f9f9a8c5dff351107fdc

    SHA512

    65a8db68bac99368f29d6cad8251d5ef069a968e7238f2b622008c5f724541506db4b6f0979ba7a5e577c15056bd00d2a8c8ce8c55a7e6dd35e6d2deedd9456c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    73f89b52bb8f4ac5c90d45c7441f792f

    SHA1

    1a2a7809c8abd53189c7610790df6ebc4a4706ec

    SHA256

    57f47e752e71f8ba4af53604071145c961672ccde93423ffc4ea1e01aef5305f

    SHA512

    7604e69e9c823f4eabd0bdf67bc01af5b5ad982277ee8e1c1c3e1ac7ad80615bd19de49f610ebc862903dab8e3da92704196cdde7ce21b3fd2715fc8294884a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b4876f8d98b3d42da8fc2f9b912f793d

    SHA1

    e7061148385b43a8a18c5cc4e604bb789a172257

    SHA256

    ee33174f8ef2847b7ee7aa52087695ac6ba0322f3f3835add463642ea86c4e0a

    SHA512

    6f8479b7f9e80684b39eb60b87a9bb2165f118538ea607b80728406cdf97fca2bd1e2ff6fe1e31f2c761af0549efd0b3d32f0f6e4149ffa6712b2362d56e4ee9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5d3d751fe7c2d4e7b40890f69cb5f79c

    SHA1

    de2ee477bbd7bd21cbdf8ae55e496a5830c8916e

    SHA256

    65f13c5aff5c31bc4c661597c477e5735e5de9b7e19b36c67af2d9d8cbcadb05

    SHA512

    477ae9dc20f5af81791d38a2e8ba7328fbd8d8c1f888637596d3886489d250edb125e77e1df7ef7de75e1a788d90e37ef7a7e9e2ea2725c73e47be8a75c330c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    36b380a87a37fbf494872b55dbfa2de3

    SHA1

    ff0558354b211ab384a3a44e8bcc439f36e354af

    SHA256

    821d960b30c3624c52048af0b710b9d4a8ebd424b93e4409dc555713c9f42aeb

    SHA512

    dcf1d5fe953b9a90874a2bea2af4be4d5f68c78d4fbe59596d8a3ff71e10463916b21ea9dfc69cbc05009af9af454c1cbb74e3915fdbe0d59ac9147716f3369c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    a134006e1bb35d3765c5dbaa37d05cd1

    SHA1

    92341b75774c11489afbca33c728e65facaebce2

    SHA256

    fd3a70b96264bacd7ff57c61b7e55c9d452bb18396dd17019e19613aaf6d3cbd

    SHA512

    62d44e5df18380dbd748205a4808fd2657fc1d447786615d07744011fdcd4c7c3765ffded05888a04b45335b8d1ac620279b48dc37609ab91229dbd9503d9583

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c530943aa150c5dc033a64ce39db71e9

    SHA1

    9244961f5f37f45c91d9d43db2071ca6a930024f

    SHA256

    1b918d555d7db12bc84237c4eb7901ffb5b0e06be5855cc9b2811be1dbe3a653

    SHA512

    0d4a460333380bad28336ec6b9bb37e7715fe5231f61c3026cc50bbb67bcdef7b419632396bc45a5a653061f3ee251ec02e6dd7b1f59b4585bc36f4f69d80432

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\528EVS6A\all[1].js

    Filesize

    3KB

    MD5

    b8ab3e77149375288faa9bc5d5562dff

    SHA1

    dca3bc747b2e27cd4ad22c7f4f2e3c24f56e6221

    SHA256

    99c413ea4717c36d5c091044a0a074f18cb6f3436b03fca0bf485cb4689144a9

    SHA512

    5f26befc2df45434fb28646ac740eae8114a119717b72b48792190d27f6b8ca8f62f9601f8220ae6fe1d892f42af1b6ffe1fc23f35af3aa0442e59d76d7a71fe

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OV51DDG5\plusone[1].js

    Filesize

    54KB

    MD5

    fb86282646c76d835cd2e6c49b8625f7

    SHA1

    d1b33142b0ce10c3e883e4799dcb0a2f9ddaa3d0

    SHA256

    638374c6c6251af66fe3f5018eb3ff62b47df830a0137afb51e36ac3279d8109

    SHA512

    07dff3229f08df2d213f24f62a4610f2736b3d1092599b8fc27602330aafbb5bd1cd9039ffee7f76958f4b75796bb75dd7cd483eaa278c9902e712c256a9b7b9

  • C:\Users\Admin\AppData\Local\Temp\Cab19AA.tmp

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\Local\Temp\Tar1A49.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a