Analysis

  • max time kernel
    143s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    26-08-2024 04:43

General

  • Target

    c24e42ea9b6872fee74429c72a81e830_JaffaCakes118.html

  • Size

    324KB

  • MD5

    c24e42ea9b6872fee74429c72a81e830

  • SHA1

    06a54f134d22f2f992e7285743bd20007f6c4a3e

  • SHA256

    47af150d1cad62718c53aac9cc57fbf9a7a377bab28c3c303c1a02adb8efb58d

  • SHA512

    71455a7f69b7dc1470273cc7664e6913ea1ffdfb6053c445dd9b022f652c870e683e8a52518b33f24f79b87ed7bb814651b140e6d668fdf26c38ba912ed43259

  • SSDEEP

    3072:dmebHWRcj/wKml3gGXwbygLK3RndRuGko2CL0XNsVN98:dmebHWiIl3gGZ3gGz0D

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c24e42ea9b6872fee74429c72a81e830_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1752
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1752 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2980

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    f8687fd413508d929d815dfabec08b19

    SHA1

    8e73e941693b11e4e0589fa3676094694c674302

    SHA256

    325aa511bfadccd8ca875ce49f078b247013321b442d9ba74e20e28a41508f2b

    SHA512

    e1de54a0e3a25c08074c3500ba378707ca2d2526f8a2f747f554d4720466a2ef30a4710e7f78293406944bc6e7eb90dbb1778de52b53c3f670953ca452fbf72a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    88a4962d935b8b0e0be52858f0b9d4f5

    SHA1

    a333ec8c55af52d9c2945bfd07ababf1f419ed96

    SHA256

    1339d4b3aeb50b04730b05ce48a55b008607ac70341e08efc6052edc470132e0

    SHA512

    72ab4f4ad0e0794358e7bd678d97027e0cef40b91ebd3e4f21de5832f219febadb7a8f4b1506f47afc3455fd166174a6e79eb6734d4fd0992a56c0a3fbf9571c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8b702fe25a971f55d3dda3206aea8f61

    SHA1

    3065462fdf12206f85f8d25a1a7940e32c4d21e5

    SHA256

    72716fa7c381443434fd0eb41bd3b7b6fc88ff19b5756280531b3f804545a2b6

    SHA512

    f8505634ce25e2794d3f8a7d876f39ff1c902c78f2031542017be7b028c51d63ef194fb52258184d9d12861c08caa74da1fd810271805b900b2840f875f4c74c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    42fce49e70b2b5ff0ef2771e3c686a52

    SHA1

    1c2d99db79145599e0e939b8b2c8d7d0ce8313e3

    SHA256

    c465e0cf16ead3e0cb0a263785b1f77fa15ec38cc11db24adaded7b5041dd426

    SHA512

    4c24fe2d1e3bcd96735e254d7d9496db4f421b7a47e59300f3d9a0a5466c76f4f949c136a20262e6cb727f664aac735692eed0d60831d4fc69acb123fc16a718

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c920b9a12aefc4e9716cbc0106e47dbd

    SHA1

    2a61b7735958c416dcb882d4f3ea7a723d53537b

    SHA256

    10069d477e7ad244e53194bb63526ca63a91286b04b8536cecb218a51c712894

    SHA512

    11be76c59361728c7f1f146dca608386e4996d12b8123acf2bf8da0d351901b0246431c51ce5871535c5bb65ba5ea7dcac1e678d8aaf16bfa3aa79305a0a7b7f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d4de7345936d5fdba30493d2e36c8118

    SHA1

    c43403b25bc8639216cf0387db760f3a718f6887

    SHA256

    8fcdbd64340553b47dcc1c36e69b0dd938ce29328bb98e74e3b76ab754509272

    SHA512

    c72b7e130d8c643800b46262cd9221ebb744ee3bcaafdd28362483aa10af4e809c07ee08c32ce15a99b121c215003b4b8d12716513edac144bd0adaefe5012f7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    51ab952ad241d0ccd6a3d2dee824463a

    SHA1

    3cf5c13f5bd1be93e4301dd0355fef3f59351552

    SHA256

    d540aca45c4cf4b28d98b2ec2dd71955abf3b3e9043698d3623d3f45918cf85f

    SHA512

    982e7f1d9516db37aa9a492216231204461e3bc6e904fdb19ecc32de144483d44e1ea4c69eed10d52606959194be69ea16bf115c17bd044cd245e0d9435599b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d14db60b72ed766ed452f271ecb7e1b

    SHA1

    003c1e51b6509f7e197c4dfd97eda1fe7340103d

    SHA256

    5464e2ddb871961008efafe4a4ced10178fc919755130e96514affe6cefd6ed1

    SHA512

    b77c81e38108572c4155305db7a321d91917e6c87306886bd2accdbb729f8fbd8fd4462e674813639e576acdf420446331e768d1c38dcd9d63633d4a6451fcde

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a4685d4c8a37643502d12e0864a184aa

    SHA1

    da04c73dade41c702fef5ed291eccd19ab5a1f68

    SHA256

    37343338f7643430ac0359d4944e1f5e678e62956a47865bb5b5cd5d7280490c

    SHA512

    d71bef22a76783b353ebb28a5cb036f9065b421bfdf826d896989de553c94129be290a90ac6fa965d6f4a78da7d6094aa68d7ec109665304088acf422eaf13a7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba6c7cb67055e954300c7f2b5d4d23b7

    SHA1

    ffb80ad66023a5c93dba564fcbc7785ef26c468e

    SHA256

    7b0dee15cc35660e362accbe1a93214a8e0ab87421e6d6657348ba3de80ba13d

    SHA512

    31b8de401635c16703c5ed9f9b57654a8f6968cd7ac3457eb6e6fbcaeea3dc6bf0b6c0e1799111dca35d0c21e33e2362ff33aae3dcf3f9a7947db5e9c4730349

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    59bf08a549fb6aab39fadd911a317bf8

    SHA1

    827c901116e163cbd66000b80ac77bee3677afe0

    SHA256

    7c1c0fb405cdf99305ce63569c554f9786c01ffd8e0403bb0c630856cd29bedd

    SHA512

    fc49f86141872ae79db4e3c9f9cd198fd9a085239b41ad8dfa09e80792acf60dd0f2d931be8308ea7a3d719fa8ab2ee8e7b6357cd27732b693d957b6d04e46ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d40f053c2f714ba9c6c75974d0690408

    SHA1

    cf3fd986b919a4c3de77543336c37b3648a7815e

    SHA256

    00c8c90eb9650809a133429264655a25726535d1ec150a580dce9783027c753f

    SHA512

    6b8554c2d98851c42977f8a6d9e10c0dd8f1de3c4eaebfe1bdffc66247392edf9f91c511256b860f20ea799f2e2de6b03a49b6445a4372873af84f50f034ee0f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    da9a6fbb2f4daeaf9033faf0b8d23dab

    SHA1

    e4f6b896d139c8e658b3cb4d85f5ab2eb9ff69cf

    SHA256

    3cb41a841c4f71c7d3b2ff7ae82a068ad16169a31b1214ed2e34cc511a02576a

    SHA512

    eaec6fd86ceeb66bef1f39c834093a5e6068c3c65cf2d522e8d35940439e663b0e1dcaa83ab4c07994b461a22e4d509486c4c53f05d7636771027231ab7159b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    68f30bc77b1aa2a199f3aa9f184e05b0

    SHA1

    80f71ea88a11494d76eb0852fb1f9e4836fd76ad

    SHA256

    463b921def4b41ade0635cd9d74abbdc6903dd19930eff81a69fabe7ee178315

    SHA512

    fbe913a33fe7b75760dad346605788885ee4166d6353155039e898489307b370fbd97c95c6aeb340da58bfe02369913f2eeed5d33aeae2bf9f5f63adc2a59544

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dc81079ada327e2c9f73b919ed0c947f

    SHA1

    f437a262d14e363cc4d3d6a7832906cd2db1cf92

    SHA256

    2b6084f23a0f8e703aaffa4a7b1a4077366cd571bf4000aa9dd0c7394a926c6a

    SHA512

    c921c3356fcef8893e777d78c92148fe5ddbe1116cc083997b5ae6f238e7101fd7c49261a90d52d87f6b8e7f0d4feddae50fb80590a95935f9991f31f19d7a04

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    09fe27cea8087fba30c4d851a06df775

    SHA1

    d1c187d10be560f5ed97795452d5482407e9fbeb

    SHA256

    c681e168870c443e3171f53238a1e5fe12b5953eb467fd7bf60786b420539aeb

    SHA512

    780fc0b9109600b6c38e6acee455db7bc6e5a975078a8f912f195cda29826122e00ef5276cebbad336dde4cc1aae9783937f9561f3c82121f385844bdf89600e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a5c805543787f284dd2acb0bdc44a529

    SHA1

    e106cecca73b84def001225c1477553c7807e397

    SHA256

    89e11a73dc10e4edcb0ffbfbeb51aba3663807d0ccd176ff3a226bed95b395e1

    SHA512

    ff6415a3491d1d2b6ce3611073a584f27469f77d907a4f23ada496c2a891ed2a894464e5b81e281e5d1bc81e511f28c669d777ab2bd5a3ab0529cf50b76181a3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a0ee001aa0d6b884fdd879213308e045

    SHA1

    48ddf1298464c96e8ca605f2d5e17758aa5cd645

    SHA256

    8a090970291fae5f33c9864cc4d613b3e9964c10f7ef470b3106b774a187e2a3

    SHA512

    de9749fa6dfc6072d47ed367fdda65953b2d3bedf3925a2c5d3c53d41cc9933f6f9f9446dfda1fb8db403cf7eec59e8e1d1610bbc975470a761849f51e911299

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9d3966c5270a9da02df229c7b7b413cb

    SHA1

    cc276d06a1ac4759457426ede2b011b39bb35cb3

    SHA256

    2a834ffa815e0596cb961ca1a4a132926f8279e6c35e84bdf6d459eb7ca1571c

    SHA512

    16278b1ef4a0e2a2ef59aee9b118d20accbce96197fe797153d452d1f56dd1bf8828393011fdb0c6f1118d7c24d36d6e918872da4cc30c91532bf4c6812c76d6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c360519e0830804a4c86fecec5af622

    SHA1

    7645c1f22a12ca60d9bf844aaec13fc4b6eda968

    SHA256

    82bdcd017bd317d8956e1033423723524d43d8f4df0d95174547070f1120ce33

    SHA512

    51f6badbece6829f2efa43da59f57f6092ead44559865e470cbf4f96930039f512f8cd6df99e0f95c924b08dddd4a8b7a1add828a58f10bd27f15e5f6ab7ed5a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    13c7e3f6a0297d5a0fb41fd308c1e5f9

    SHA1

    ee6086c6e050bcdf6cb0c05b067e6a45d0ea0409

    SHA256

    25849c670309e44196d573683708d2facd3ba721fe059420fa60e5dd5cc5fcba

    SHA512

    f75b7c4bc466cfc6431e8df88ba69284e7420a16dc291b6a25e1272dab0f7cfe95702c8dfd8c71c96a886a0db4b2d8b64f342fe66a94c63acde0635e7204c46c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d18f45f38d4e8799693631c8c7937a0

    SHA1

    2a59b0a2d9240616dd1e6bcddef5961467fc415e

    SHA256

    0386eebb801e07701bcf5a40bd793c779742633318611fc838597659a2839d03

    SHA512

    f6ca3cbf874038ea3e9ff5aa6a4fdfdeb8f7025d1e73864e62945bdfa9d6cd915ce2e04bc58583f5ec998aa70074a31b63e5f1437feeded72cc46f38d7678940

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    d6ffe1cea41d0720b6a2a6a51d6e8ebe

    SHA1

    9ba0ff8b10a309fbb211eecf2ca977ee78f28ece

    SHA256

    e2b741e811f5fb48d60164beb1f02c51f7781f95892967acf5690c306a70bd76

    SHA512

    6753b4737aab46d591c4d782c9c4089fa07c87a7c525498c79b87f620d608c71616e0ad773d8dd7e0621ad92ad17722ac4bec5fd1e2713b0bb8083bf568bb11c

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BVY7RUMW\f[1].txt

    Filesize

    39KB

    MD5

    e4bf7412481d9f54b6819b519c46995a

    SHA1

    cfae1bb7e881bda936701c00b8c429c4f51d112b

    SHA256

    54d4a01f2955f252240d780cc061c06e71adcf0d7302526070286afdd6aa8dc5

    SHA512

    425ffea7a1db31aa0b35690f1cf84563a8f4432e07c33aa5dc84b976689ed1ce8027f4e644a4650070e68212091cc6feef736e6bdfb240f38b9c89217983422d

  • C:\Users\Admin\AppData\Local\Temp\CabB1C4.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarB2A2.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b