Analysis

  • max time kernel
    143s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    26-08-2024 17:55

General

  • Target

    c3896217af88b7fe18aefcb61b375f09_JaffaCakes118.html

  • Size

    99KB

  • MD5

    c3896217af88b7fe18aefcb61b375f09

  • SHA1

    a9841666ddecf100825fd85a99ce7cc000dcb63d

  • SHA256

    8db7d50e76226deae9183e53701bb9929f302946aaeddac504d56f2f90144452

  • SHA512

    798c3da005574a848603aeea84f4a687dfb3f0cdb293a6d6c1ec560e9514d8b71b80ca72c564a259c298a8a96a9d23dab7b7bcc6771030d6eee9ce4d5a25f01f

  • SSDEEP

    3072:fkclXnWM45N2r8sqIaOJku0UjW+XPiBgd5:fkcl9qIVJ

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c3896217af88b7fe18aefcb61b375f09_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2636
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2636 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2888

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    94a7738b31bd08efdf68153057ca4287

    SHA1

    d9bfac5621bf810a16d01d6c2ef1874a37a8e407

    SHA256

    dcfd27952bbc329901af83ced927258563b7570e459b1798e9a6741038452294

    SHA512

    a058c69131034211cfff974e29686f89db651dab143b84ba56989f865d2daf6989a7e4b1b017f3072b1ad5ffab23b37bd4564ecbd23523da644368c35845ca6c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0c2ad8be51b24dd3fea66093dd0f2735

    SHA1

    4293d7a09ada691590921be7402dc90084156716

    SHA256

    e92272e6bc9b9c1c2c807e0562225d68ca414f46cdcaa1ac93bc9aca1995303f

    SHA512

    a7b2f67246d87bb575bdcb1158557fe527048911915787b6998b2743cb0c4ad954789e8bc79bef8d223bd9c6c8630edee6840ee2433e78e2aa0852b2d40d22af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b914e9de72a6866a0c8c6c1af87659c1

    SHA1

    eda700bc9ea3fb4b94cdd8d53ff86a7c534e4ef1

    SHA256

    008f879d65ea71f89e50db464a730265fdc812ce8226baf36b8178adee346a50

    SHA512

    61994bdbe543b066b5cf8f7173d73d89df24e3f2eb81577cc6d5e8477968103a7fd0b580fc6298f76e93df33bea0199191060d4f3e5c84510bc35021c49ce211

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c43dc2b224ccbfe6b4a6d14918d5eec3

    SHA1

    e401239cb37e9cfbf0c84297a3f435d9d49a7e1c

    SHA256

    c4b5af60a4effbe640299c3d51ab395bcc1a95a98c1206c5a1eda90c67e8741e

    SHA512

    16535faccbbcface11b8428227d25a46e206bed6f343072d6f89df9332a52fa1d2e40d81b00c7030e4a1aeb8c460c96ff4c1ff145fa08195779faa2bc0aa0f02

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    69214806d3db6d439c37eb705bce120e

    SHA1

    6bb181ad219a509faf8904e8acc059bccf84b10c

    SHA256

    9fd1c93cfe3665d73a85621aa70f2d7675adb4622ef044d383ee1b3a65b8ea94

    SHA512

    94227d33402664f8c03338cea04bed4a903bea68b4bfff7c0b4452d4909bfe1e8090d7e894a05abcdca99fc69e728f2e89396e839c154fccc106b76f38ec5c0b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    617e2265f60ae6bad81f2ff01443e144

    SHA1

    6f17c05a77bbc63d8aefe3165fb6301c4346d5a2

    SHA256

    a706108f485e33a7243b5b870699ba73ae57cf49b55ef50d5909adf42bb021db

    SHA512

    f09f43bb8e1343bf3d7b562af802b3d6050499b313f99adf671c2aa1fbbf0111698e49d8dd647eb40291b1ea77bc8f8b77d887130a5454d6766a3c17202db2e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0c9a345b46ee577dc7cc2f15bdcc359e

    SHA1

    50cebb0e36960cfedf07e81adf7023feab9d9663

    SHA256

    80eafe4b708c3aa85e8f22c4f9217ca7f886c2c323ba6be29f5bf8f26b3e9601

    SHA512

    70e20464c4ffaaad7a9716f5b30e74a3af883dad51fb539beb061377b9b3328c382289357f9e8fc90fa0f8fb19acb0a725c9730bb345ed67781e9f17b4806f38

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    02df0b389744b78c4e0cfdc245eeef06

    SHA1

    75e01d11c1ffb890072a2332f1610de841c05435

    SHA256

    1b130f150a2e1c9e753f7aec40d2a907c6f17341657fbcdc2c91f39602b32a39

    SHA512

    8523ed3f707a065b9ad82ec72095d56d81541e262dc9b8673e094a289f0949b97d0f9f9587e1f38842b0fcbd1530687d074d94b69604161d106b8d20e220c03f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    73c485faf8c7d55939e7692576d0a274

    SHA1

    70c5f422824a672dfab0b3f57c481122f46cd05d

    SHA256

    5b9bda59efdbf0da2b4245e16d0d09a213f1fdd86db45df9cb9ef063b0775a08

    SHA512

    331c5e8b2889d5b00c767457df1561f17beb787b30957cdda880e7a69c80cb4684418716036f8f480233c54208f0c078b0e77d827c2b609bd93690769717bd26

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    64fd0c53d99406c9ad650cf47e93372b

    SHA1

    387b24621fda81dddab0ec579a27d2287e4c5c1a

    SHA256

    0806fa46014c057f7378d6e75c60fe8ff35b8a537718c7b2b9e5551cbfbb874b

    SHA512

    e40c6e2e43c94af1cdc068c2a5c3f7b3ac2d6188bf6bd9021e92735c1031ba5b3b8bef26763edf07c34cb94c07868d32f5a122a4a9a6eb59caf44396286d3b8d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e243bd1b071739ab932f00288a6859f3

    SHA1

    aa3d964c670f8e96d3feb9938f77e20770cd59fb

    SHA256

    ca332dfe9ee8199d9d2196acd3f7e2a80bcebe3f8eace9c26eefe7750234ed18

    SHA512

    69d4c5319135da2e954254a33e94db356d21a01b6627a14bc060cd04afbee8cc0ab29331a0d5455e71a97234ff88a91f22b3409b65efeaa9d7ace67ef1ec317a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aef80cdb85f1d7f9177b643a4c18111b

    SHA1

    483cdaae59cf9d08be22bb1d3af68d7ab56a5d2c

    SHA256

    0439c2cb1e73a48c566496538ab9623c70f52bd6904fb1eee3d95d3a6fa53ac8

    SHA512

    bb4cb760cb3b800eb4ec0d9ed9b459b499c0103a2d6f50464d1a86bfa40521ea94926feee5ef7f05ccc38af04c2492075880450179bd7822455dbe114a142b3e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8a77393e536d1a68784d2c75b5c0d2f0

    SHA1

    7000ef65ff99727dafdfcdfd984040085ed07929

    SHA256

    c7dad5313033af6a39ff1d4083f1c216bbda005e8a8e8ab48a0924044d892c58

    SHA512

    2006f4e0ff6718eb70c14263f8aaa7bb4160a790c386d6193739617f4f7c896ad434fe58fe052ca78c0809d2a0a5f0e57f63903320380113551dbb5f1ea1b9c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9061045217cfca7e5c016a0f6ba13d26

    SHA1

    d41946b3eaa97c0f47e9ec735d233e08d6cecec2

    SHA256

    79ef0519f737b608af27589fa2a51b6e02ca8501d79b2bd441568cd28e20c205

    SHA512

    b7daf874dfe7ae70745cff66ee3b6908b8a10ca91c7e2d88f067c3d2f409d2d279f3790a168183ea7c927d05c7477b692ebd175be0e2f29aa5fed9aaadc36c2d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aaca273daedf09c833541a9f3fc5a794

    SHA1

    166356297b839465ad3a9848e85c8415b4fa65f6

    SHA256

    44d86a1c72e96646774b8a5c126b0b87f8c80abe2f84bd28b3b08b495d2bebe2

    SHA512

    46f4321bde5d59e86e41ff3e8fb60690e85df5123daf1b582363b6fa916fe45b140fb9d82815fe5f509c886942145e4cd5f3bf75221127b1371e82864dff68e6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    02654382351680b51d95b71b44ea5828

    SHA1

    54b8f448c8796bb028b8ad6bd762da64045c1453

    SHA256

    98c1146c005b2365cdcdfb481601b2a4d0fab66d8e0daa471bd1471522c26b34

    SHA512

    64fa212a23288dcb5638e3c2a13d31f3dbdf9fbb320c48835d142122796860e59e61c1195f6cc8c700bd4c1844e5a74a8cedb111d4511f5f3baf6640a5c81f54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bee744fbe668e8a8254f8fdea6a30fc2

    SHA1

    0b06c5d32883e4005f2212343d1537aca0968034

    SHA256

    1831ff40b8e451d91e1fdcda99b6647ea06cfe1d471b1d402030ba435a51865e

    SHA512

    fe0bc281dad69f43bcc6d650a09f384fccf00e1fc4a28fd9999d4d86f5fc0a7ab17ef41b077a3f6c20ab192e0040f1475edefd5eccfe3f1fba24b28f7db01b54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e3f19352ad7289c11db4446bd4b57c38

    SHA1

    1900df95fe3d823d28e666eefe18963554001022

    SHA256

    570cc17804d67fadb6dd7e443a4a999e2adc96601a1a79d826ffeff1ce49521b

    SHA512

    5b5170471a125baf26e4647da31d5d2ec119145c22444713164ad01bc0360f6e985ca4f9770552b618bb93bf52bc5aa9728d7af43ba9fc204075d9449d98f695

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    573c9514806230cef1d7fd76f59e42e3

    SHA1

    260ac3de975429238af1f3ae319f72bc9c375c9b

    SHA256

    fdf5ca7f460e0a7b7d21d89df84e46a07ca51e5da287dab4450162c90b3e3eed

    SHA512

    3cb9a2fd943569a4db9e9eec63262d6b0e43313a4d47e518ba55493ef6daca1accadb3569810d75950885bd3785dee0a600afead25bd30895999fa8800d3de75

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cf7879676aadac452a2478656b3c8a0f

    SHA1

    68026c6b82fbecee1f7c34b399c062a4f5bcb494

    SHA256

    df53df439a57139c769901ad82b6dd988b72dec2a360e6e9d120a77d4fc86dee

    SHA512

    7527a80aa4abedf32d4e950dee828d9bdf92b74a21641d7e009f09c0dc5bb95e542d829c44bb69868ba4e23a3447da3e0ea7761547d974d2e57c6a8115d93a6c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e717db60d72af211e698bf3a47adab1f

    SHA1

    a8c68ef1e8a1394ae9e1d083f186e3af15eefea3

    SHA256

    775c7d370dd9c7e893abef556fd7f679e883fda80cefb57f13d0382cc56eda63

    SHA512

    f63a0f96a5aaedf1b140be861982b313b911bc57a9636a81634f0ca9c678522c58d526f0c68d24c889cb770e640eaef9b3a57821fba6e2c730ccd010896f0da3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    65670c23adb35627584ff3a850b91933

    SHA1

    e4d95f5306b7b4c449b7d66b243d9a595ea48214

    SHA256

    3a92539176fa003256a54f3371534010a6b0847a78bacea0fa5bdbe12bea7648

    SHA512

    31330c8beaa23aabb5f2b45290e58d0ae880da7da57035f97f47f29f2ad16766489546a79c9e772f4a17ea77971adb9f93ba523795d3d5f0906abb93c832cb9d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0e5fbb1aa5745be16277bdfe1972e565

    SHA1

    80fc9c29522dfb98185c59483c7906b9002ccf86

    SHA256

    a96000998d86da748b28e6d8a63e573a8c77060dee4874123dbd6415987e6213

    SHA512

    69b903ad9e031f520c85b390ba0bedb77a2442cb42887b40deb98ac73dd176314ecfb2f474d206ab0abf84dd2203eae690cc210367ac5f83d6b1dd996ed68e44

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    7bf6c73cd6ec691cc412d2031876e690

    SHA1

    834e8f343ad85e9f376c6a279560871bab2e4e58

    SHA256

    5f0e69330bbecf7eae7833aa0c304c12e679f7011abf1ed625dbed92a6d8f2fe

    SHA512

    d37edcc8893176771fbfbc73e3b51abd0ba3d60ae7fd909387638fe8a59644dbac99fa24e194f02ec534320facf011d080d58faa2860d668818dbc1ec5b8b209

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7H6XY0V\plusone[1].js

    Filesize

    63KB

    MD5

    65d165a4d38bfc0c83b38d98e488f063

    SHA1

    1c4ed17c5598a07358f88018a4872aa37ae8bc07

    SHA256

    b1320e0dda0858c87971f7baa0d53063ad2a429d232fd06b0067bda8b9eeb0ec

    SHA512

    abf4c755d88193e7e05398b6f934fc561d8e2adbee7d2170af399e145e54a4a8a93988e4af4e28d6240c0bd1bda7035ae97f67a85a471088820baae8d89f3d41

  • C:\Users\Admin\AppData\Local\Temp\CabF6B0.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarF703.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

  • C:\Users\Admin\AppData\Local\Temp\VGXFB2B.tmp

    Filesize

    96B

    MD5

    94a1820903fb1f98de19df188a6ad531

    SHA1

    599ad7d04fd5b1fa13f334e95240a5a9f4a66583

    SHA256

    6e232a3693a281342acc16b293dddeafcf91579f1b52df2cf22303b17c2a0e57

    SHA512

    25a8c568e85b48d20455872d8e4a189b024071d0ec19ac5b273faf52916f5d4c42fae0f78179bd7b07d35ecfe7c6154950acdd15ea5011f8155ca3aca8be1c7c

  • C:\Users\Admin\AppData\Local\Temp\VGXFB3C.tmp

    Filesize

    96B

    MD5

    857cf81cfd3449fd408ac0604cd3a326

    SHA1

    69209e67fdd7533fb3c76a7f3e2430a63909e4e9

    SHA256

    380be71e72fb28899a6cf71bad4434677a6df3a2fcce56d23c28bc4794549047

    SHA512

    8b6171180e1145953f185cf01651a3ef0fcecc2cc44a921d70f0e6fcaf58b42672943bc4f3e933fb333bdaab8ec0350dfb34c14aba30645463c12239d8814dc7