Analysis

  • max time kernel
    135s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    27-08-2024 13:26

General

  • Target

    c515a4e688dc5db44fa6e685777d9bc8_JaffaCakes118.html

  • Size

    50KB

  • MD5

    c515a4e688dc5db44fa6e685777d9bc8

  • SHA1

    ab1017fb3fc74259bd913bae209099095242317a

  • SHA256

    dec94f45bee22f64c76f16fd63391c452acc6743de30cabe0f90831754858287

  • SHA512

    12340e09ad38248de83b79152ec4a732a46e576e52af1fc65545fb0a119bb6334067860bb7a201cd7cdcaf7aa11a9a58af62a068586df27a1b78539a4312b41b

  • SSDEEP

    768:yy4pDJTOIJ/AT6cItJToTVqn1jBUL5bVw6i34Q1F7wFC09kaWOyP1w4/wuZbyBam:yyODV0oc1lyP1w4/wYy0yB8ZQXMPqyi

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c515a4e688dc5db44fa6e685777d9bc8_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2052
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2052 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2992

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199

    Filesize

    854B

    MD5

    e935bc5762068caf3e24a2683b1b8a88

    SHA1

    82b70eb774c0756837fe8d7acbfeec05ecbf5463

    SHA256

    a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

    SHA512

    bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    b9e7bf2ed18a6d830cfa58bb70fe42ad

    SHA1

    ced89b679d474a85c77314602abf8361a7bf895d

    SHA256

    858b45c98608b511b87d2786c7acb8f6de6a027e9dd840bcb675c8fe16b66fb2

    SHA512

    20283db73d9f00f5de9e81d6f437ff1d3e1f0d2e3a585626327e275e8b93d1644aeb3dead5bb7741a46de57b2ccabd355ccfee9aebc4d9eed42ba6bee77da68b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    9f095c54e1f30d5d1f912369ffd8bf76

    SHA1

    91bb5b070c5f14fce9c857844a1b2be3a579a533

    SHA256

    ac03f2a69579e9783366174b6560bd80e6b5a6f2cff78a3afbb1d361ea44289a

    SHA512

    d5e1a52341f028efde7e645691ebe76fe1509a4b7a3b3513cca67dbb03841d42883e6a709ab751ea3db959bb6a0e9cd58b2ee4f69135b77fefbdbfde887d4fe6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ad860bbb4862156c3e82c3a2b77ba2c1

    SHA1

    34ee31532c2799c8a3f5fae7fdacdddc0756f3aa

    SHA256

    8e0776005c5a9880c20bc1b54c8a6dc27f16e8f02f1902793e5ce92b668295cb

    SHA512

    cd42d7bd2b964ff97ccf05beb795b96850d15b69e55a92d9d896eddf440c570c1d27522638967b7baa10633250645784c66b06b555f3e3bbafa316b60094478a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    776d28bc00f7656a564738873e28d2d0

    SHA1

    2d444c3d58e9cef109358579c88251713c7a35eb

    SHA256

    0485f9ade3098de6df739ee0199249fa9a3b7f12f55c8afd45968dc0c0dcedb2

    SHA512

    8988fd871a96b40730be72c4c412b49273648581f603b55c6372d6d82d1559eb5f7ca47dab76cd9e340cfe249fd5fccf9111dee964e7a05ef4eff4418fa5be4d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    711ce1f6ca73ace1a117f74fa8919bef

    SHA1

    c636132cf930a93985aedbb9e1e95d41aea2f3c5

    SHA256

    59332d349dcbe913e9611559d754b05630d8413451c9be0a288de3a73c5790c6

    SHA512

    a5e9d61f1869c574fe2758de07507e1d5d07130f7ca6cfc655d0c2fadeda7720812967c3817064889202bc1d7584223cf2ab1c7db16b527a9a1e668cc3f0c463

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4605244b1a6e12473b6cef7ee1d0aa22

    SHA1

    6018a6e93503cdacacdeb971586a98521633d5c4

    SHA256

    0b5cce05318af69b206c599fd5ca1831d83438a390d93a4658267b7ec58f09a5

    SHA512

    162f30b96b6263b9cf4d00576e3102c1d9318be6f4c2dd7d0f9dd70a3b606509d7dd4bc8450605943273b91daea83d1eaedbc626a4129674e798816f0a8b1c1a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    81d676c412230348edf7af535c0afcd9

    SHA1

    d20d5c7346bbaee29991ce2340920502e168c242

    SHA256

    e161abfaba566c2258be67fcee412595ad12c2bd586b6dbb89d6622440990f2a

    SHA512

    4a0c26176463437f89433362bbfc9dae128d5047a215785e2d05469d94dfb0cd15f73a1e1bf7a8701df2b1baf3d093c9db97257a55214a9da41ea13034a83183

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b88cf488feb5ff31a9934693650c864b

    SHA1

    1670d929e21bf28a49d6aaaaf115afd4ce1ba75b

    SHA256

    029455039163a016cdd096d9b7ca570aafd7bf35dca373d3ca0bd1c00c377b49

    SHA512

    fc566836a6c816e8907be12c4946742969c6943b7c9ed97557fa1a868f1777a0cf0648e9cc906d804e1f98b33fbe4dabc46e8efe8c5d566604133c698990144d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f6881e2b9c19edf52c73a274462a72f4

    SHA1

    85aa5e653dbfa69bf1c4ad846877aea44a8cfdff

    SHA256

    0f090848eb3ed63a14f7809f97ebf56ab3fbc0165857f5437e2cd30435d13d35

    SHA512

    d7fce98a6f7768d780ef3b83bfdb2db901b11e142b6784becad2738f7eec62919ab52514a6f29baf65a5dde6ebaea3f021ac0db6ff916708c22e4a0f6f6f3f3b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4dc48ccb8c9107e58b2f033de3563138

    SHA1

    f16e540818051d5636cd52b4198694ecda2d4a84

    SHA256

    fd06a3d0d496d02e9565d1291f095b80a9d247965c8c3fd468d58c579b856594

    SHA512

    0d6ae9d3f79341d5e8910f7396c9c789336350694e1a7953adf002d94753c8becb4268eb79ce872aa12a8be11a1651c307a881395e3dc8269f1df64cd444ea9d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0174efa4710aa99df5a676c8f171e18e

    SHA1

    5da34d0f8a66e52f32aa6a79fa9286b22fe7b192

    SHA256

    e1be7929b5d9f8c4995c1da5558264cead730ee0f723cf996223e1203c4cac3b

    SHA512

    c520116061505c8df7ff201b558190bfea0b995dcaffe94495408c0ac1acfc7ac3e5ee3fe0398af63f46cc824693576b28b0175a92e8aeb2064cf8ea8af1eaad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    29e2022d89eedc393a69be8a196191f9

    SHA1

    c121990f772fce878484d7afbba32ce53f46f9c5

    SHA256

    46349eb263482ab6ed271322d6a044afc7c873209f542687dd27a65d4ac4c1a6

    SHA512

    112afa088f022c3187091670ac1a6d0f8d76b1b86075dc3db09e8d36c9e4fd006b92143cd0cce4e7ca9078d8ed63ad1ed1f8a6d9c31b062b470b574019bcdde6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d1355d7f73f5ce1a5034e05b998ea660

    SHA1

    5a52c7359e2b68a1943b6f8cd713f1938e0f328f

    SHA256

    340532b84e8c17e08735281c60239d0c784b6bacd32ebf8886ee611122f8da3c

    SHA512

    548560433d5cfc2f6ad494869a5f92fde3915a7f5a6087e2705b479ef97f7554f231657c8642edcf3ac9d316f15c1b45e91c9ad34e8d67b99f187a0c4590103d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e9c1641309d2838d3e6021fa4e03a1d

    SHA1

    1b1a5bbf19478ddd71c14dbba6d8139ba9a7d93f

    SHA256

    05149a09b429ab6f24193552d79242018430035a46e7e581c85589ea8ae9c16f

    SHA512

    ad8adbde056e83e448c34e687e0d51a48650f7fe37b1725014c8bde08f7094a98beb35c8ff70781a02d920d2a4b20e2c2dcf1596813ce5ac28252560e322de49

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    20df78405f187d89f54638fa920c4466

    SHA1

    366d9da5989511a4570e044220a9a664274d2954

    SHA256

    b35323e807c5e4322be07b1b610dbe54b9b73eea8c5e82bd6bb2386976abc354

    SHA512

    f6514ab5187aa52604bb8b917976e6c6f937d0bb4da12cd4d5fc01b8f8813ec8a824f3dde512f77733cabc52e61232c73cf2ab2f727b75e598479a1f85bfd3ad

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fd2c3a4994c30a83f70635629bd03dab

    SHA1

    4acebaa134c93549854ff339c049a3c4527e372b

    SHA256

    c466e1d90780ccbb2ee0e4e5b71d1efea5697c9575743ea6f7c2b19529d18ead

    SHA512

    0783de9ef5d312209cad3593e93c3aa734f53fece31fb43cb10a70394dc7109201191562a5d70aa82a59874989c97188b0ef46955383d5b9990fafe3dc09e119

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    47d3ecdd62df5c244f661de72de0f613

    SHA1

    b58aa6f3a05c42da50b8b111ece7c7343797249c

    SHA256

    8dc23946fd1d50e35b41689e2bbebf4b21cc4697a9a23572f53a61554d4008bd

    SHA512

    189c88e0a64c295ef91deb9b4365c5c05e953e56e84f8483ab4e63e9fb39b42e4bcc2fa2a38e134f75f1f8211b9ee88576a9ec35cc305306fe711eef2b2503df

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3f599bad2313c5ee3a6b49f057feda8c

    SHA1

    eb9ccff79498c50f3022701506a4bf5cadc7028f

    SHA256

    a16dbf230a8314132858788a62b071331646a23ee96fe2a6a50c7ba90e7dcfb0

    SHA512

    56f5b57f8d2d911dfbe7393ab318fd7c1ecfa96ffdffca90d441dd2a3c38c4024a02e4538bba599d9118504842a4be9145d011a8e42ad703b145f70a0e3cc2e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7898b72dd63d320ad6397158405ae280

    SHA1

    b3be3cd6952f96782b239e0b6e5d691a3a0bf53a

    SHA256

    91f69522acb91555070ab6ffe926802d045827c70c7bf23b9e872c32a09add4d

    SHA512

    9789c07aded0247600f272ff2694c321dee3403665bcf801ab1d6dcfb43e5495e3c84a17412f0d122031c72d1a62f4dd382349267d56fd6cb4fd0451e74957b9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f306937896bfc75cc4a1a38407d9150d

    SHA1

    6fcd626f5a471ba3ed150308d01f5f732fb09128

    SHA256

    c4b43cb03d0f921df038c55b42c286239cbdad39f19efa5c5bd25c24d02fc384

    SHA512

    8464912d4862a64952d04f4a5ca1d3e06e058d4b9bc7c04dd5a537abc7cbf63f9534bee9b896b3c9d445f6ae748ed8deb81a937f01cdfa59428b6d6f8c692af8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6d907c84ecf2b3fbe821083529a4b819

    SHA1

    c218a8194a62a96aed08e7c3884c21dcbdee4217

    SHA256

    60657cccb1821e70cd23dcae41ce1c9ddf38640a8afdc7a74fe19919d475124b

    SHA512

    fbb1673fc001621a004fed5d6d3e8edeeb833bd904b7de61c6ab97c8a95571b5873728157d2e0ba1eb159ad7d3507ea2ef49d2bdd63ee176f724f63cba4e5457

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cb550434c4a0af025cffb8f30abcdd00

    SHA1

    6a4c24a50cff3fb87f733f001847d043fd20f7a3

    SHA256

    0866c59f5d5b7ec966e696c99e1f5a38a9950cf0be28f2f8944b284736653cb5

    SHA512

    a8742c5b2e64d41fdd8e2e2c3e75e594fc0450127add57017b0584100063e600548361fa5f9ad3d7a5e2b6214d1948f92edf177bd6b540f97ef9b5359687d01f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    356f4787b209efd828c6c270e9cca275

    SHA1

    93396330c8bdda99f5005ed791c9724367d94921

    SHA256

    cfe1c15c0c9b916c407e8ca8109c60e0ae38603563755ff92370bee3bb1b4a09

    SHA512

    815971b7b14a0d03c469ec0b8f12af925cf480e39c061bcc0eecf4e8b5abdd855cdfef993659cc6ed2a5398cc3bd9a9b56ec5332adbf5c73aef2581522ef5dc0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    ba6ce14f40a47320475c5da6ab571fb6

    SHA1

    acc319acebe42244dbaab7dd312e19c30d918c3a

    SHA256

    1ebb3451ce08e84cbecf633695033dbe62c7dc20589fac334212769634a17556

    SHA512

    52c0076700f2f62f85e96bc72b42a9fd558508d51685e97e2a085208a48add7c60b3621295ec9e884c6253aced460ae902c45f3bf2cdb8b524cdd8a1051550af

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GA43GQEJ\platform_gapi.iframes.style.common[1].js

    Filesize

    55KB

    MD5

    aada98a5b22ec7188655c2c17a083c57

    SHA1

    7c3c2fb8744e7412d8097e28f588788d91b9cd9b

    SHA256

    f2f09baa213dd3dd95edb5a30c7764e4a44d9a79c0831f90b1ad8ebedec9dab8

    SHA512

    a780aa3b9e36f61be8240487e75c19a96fe26d54abf9006680a00af9d1d394e81e517f0bbbc13edff3a7190679260ecd56fd5cdd7c2d2f416ab8982c3277b953

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7H6XY0V\cb=gapi[2].js

    Filesize

    135KB

    MD5

    cb98a2420cd89f7b7b25807f75543061

    SHA1

    b9bc2a7430debbe52bce03aa3c7916bedfd12e44

    SHA256

    bea369fc5bdd5b9b473441583c46b9939232bf1f98c1cedf6bc2241c4f5068d4

    SHA512

    49ccede4596d1e5640a9c8e8be333f9c18812d58f02b2b15adb54172df1387439e9dc5afc4ccd9d8f0f75f092318bed68d3cd577338e88ef4f9373de8a07c44e

  • C:\Users\Admin\AppData\Local\Temp\CabC341.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarC354.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b