Overview

overview

10

Static

static

1

ff7b285d45...8.html

windows7-x64

10

ff7b285d45...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    29/09/2024, 23:19

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ff7b285d4529350b4d107634a0eecfa1_JaffaCakes118.html

  • Size

    63KB

  • MD5

    ff7b285d4529350b4d107634a0eecfa1

  • SHA1

    c0c3cc9640636b3fcdec25124a0ca36b861ea364

  • SHA256

    555c1b62b210b7ae544a33cea15ca7f4d481833e770dd6b2c915929daaca6cb1

  • SHA512

    18a164c49182dc45da66c43e887d06335f39d797bdbd4225f98266d3b018f6a669c39612b4e9207be33026a0f3c5e1cae90723d20d38e669d40fbd635571c037

  • SSDEEP

    1536:FOlJTYrUkTFvVO/RUEB/4fSE/f0708ZlqVUDDkQtx9jjLvEZxYl3:+GLLfS+f0w8hx9jjTEYl3

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ff7b285d4529350b4d107634a0eecfa1_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2936
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2936 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2544

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C02877841121CC45139CB51404116B25_0BE30C8E6128C0BC8455FF6A9904D7CF
          Filesize

          471B

          MD5

          835bbdcfd058e2378954d164488fc9d7

          SHA1

          bc148bbfbd08d5057e0827c9c494720941e802da

          SHA256

          df5651707a7e06e686d87b36c094efc73c9c0d4ce8f8691355bbdb2a60bc7610

          SHA512

          0c14fce23244b8555986dcf6de797b05d9ed7a7fa6b0028cf36f43b1193a0217701f2ed33225db4d642672c64000469edbc6ff2cdd385cd2383aea27af0daed1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ddf8fcf5e3f8738d65629dbf2449c687

          SHA1

          c53a4d614cf0d73d0923564f96cf03366092320d

          SHA256

          8d42d44beb08443738199b4d9f6aeed084a6be07cc07dba5b95e30b9f6c00588

          SHA512

          850285c23a2387cbeb4370d1e5bcacefd4b3aff109ba587f7c69691f3bebaba56d65f349512db51ef70848fca26750a04ad767e18c387ee183eafbe07f2d2de0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          961f450d2e53a2504a9a25e1b00c5d9f

          SHA1

          e28c0538ce5e7b298c48ca87d235401f5ffe3071

          SHA256

          4babf3f4688fe7d03498c4f7db6b34bfebc1b37ec8d5a3efaec1de3f70ae9516

          SHA512

          7ae5ee8aa020b5c3ed4873b144ae53fb5c94b308c1c4f21880dd4c8d83983ab93af9475efbdae89615533acfb61e42424de3c5c8c98d24a092c972de19a83013

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d60a60e8d2150d6d78822cf0c4baa195

          SHA1

          4097e90f6e8f1f06325cdbf8fafaa675c9075c45

          SHA256

          2793c80df5b922d5b80dc12b43ac27633e2dfd58062d98bdd481cbcc224f51a2

          SHA512

          a6edff5528622f86e6b46883eadbe3dd114fc9f9a5f38ade244cebec926e9462e08312e0532adda5b935a5cc791c2672974d21e9515e472c4a75e5af959c112a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          a4917a69ebf82b003f90e8425292de41

          SHA1

          be0b869c4a66cfc4e6103b238c8bb470e4033b88

          SHA256

          10b9ced553a27765c33bf373610515b570d8c7a76da0d9324c73368b8938589e

          SHA512

          2081445aee04ffce0321e847bfd6ec9828ccec83342c57711c6ec2ccaf609a075a54b52408fb36ac77a8596ee9d5335677a3b4bb796dc2f3d89ec02c00f3b85b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          36b9ce8325d84f45d2c57303148ed555

          SHA1

          650d982d6e1d027c69f43615b1e3d133de912b14

          SHA256

          b8f7a557796645f53e6ff4a640f96612106a7240be46d4e7864a4d7dfee315f5

          SHA512

          b92c878c445bc6eb1d46491ccdeed5c1be7cb79e5400a97026763f9ab66a3f3c6a957fa42e7fb54c4b79a6b05ca2e47d0fd0d879f3d8a2c529fd7f8040160a74

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          17a5c4263ba3e61a8b74d564b5a469c5

          SHA1

          482cd93589808c7a7c05193ef900befe797cfeb8

          SHA256

          9edc39539cf76cf40be43f0bac8ce12a4af6c2f4046bb87f36f9ff8596be420d

          SHA512

          f34d383d753e6c869c93d8a203436599fc0358981f2e34b16b88c5a03c3c88efd7761f623bfa73ff54e8998b3e207f021b9677dbdfbf6d03f7007d0f296c5ba1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          da984423a1e944453be2916eba94de02

          SHA1

          b00d9ced5bc5e6041da01ffe488b12f2888f5f9f

          SHA256

          7012e1d9d90902b48bcda4b2adf1aa419d6ec79c106d9f985725e8572c2bc668

          SHA512

          24943fcf69928aca418330d6a53bd2fa86fc91eeec546a614cb5bae21c47f3f0c6673fc5e3554e0eec79ce08ac9583c60eb1fed32d63f45420d310129e2966c5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          341247efae366d541080d101bd6ad56e

          SHA1

          88bfd729ffadb5225fcb319ff2b2f38cf6158695

          SHA256

          eb6a42d39495d8e8d02115d07e15dfdc437c28624867191aa4534fcebaf57a31

          SHA512

          833d875416fcca76d8436990159cf887350bc98aa044e68a1fc5cd9e61107c5de753f391b262395600dfbc75a690e8ab651e9ab102897d579f584750df96d8f3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6c6345fac2f599904d6b3abe135800a8

          SHA1

          6a3bcc317df863cea4c7e92ebcc9c61aa2666024

          SHA256

          7b4c8ae985e70b9034db952a670db9279515defbb14867d3b34192a05229d239

          SHA512

          684148c0f86b4365505d3ae943c4d4f726433df5a0e6e9d85234e4dead88c7f12b9067d98a3c4ba1afeaed97f2cd0dc83f06b0e84f60aefa99af77793a1eafce

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          259d22380724da64bd15adc661413ad7

          SHA1

          88d7578950ffe31c28686804b15d3f8695076a85

          SHA256

          dfacfd89b4a45f9a2886b28ea660a3e1c1e824068c14b0716e6f93d56c29d08b

          SHA512

          019d314b3dacd7f42f8a3e51804cef79a1e34dc6cb0b6532ce6fa0f8fed8bce4ecf356fecb516b6519828bc15e857fd6a9495e7baba21865ab5b65e291b609d2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          586cc946f35cd364556674d15bdd65b6

          SHA1

          529b9d71c699f812a888e05ffa3aea9e46b53a94

          SHA256

          13d794013a7f05f24b49d9844e5de1e02a5e84f278514e19e93b0800ab036372

          SHA512

          2d814a58a1473b94e637574aba45a5225ec0d2033c8cbc233ec6aaab5b564ae9a740310b133085562760a97f20b3754ead7cd5d7b63a3872d8cc07f334460620

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c83a72b2fd357077ade8f3fbde44ec51

          SHA1

          ad19d373a7820fed54fd8f0d447b8532a7c4c6c4

          SHA256

          63bcd3d50ae3584b5fe29c218e0cc93c2bd9f3acf327f3fb7d3f5808f19850ef

          SHA512

          966d4547f6e72998d49711f82ec67ac07dcc310a34613a2d6d5003b9efd1bc32fbab314675657e9be6307ac7aea759849057f39ba753d854f90b6c438cfbf41a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          83d56169e4c63de1718bd53fccffb73c

          SHA1

          1da221b68f5876660130b15c82c2b511e3ecf015

          SHA256

          5296f32d83231b8a36ffb527e2de99483b9139398891d72637c2f88380596b5d

          SHA512

          71daf1e77cfea2c1f4b63797234f5a8baf31cd3aa5c8a1168dcb7b2c1c09a9a5c204774454a0fa2ec820a9beb5d9760c1d14b267773da780976eade566719fc9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2c1c7c5cdf3b26d68c8e78aadd44b7dd

          SHA1

          6f1ef86753e15fd431b84617701f1c79f1230a70

          SHA256

          7d1b6753f5fde210736724c267d6f708231e0a9730c264907acbde5b54a53b6f

          SHA512

          d919ecf7d1814969fe73f3c074383e2b9599f31b6665b8d6554801d513bf6f9036b8f7d29aec8825eda6407861e90ddab99ded6945907feefafbc7e555fc5444

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ab489668549af3ca9aae80dc8571554b

          SHA1

          dad347178f7312e53b72faa256db2f85dfaaef43

          SHA256

          b141f1644845878d0a59674b237354ba8d612bbeadf5c97a002ce6c51bad6c6e

          SHA512

          37d70c8e9b7256684d082cd8c9577947da9a60f745a25613a148b29d90817a802fb0af0828c2c3842d2102b523f99bdb577090fd8d84f4925617741019cc2c68

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          f0e36afec55a2a2a9e6f3cea31e24bad

          SHA1

          577f284f784001dccdfaeb5e0d096a61b5217f3b

          SHA256

          9dd7b77d0ee4b7a610ef3d7053b2027cab399d42feecb3fc225a437882635a6d

          SHA512

          92061c552d0a568edd113cd38feb813286c6c71b46c80acda1b9a5c2280fef9ba9c4c8b32197448c3c08e94d0fb085543b036d4649470170e4bfa836f3046593

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          84ccb1c767f7b6ec910a248922b57fbf

          SHA1

          9d20d894c415c25be3cbd8dbaeadbf8c04da150b

          SHA256

          4cb36a0e286a786b1f4d66b7d5bfede20ebf09b2b4440cdfeb035c54c79ac4b3

          SHA512

          e2df9306c8f3130d41019e8c39a887780e3f01f6c7699b357a86ea552774ecba528bf7552648c66ea2dfbc726ffb00f76293fdab79db3761a2a07075c3634e3d

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C02877841121CC45139CB51404116B25_0BE30C8E6128C0BC8455FF6A9904D7CF
          Filesize

          406B

          MD5

          50805763a799fbc90c43eba5feb00960

          SHA1

          cfd6539b9843fabd49189f928b521cb0bd8b0567

          SHA256

          573cb6854efa231506d82fd626104c212ea4f91f71bb1ac1d8b13cb7991d983c

          SHA512

          ff77ca4d2627c66bdab0843803f630359727896ee33659560a8b9427ec60015e27c4c128ce50ff735d44dd55eaeaa7bf73bf95f186a9b57ce52746e2459e1abe

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab8FA4.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar8FA6.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit