Overview

overview

10

Static

static

1

3920e894df...8.html

windows7-x64

10

3920e894df...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    12-10-2024 08:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3920e894dfef2414de1fb8376a610e7d_JaffaCakes118.html

  • Size

    132KB

  • MD5

    3920e894dfef2414de1fb8376a610e7d

  • SHA1

    373b1a03df5589fd5437891f7ba3ea82daa7d5db

  • SHA256

    238d7006e8206a9779c5f0cfe443f10a00722f097b9755138bbace2d7ad6035b

  • SHA512

    533c267896e72baadcf5dd74bd1d4d877b280ecb864e6e0e28372d7747ebfbf3086f785970800749d90bbd88109267f66472ae90cd209752629b742d08db45cc

  • SSDEEP

    1536:r3HH2lDapzRbkmYjZbpBZjkS8OyGcHRXJ4mpuXsO0EYAz++nT4CZEOsWdoGBlw+5:jHWN6SmYjf6OYA7XzlTX1YDVw

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3920e894dfef2414de1fb8376a610e7d_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1416
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1416 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2312

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199
    Filesize

    854B

    MD5

    e935bc5762068caf3e24a2683b1b8a88

    SHA1

    82b70eb774c0756837fe8d7acbfeec05ecbf5463

    SHA256

    a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

    SHA512

    bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    6afcdfb776d760f94f4bf5868df56c70

    SHA1

    aca979a9d2301979103e9115acd712709b25fd24

    SHA256

    276bea698f0167763515b157e17e3fc2d9084e5786ad69f3a3626c4de5db7656

    SHA512

    c9eef4a0ef0e90866e7f7e0a1e5813374697df5c74503933cd0139938e50e83d66c5757e702c90c9d9ea8262d2263721e42f10f1ec919546e11de3feab481d43

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4FA45AE1010E09657982D8D28B3BD38E_5FE95D49B80FAF65EB065E4DD6522D71
    Filesize

    471B

    MD5

    565ef535698d73040e2c158cb40869c0

    SHA1

    ac7aa8c5ee8e04d297f1445e5055ca541afb07d8

    SHA256

    cd65207fb567698f248350a9788b1271984fd3dab9cf442d1f9295092c4d1177

    SHA512

    dd4736e5be8a42b934a1afb64e717e709277baa57fd8217d12ce4baa6b6a3ee26e8789e3dc6eec4ae64375e0f2ade9506f72fde5bbde36b3bd94bdc3f971833d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199
    Filesize

    170B

    MD5

    dafaf9af554c6b7fdd36bb6709c00287

    SHA1

    0926dce9413a29597110fffa1ebb8f1d0c0c7862

    SHA256

    18cbbfb2c2a4748e0fc915c8665f0a310dd6d644aa574f998e030bb4bb7f01a5

    SHA512

    cd7fa9cde9a07e95d75489b5df20c14b07b91470357d50fdb048d8558c4a1bea87eebb988f445b990cbff61c7ed020159a6b6e825f89f17f23bd11e1d47aa341

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    d1ada1774840935f7bbdd36a30a0d68d

    SHA1

    482b5b40ad5124753719189ae897fde72f81ed71

    SHA256

    bcefb86260696c898c749b442aec499d582740026c860dde88c2c565b9b07372

    SHA512

    137331b1d74bce08e3e190d5fc7c386321a6d574aa7fbeb0ea2a7667926def1a0324a60f54cbcf5af0db2d622ece2d2cf8db55db5fc71471d1987c7240cc8f83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    9985b3af03eef554c9af910deffda511

    SHA1

    5100c03e55a113c4b1b411e437fb02e3222a861c

    SHA256

    0b89296a9fd173c533f0012cdf1a4d160c3d497ef76d09355317e11b66f2d15e

    SHA512

    8ce46b943024a4fb9f862c7f14be06bb6e2056f8f0772fe381a56385ff474ff7cae43470baf837d313075c21def055654b053f15261cbc29c761575474e78ddb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    b2bda3303d2694f36ac5e7d3b3cec64c

    SHA1

    e997c3c6990518493129f0b5edbbea6ea327e7c8

    SHA256

    eca16965f594297ef64af9bfbffd6ed0bd01535db36dd941cccf90ab22008303

    SHA512

    b3c09bb273974b7ef3a70654d69c0581e6f4ce9d2970e0568f9428860245a9858ddaee1cef51dcf3bfae5f5287cbb8f8b63f534acf86c426a663ae6a57e06f33

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    49e5b0a2e2a5b87f755758045a29d3bb

    SHA1

    63ec473085e0ec64dea98bbb9eb8f82af7df4e25

    SHA256

    82910ea24a64d126108a07473a0e325c1e9c17a0e19d7f3967e5856e5c9c5122

    SHA512

    fa361c5a4fcbb7dd92b9b7260e27f2bb4d4a113bf159cce8eca721923afa8e0b9bd0a5583d021aec6a9e08e07cc44b282f60752e4e89fcb09c6538f970efb3a0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    de2981ba181a3a38b3edeee5ee8a7ecd

    SHA1

    036a9fc4db7e7553c5ddd91a9ec5c2c358442fa6

    SHA256

    285aaf15e7ba5d65944e72b15caaecc3331d068d298b9eba64785502d8db1ec0

    SHA512

    20fa98c3dcdcbeb4cf689e70406d81389943870fe322dbd5cc9ef38f171918f167869fa381dd3ebfc432c36cfde341c7cced60c7877f55b2064b4390614bd570

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9a4ed068ea8c142226c5614669b9bfd2

    SHA1

    0286e4f6dca75f4f8abe7c96eca081cd8927559d

    SHA256

    361bb9dfb0712108b40b63c784167de7c9f29868e1052470440ad8e69521d52c

    SHA512

    80579cc641db2ec342804bbb2ab5d5ffb92cd2e1558e42a8cfc8b4481ce59aa86445df558ab395ea9bbdd744c0719ceec389615ac359a9351029aba5c58351f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a6d56b78dced3a46f0742191f4953f1

    SHA1

    be8dd24ca4ef681cfb0b2ac59e0f6e7c73d017f8

    SHA256

    ee3970020027ab787f3cbeb71e05caf551e9a9631fc8de2b2be61d37e213e6ea

    SHA512

    f2f9d4dc95d3a4518ac17b4bb1b2d678ffdc3c1f11b7f7a22d976619fa1c8f7162d129d7204165607683bc3f9c37699f8ae8c06f838b650f14e604a16f288413

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b766e0317d2732615c8a14b842fa5d5

    SHA1

    2af9b40f8f357a7c39b75ca6f9f1fa2ec62c706e

    SHA256

    f226a8b730ae37120bc5247f1b401bf8327fa7b7964073b0fd9913ac2612058c

    SHA512

    a891c8283d92ad07d46d45f2e6bf54e18315bf0956a539225da07489907e803392f0cc524c45d4fad75f2904de560fda9acff79305b867476be4f2f3c94c840d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c2baf59e71a5db153ab9f1aef833cf1

    SHA1

    3b88433a00e93d1e45b43d3afc4e9061bbeb250b

    SHA256

    908076725bdb3f072258bea7060c724ece5a658d8ebe03ef5c5cdb589637bb81

    SHA512

    f5564de7f9d6ffa168c338dba093d07c8505fe5fdc3feaef7421cd31881f21d8c45b6acd48c3a980eb3461e6728b877050edf43cbd911aec18cee20cf020cbca

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2477aea22a9ebf5bad0916113b4f2c79

    SHA1

    3d4eea1b7edfc3f25f2db897abbc9b0b991ef29b

    SHA256

    bb43d42a63f1d4c1cf65e909de7fd4922f95f784ad6b5b1fff61b7d2beaf1822

    SHA512

    a341f81d06e7b685e5463ba4740f2ece9f5bd5145f066c860806827c96312e0c7e51d8c05d2ab4ec656ce9ad940aeae784fc037824f7fe3662f75e2efb248234

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8d70a2172b146fb26c5aac9cc3e15dee

    SHA1

    822e44864173b470a5a00a989760e8bcfdb19c86

    SHA256

    f09166bb8fbcfa982d8bdc650ab92492bba15fe12ebc2efe73bcd69189053d24

    SHA512

    dcbfe0771497094ab1c111519b4e7adb469a8b1abaa9a34e4c80f766efcd28faad441a37b3aaf925032c309440940aab3d2b03343c4c23dc2b3fff7add87d195

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d8f84a4a8849a3f2b107914662195727

    SHA1

    c13a4a1b6d10772284df9ed7785dcb4c466ca10b

    SHA256

    461e30b1e5d20653b03669ed71aad3ee13d08eb10d9c52807da90856afd461ba

    SHA512

    976881ab5a709392bc26f6681a2da0fae73af3558e76eed8119658f762d5c27eeacde25b879ec4fa349d9e7a1fbceeea8e348daf490b64ef194e0d1e63166f27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e098bf713976ae40ee840d34c3e0017e

    SHA1

    244c57b034a7d21dfd8d13d11eac5b38fc6758f7

    SHA256

    1c5bf93c2612aa9af52490dad8493755c1546bbcad5c1a0b7f86e6ec5054bbb2

    SHA512

    2caf2e069b12c453473553fb1ab5b450221304a251926399244ba5861049e5f573e9180caa8c1e20fc688a0f136926ba38dcc5f19c78db14ccdb05a08417f10f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f655cf385e29a63a216547203edccaed

    SHA1

    bdfd97170843cc8e2a3a7c2b2d25f795489a7448

    SHA256

    e74200c93e381848ac009b1f7d995d2d911d638f2832c5bf2171779f06ed3fd2

    SHA512

    714eb9b3d11cd85b2d1fe33d8daaa236b895a1de2af2ad50aa4936f0d9238fe79e926e42dfe2e002b9935a939274e9b8f019af2bdc660aa8d68d17521b4db002

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cf0f3409e37a432d7e8d491ea68c0bf2

    SHA1

    da2266b0d7c77a006e60e35c9ad030b09c1bfd6c

    SHA256

    e52a2a44750b2952ee43974e0928249ef4e365c577c33ff928c604a680192b80

    SHA512

    4e7a9566548f774de9d454983c51f946f188f3b9e223c708ea98b4490c8dca6039439958615fb17a7e37aaa2992271d801b10dadf2fa725183727885c9634ad9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d95a617360b8c868fa0180039fdb806a

    SHA1

    12f1e526661a6bfd3f1170a3013b301b4fa8c2e8

    SHA256

    ef564bd6f3b18a844ff4c32ef2ee3481ace9d01007c70bd4abde7c1471f8ed3a

    SHA512

    70654086cbe96abf83997292c851573d29103af3dffaaa581053390436d39a0c1ec703c42d075577176ca9078eb7574db213449d10d082793e279548f691c264

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    89405ec149a66e0e2e7fc819c2a2ed5a

    SHA1

    a5795219869110e67e158889cfaf30146c13b3e7

    SHA256

    b3722e1f401a678a450e2511ccccbaaabf9d62c0f0de356bd48916ce3b940191

    SHA512

    c8c9839a44d50c61313a6863943a7772daaa6458d6e9e14b4d823c6e97696b09c56c31815b1f890cdb64fb94360c2a2470ed8356fe16ba3ce4068a7d7e1b240f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    329aa78dc97862bc7857abc8602f34e2

    SHA1

    3213574324e2ede80c237c09902b606a5d8c2a62

    SHA256

    7ab8ad5e864c029ae9484f7397e8fce5576004e3075ace141ae4b19b32e50c49

    SHA512

    08597817f8ab112e8b2113a948f810481109c4cda1040834ae53aca78c2092707ce837a5a8fdf592a1f75a808fbdd5cdeca8b3c1d76da81c34427d2cce0cd2d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    32f5a0f8a0cb49a8fd0d0d34af7930dd

    SHA1

    509689daa5b0324c0343c1a22e2b8fe57602e364

    SHA256

    5b505c3d97a8c413fdab0370780fa4886497b5708e5de1b07e07df18e910916a

    SHA512

    25cd3252e18bf629d4031464fc01911ffb8f264f00cde9fceab84609d6d073ef1601241be152c9fc7db6e9aea00731cc39aebc1eaa3bc04b3cbedac24d6b503e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZOGPI1N2\errorPageStrings[1]
    Filesize

    2KB

    MD5

    e3e4a98353f119b80b323302f26b78fa

    SHA1

    20ee35a370cdd3a8a7d04b506410300fd0a6a864

    SHA256

    9466d620dc57835a2475f8f71e304f54aee7160e134ba160baae0f19e5e71e66

    SHA512

    d8e4d73c76804a5abebd5dbc3a86dcdb6e73107b873175a8de67332c113fb7c4899890bf7972e467866fa4cd100a7e2a10a770e5a9c41cbf23b54351b771dcee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZOGPI1N2\httpErrorPagesScripts[2]
    Filesize

    8KB

    MD5

    3f57b781cb3ef114dd0b665151571b7b

    SHA1

    ce6a63f996df3a1cccb81720e21204b825e0238c

    SHA256

    46e019fa34465f4ed096a9665d1827b54553931ad82e98be01edb1ddbc94d3ad

    SHA512

    8cbf4ef582332ae7ea605f910ad6f8a4bc28513482409fa84f08943a72cac2cf0fa32b6af4c20c697e1fac2c5ba16b5a64a23af0c11eefbf69625b8f9f90c8fa

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZOGPI1N2\http_404[1]
    Filesize

    6KB

    MD5

    f65c729dc2d457b7a1093813f1253192

    SHA1

    5006c9b50108cf582be308411b157574e5a893fc

    SHA256

    b82bfb6fa37fd5d56ac7c00536f150c0f244c81f1fc2d4fefbbdc5e175c71b4f

    SHA512

    717aff18f105f342103d36270d642cc17bd9921ff0dbc87e3e3c2d897f490f4ecfab29cf998d6d99c4951c3eabb356fe759c3483a33704ce9fcc1f546ebcbbc7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE265.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE278.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit