Overview

overview

10

Static

static

1

3cc05e8e9a...8.html

windows7-x64

10

3cc05e8e9a...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13-10-2024 00:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3cc05e8e9a0676edfa1e557406a2cdf4_JaffaCakes118.html

  • Size

    77KB

  • MD5

    3cc05e8e9a0676edfa1e557406a2cdf4

  • SHA1

    d0e0d7688b712bc56cbe3349cd762d1fb030ae80

  • SHA256

    a9e1042d34932529e15cac9f02257f2e0b9a84733249e83bf65f676c3ddd0b95

  • SHA512

    a6cd8174dbab2ce718523bac4653f68d90c50a30a41c167130f0fc3d9199112b1c29ebd480ae71b5e5f5ef0aa06199e5cfc55a4d64082411d3b7ff4321d6ee3e

  • SSDEEP

    1536:MBeyMLnVXkIkIkIkIkIkIkIkIkIkIkIkIkIkwkwkwkwkwkwkwkwkwkwkwkFVklNG:YMLVEklfQ4+r+7OjlP

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3cc05e8e9a0676edfa1e557406a2cdf4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2280
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2280 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2840

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    4e67c86f66c91c84eabab5d1c8fb091b

    SHA1

    364ac6a4f02ece1b6625ec5822750ebb699dcd92

    SHA256

    8d46af3b34c55c67a20e4819185f3182990de117abaa423ab7452854021bccb7

    SHA512

    3300818e59f1d9ef7edcfe9ee149593c1ce7cb2a7ab34b3123a2cf51cd6372b82db9802d9345fef082f51b81bf76c53641b13b06fcb293f8d5254d11b4772bfb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e99e3b5d3acdc41af361f653193c3073

    SHA1

    6c640f7cced76466e44df16b690fe85e096627a7

    SHA256

    1c3c6b70cf0b43fc9b4932d264664b84fb2dd5ce13ab6a00370d145d10313d98

    SHA512

    aa96d65e9ffb40960971e52d73b517ae00fda3edc52f5d82b632dd3bb40561eff5bcd9a2fd68d4bccc4e1b076b6da0644dcd0c06817d58cb32ce3c39b5e5f60b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0508653041025349cd4ed2979a34b714

    SHA1

    0394053d560d001537c2feb914968c7715b0f05c

    SHA256

    f4aaf99cf58334350500ff44dd83a50130dbc2ed2919b0050e48ce0708c867ff

    SHA512

    f307156ecdfe46d7864e487b2d009d6495aac9744fc514dd89e61dda3a8bee68c1cabbd5209c769f84793b6f91028bdf357df93bf7363be1264df9bb9232adb8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1969ed35f347d4a45c0131e6d4489c83

    SHA1

    9c8c62303a7673163c3da32866d57500da12e9f5

    SHA256

    e93b2045f2055a3f14b55eae8d0a7de81a20771848c90cd44ee0decad4b05582

    SHA512

    232895d4a12faab67007431493043e2bff66cb7b6646bb95dc22422b71affd7491a5b53365eb01291483ba0a3b5dfbb456efdd678d5303390a93f4840dbdea27

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c93971cc52d7374514e0a569acf55f9

    SHA1

    9525bff77cdac0272b3a8818f3e50e28cbac1b9c

    SHA256

    1581012d692995ada32ed5b13b524e246a7fbc6fafb33c951967f9994c589480

    SHA512

    619f700e2019ca89ce037065e48a8059723125ab1da2a14bb3fea1575c454f73756870a1f4c560c43dcd43cc54ceb4a615eb4375d868e1509968b5a02b983608

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e902491d52c5757f4ba74ecbd7d8d5c

    SHA1

    6d68d2a3440e1e899d84c45f6b662c595072f165

    SHA256

    e5391b1d1a71d13b28cb24b051ffac42ed0c7f4181df4790331dae1ef7062dfc

    SHA512

    4369850516c61c8ae9c5dad2e2f1c0efa47e9852a537846ac7d1d047e4d66d0c32cefd8ea0206eca7f18edebbdf884ca9600896afdfbbda08961135da23fd3c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c1736efc53ce01e5bf65250f6ae043ee

    SHA1

    e7442b07c527f4ac97f1b1f6b2d1951b1faaccf8

    SHA256

    3ec621e03017fbfa6bafbada535b22f9f6770fc253d9eb318cdea6eb6f1ee9c0

    SHA512

    0e23130003cd3563b52964869ba1a297e3899e301dc6fbd83ab66f68aa67e9b5829ad89219fcd9d4abc4310005ab281c40b3911921219a139a8d8e1830ed1bc3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a24cc7c13a74eec2a9f98eb4ed63197a

    SHA1

    eaca97d0298899b186c9558c993014f7583824c1

    SHA256

    7a813993833d83247624307ebcad5de4d8b35cde02ba3d3f82022ac58e59a877

    SHA512

    3df1fb1c03fa6ca76d71af3c022c179ac854a348c4ae3e39dae2afb6869c52e178d8f8ab8c8060092a7887125c72b217d6fcb3b2d2ab90dc3dfe880b68bc19ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    56807d882b5da729b3123acbc639e023

    SHA1

    5c51971fa2ebefb61d4ec968a0c83644a252797f

    SHA256

    a6a8eb29f99c1cb558cb5beb68add2137a713aaca113249c41112465847e560c

    SHA512

    2bb2ba0a2e17da90a2cc0826d5211fb8546ce294cb7a4e457eada02b10eddfd608ee9e53f789d131c42ac70ebe1ad2baaab0821ef860e201071198702cb70cd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8caf0f5b21a60776a79f4bca861d60c2

    SHA1

    3fefe3eb8f4dac66b84c73ce2c439c43e7936e7e

    SHA256

    d6dff23bf17f49bf1c3f07ce9d6f2178bccb072fc0a9c2e5def9aef061eae69e

    SHA512

    04eb1d8ca9567d3afd9ca01204526c6b4fd0ae6659032cc398dcb16ef66d0c426c4dc8e4b5edbd5106846a79bd5438864953b25e06c228d4c0776918851226dd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d3f6f68ec99f1295a5dbca231b856ce1

    SHA1

    b41fe620357b4b9ac40a34efc137d167219311ed

    SHA256

    cdfd689a4329c5a60a460a8fe2844de72b0720ac9dc72a2c3baf824037b585a4

    SHA512

    ff149df53af242f3a84cce883e83dab8ec0cfe3b71d93b1a2a50ed7d6f34aea0be1aec534050d356ac9134ebe9b8150e0f208dd50c713e1c25f651a6168f04d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    d2526fb71dc5b18c33600c516da75514

    SHA1

    f9bef0dc86f64613b43b7cf9f34edaa77ba3ca26

    SHA256

    977a5fa5a28f543628e0601be8e087ea09bea68043b8c144975729c3e118aced

    SHA512

    5b170f3d17222411a12308812ed673826b35eae68684acb54f781f29caa0dc444e45513d8eadea644bc2d753ca334edb3dbe50c6414f8147a20f9a46068e5254

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF2AA.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF31B.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit