Overview

overview

10

Static

static

1

4135c34990...8.html

windows7-x64

10

4135c34990...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    136s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    13-10-2024 17:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4135c3499046c6eab2eb1447fa037512_JaffaCakes118.html

  • Size

    214KB

  • MD5

    4135c3499046c6eab2eb1447fa037512

  • SHA1

    e447ccbc904eb393faf5ba1c8f7c36b1d638d7b7

  • SHA256

    64f5dc09af98a76724c12f7ba69ec901525b137ea5145e213fcc0c8a5e8b9aa5

  • SHA512

    c9151a21c67fa9e27225793db0fe893e490e385c8bf36e4dea4537002ffba43b0c396928e0afd6196571023eb09df5c454927d0ebe17da4e735dae28922df6d9

  • SSDEEP

    3072:pL3kDl5LjA+DbCu8codghZJjzq32D01lln34WAb2kodghmqeU3SUR4MAdmpzm853:d3kfh3DQ5qyO

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 54 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\4135c3499046c6eab2eb1447fa037512_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2368
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2368 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2600

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DABA17F5E36CBE65640DD2FE24F104E7
    Filesize

    1KB

    MD5

    c6150925cfea5941ddc7ff2a0a506692

    SHA1

    9e99a48a9960b14926bb7f3b02e22da2b0ab7280

    SHA256

    28689b30e4c306aab53b027b29e36ad6dd1dcf4b953994482ca84bdc1ecac996

    SHA512

    b3bd41385d72148e03f453e76a45fcd2111a22eff3c7f1e78e41f6744735444e058144ed68af88654ee62b0f117949f35739daad6ad765b8cde1cff92ed2d00c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    385a5d05827624e975d80690453f6af1

    SHA1

    f45b3354ae3c53a57b2bc08cbb47a07a6951e880

    SHA256

    e5a5274fb061726bb7813d3462b193a7d62368409cf5899336b82ac95287f193

    SHA512

    391f32205f0d217e8d7ddb9e2371aecafba8c6197fe75b27da412fd765e709f466590b91087c33afa772cdad7f9c56b86e5b2df7470b8a619193a4b30e5a9006

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8fa51479cd756c5500da0b9acd4754c5

    SHA1

    11bdba1677ba8ba9e03f0a6155066b72f75786e3

    SHA256

    db2e26c6f682c3dd8a612cb0876eae5c737be04c0a81364951a6c4c9d5da2d4e

    SHA512

    b47a51f81114e933b9ad2fab45756d426ed5657f3ead8bc00d40539a0fc424e42bd1fc7d84b215e30fd2a56672118d1ef2ba41438d65e082782d0034408fdb0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c36b6d88e216dbaae6c073017b11dd69

    SHA1

    ac514ad1004e8792755e1c9d1c7cee356a113a43

    SHA256

    84453f7e0a3dc28484802dbac7ffe51a93092db80c8b295b55973e7ff0300350

    SHA512

    2d658fbd073434a08c74dee353b83772ea8414dfe74a12dc544f376d78188e44eb675079fd52fd7027d718bd05edc618cac06329968ab8f7b8719dd5d3f2077b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ae7806fa41b21a1aadc75287b1bfeaf

    SHA1

    eaf5c0afdb3ae97eacc94e0093976fa109fd072f

    SHA256

    43b458b68f099faff8d021b39ac92ee27f9912e49bd364fec413fbc37c636cc1

    SHA512

    d4deffb0575d8f4b99481dfde15d79b987acc4531f8d6b23ddb29261f7758b2c6b0c3c2813fe694dc0acee3d6db3b146dbaa137be282eb50bd4e1dd7acde6721

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8865abd94386a7c98d29e7395517447c

    SHA1

    73de44aa8286115e36ed6c0bda05d0c6dfa07a64

    SHA256

    6465441193780e0d36683e0b914bf4fc940eaa2a7cc4b13f6ae6403e635dc7f0

    SHA512

    a49e6f4ff5892a585580e332141851d75ff9ff0cc333d629b4c46f1c3d1e411789b699c10191018198265d0f7984187e72065a44c77b8a076b5fa6d4e3c1c99f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b34f37ead237c3278fae8346ca0bdcd5

    SHA1

    e25a8fd03721ce0a42b076d18a1e88261868f4f3

    SHA256

    a95cf3be249f933fd84036cfcdf1d52b3033dfaaf69f20c589608f1c127806dc

    SHA512

    cf29fc32498d381210e1eb76ea0588e582efa6c3fa3d6b53730fe21dcc967ee42783bc482a484650105772c510f62308dd60d93542e1473b132f51bf2cefe171

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d52b7b948fdad4a72523a94cbfac12b7

    SHA1

    16c6aeb9305705090e7c8c69d7061a6b4483a1c7

    SHA256

    52146a23a9c93a95967c62bddd149539150e9b14bbeab874c3e3cb488612daf8

    SHA512

    a5e160f64fef7d6702de6ba59550088dafc97568e8b3a97612f91261f12bebf6ac838169faac6953cd7ae093bb5facbde4e4fa22c7b95f7d106a58ea5c0f9011

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f68cf374f28e2f0a94c7a53509233ef7

    SHA1

    f11eeba248b3916e961ab0447f2ba9a1a22cba14

    SHA256

    35b3a8cfd4bc2cd8f096bfd0ae8e0b016105d83f6cdb256e16ac2be5ebe3fa12

    SHA512

    aae6b751d741fea0331b2b72564c627ffe23e616fd6ce23d5b369f1a614ba0b822711d8c16903714b2d2ca26834be45facf0a60580a14b357294fd008d04cc9f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ffdd19b8789ce345e45127b333bc480

    SHA1

    ebe7c18e246e38152fc5a496ec3dc97faadc8101

    SHA256

    d854cc86a1a7d98969ba9e206f517ec778fcda6d5b4f775b4ec430f2789e0482

    SHA512

    a33811e0d8109ea0ca761d049076b6255965b506b94b4dc3dcb8d898f4314a51b41c256e867ff7d52e9b64a7028349aa8012fb3346ca180184b35af956be4ced

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    117e0b7bce6a226610034f3c7b728254

    SHA1

    255cd050a72afbbadc199013e12c33b0edfe0c5e

    SHA256

    28902e1c4f402001da69a80308421b3d3968319b2cd65565f508e0a8374aafc8

    SHA512

    47b2e52fe22f176b971514d667fc505d42184fee1b87ea9b6eabcba3f34754636a40290eee990a409273cd3bfead0c3441ba08bf2fda689d52b2048de1bb4790

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c7eb2d18ebaefbaa9be2df5ea4ff257

    SHA1

    3aa86e717fc7a1491834bb3a490708e23518b29b

    SHA256

    6623630619c0150f4c1a5aaf17efd5c1655bd3737d15515fb232945bb69062da

    SHA512

    f8853c16ec9daf6d0a823c0151ae89e3089ae6e5bff91f3b3634a14657ffa0a3214043368f6e44bb9dbe72800d2d38c8bc93b00fe4d321251ff872ef578995d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c7c2eeab48d0c3c522fc4219d9e04e69

    SHA1

    612223a3381dbacfba240feeababe2d470ebf9d3

    SHA256

    86859d5cebeb6d8c9369da4a8985918716e437779dea1c62a79ac77834d1dac8

    SHA512

    c003a72a5b14fb77b72a3299c6cf023fff872adf347bd76aaafb57cf9c4e49e71a112671fff0e39e78c357b575e83486eef3e2cf01ac13b5217f369c4c263375

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a60277cadfdf3cc32b467adba75f07dc

    SHA1

    722ff4a26bcdc189d89ceb33600bc7846291cf3f

    SHA256

    0fc4d0964ffef305521b5996a00fb630c73d464a6c961d8727eda335c09b3039

    SHA512

    a24b12876a92f8966561cddad26ebdbfaee0bcd6ef3e7991a9c438a26fbc284cd214865404a71c79aa0bbe8f533d1e87ce97553c2b9170f8d00631afcbe77ba7

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\OLKV2NFX\www.elo7.com[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BCOPU31\cb=gapi[1].js
    Filesize

    66KB

    MD5

    aa012028297a26c039c37ab25a4bd17a

    SHA1

    25f23d01b5f580c00778e1c010225e5b8c73b66c

    SHA256

    55cd2316edf7159b623e4ec2c9e3a334027c01e2d1cc386f833ebcd35ed87b38

    SHA512

    d346eb082674fc26d562da9a12f36ad2cc7db1f1b35c891a8734284cf1bd052a967137c1281982070688b2bb2e06c7f4967d1c9397311a31a11a8560b9c45fd5

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8P9TO0C6\collect[1].gif
    Filesize

    35B

    MD5

    28d6814f309ea289f847c69cf91194c6

    SHA1

    0f4e929dd5bb2564f7ab9c76338e04e292a42ace

    SHA256

    8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

    SHA512

    1d68b92e8d822fe82dc7563edd7b37f3418a02a89f1a9f0454cca664c2fc2565235e0d85540ff9be0b20175be3f5b7b4eae1175067465d5cca13486aab4c582c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8P9TO0C6\rpc_shindig_random[1].js
    Filesize

    14KB

    MD5

    ec0bde1b421dbb2f9de32fdb220daff2

    SHA1

    aa4273e506ed0a091e4b8177aaf75d9b2332f240

    SHA256

    e55ea0525dd518ad7afd157a24687cf658a9c2a4c627a7e2bf89830e23c39a1d

    SHA512

    84f1d9de515f7cacd66dade5e2fe49ca3fdf63501515e5cf0caf82e34afe07bf45351d2920e8bc2010ba52fcbb9ea96609fbed57079c4bd2406cfd527ee57e60

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DUME8XYE\2254111616-postmessagerelay[1].js
    Filesize

    10KB

    MD5

    c264799bac4a96a4cd63eb09f0476a74

    SHA1

    d8a1077bf625dac9611a37bfb4e6c0cd07978f4c

    SHA256

    17dce4003e6a3d958bb8307bffa9c195694881f549943a7bdb2769b082f9326d

    SHA512

    6acd83dfd3db93f1f999d524b8828b64c8c0731567c3c0b8a77c6ddcf03d0e74ee20d23171e6ceac0c9f099dce03f8e5d68e78c374da2c055973f6ac2db4e4f9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DUME8XYE\f[1].txt
    Filesize

    40KB

    MD5

    7a5290415f62d55ab49dcbe2c89dca9d

    SHA1

    66b7d63eaf9ab63296381b3223b81d73e908e909

    SHA256

    d990cd9ed308863d297c9fd1af34e28a81527a985827bfe5c5d55d6b339cf778

    SHA512

    d72cadd043383953622a1b78f0b9334e11945da803f76d4b14cceeca32d3ff203a2a10e0ddde6705011e5e31494db3eba621f00fbe6528056e88b60238345cff

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DUME8XYE\ga[1].js
    Filesize

    45KB

    MD5

    e9372f0ebbcf71f851e3d321ef2a8e5a

    SHA1

    2c7d19d1af7d97085c977d1b69dcb8b84483d87c

    SHA256

    1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

    SHA512

    c3a1c74ac968fc2fa366d9c25442162773db9af1289adfb165fc71e7750a7e62bd22f424f241730f3c2427afff8a540c214b3b97219a360a231d4875e6ddee6f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDAC7.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDC12.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit