Overview

overview

10

Static

static

1

5cc3233541...8.html

windows7-x64

10

5cc3233541...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    143s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-10-2024 13:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5cc3233541a8ecd7419a10dac056122a_JaffaCakes118.html

  • Size

    105KB

  • MD5

    5cc3233541a8ecd7419a10dac056122a

  • SHA1

    7205c348c57562ec288e11cf83b7f1db0521db86

  • SHA256

    97066ebc5db4c06e6b1e43584a723b4d7031de0192046aa0698846b47b46cfd9

  • SHA512

    90bc757b59579f4188fe2149f7b199622722baa583277bde5427ad19f21ba9e7fe257badfe283658184dd0f065184a96ae945249f2d7911e0c4b66d1dc6dac88

  • SSDEEP

    3072:GeDnfSnIoEVy0JlPIQ9h9vTgRp8QpQtjuV:GeDnfSQnf0V

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 59 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\5cc3233541a8ecd7419a10dac056122a_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1960
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1960 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    9d217beb545752b885d92c6ce30a2be5

    SHA1

    89b2624cbdb00ff79b474a6a591aa0ff99893cb4

    SHA256

    3d5ef22b6f132b16ad3a5ffa26cac7fafdacd2c9c367931eaaf21daa92dbb7c2

    SHA512

    3b35e5dcdd4baa647d9dacee1a7ae70dc6ad681da3c38d5ed42776123cd80c0271e90b86b9be33b6db9dbca2048ca945dc702bf7b9cee33c16a53d77a2a54f92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f80c630964eeee4429649b97160c3588

    SHA1

    011d429e2c71e7e46e1934ef1fad122e6a3b21e8

    SHA256

    82200f7317bd3c3e53788fb5468b2dea19e6943c21fdd6e2ae33a019a637f623

    SHA512

    f0c709a7b706604197876bf371c4f1ffdc5656572b567518b2de940e306ff3b5731a71079cad9e773a78b5b91dd98155997576a01c996a5852c785a2f875bc45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6ae9de592237beacf953238805c2f016

    SHA1

    b9ceb18b7a8fe9f9003b38ab1db465959be5945f

    SHA256

    badc7eda699e6b2f90e1075fc070e41e5cd2362d0e13f5a7646c9440c6739ba7

    SHA512

    4df5dbbf5210d91fd9b62865a8794bca7a8ee1169a1070e1404425c32e5bb5a1c7ddc20bbf2537ae0ae61bbe3413e7000eaeeafa808d28a44901214478cc15bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    602743121691123e4e929a2f4b4c588a

    SHA1

    3172b6c9ac8561f3673d6d3fe1093237423b13eb

    SHA256

    a4507af1d98cb0580faec33df1c9314277d7d8a2f5b09c1fe1771d8b11290c5a

    SHA512

    d2f93c3a61f57a1e799b459fd6f143887832027e8923dab56930b177c45798b5d40ccf7f07eb09be01b742309a9fad9be2d1033c130a083d8d0a6feac7d5038e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4217cda5c9a2c8fe59ac9151b4fa3e11

    SHA1

    813b4ff043dc70221f55bba615f5ef1bc8827694

    SHA256

    071d678b2458af1e5aedd72efd140fe55aaab3746e1a13e4b3565819ba561c87

    SHA512

    9e7d853bf6820a15b10064887224f1eb536fb3708fdc00e9608ed7d7309ff7e142ebbace5ded2bf882f6a130557f4c9788822ba2ac45683450ec43ff1cb42d6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    059a323a05ef5c2c303f9ff4c0a005f8

    SHA1

    45398b6e5dd87c0c3801aae56164e50be8607c9f

    SHA256

    5f04563657355f392596ef57ddcf5d8c67689e955d26409340403eec29ff4775

    SHA512

    6166a3f5d7fd45cf5228fa38fc71a08fb028aa133122b4be6a165e73f3e77804c1c52778e7830ee61a3441ecf41b6a647a3b205a5b06032aaf8228af4d1624c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1ae1b52e632ba27f1da8b8f89beba5df

    SHA1

    06ab38bf57d6618c28d84d37f38d48c97bd5801f

    SHA256

    25c51bd88c5d8c55030461ddd67c597732a76909402dd99e7143979aeaab937c

    SHA512

    4a30ae84fb8735585fd7fca1ec1c3afa25fcce77d7e8f8b6eb5853d168b0b388861e87d8851bc6c203a2dc0bc2b238b28c026b4f21d080e1f2de1de907e0e9ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    549be5b6a58fe3877f32c38c0617c066

    SHA1

    8fbf08a5919d1f674914b1d7f0755ea25c8ad2ad

    SHA256

    7832a30c4663e92d0e2212501848ddcc0860d21d70a77d732b7d6e1b47b708fa

    SHA512

    f40998d33d8f12605e774d47c8b52d11428c55559e69b1916e8db12dc2b4722ff00af46d39ecdb5c033f744ae5cf04e99b5b6e67cdc5e1024e7101d8949d1b6e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    10e4986e52f2cbc2dc7af5c088275c67

    SHA1

    b410dde9ce68ba16103d50c3a228971572ead440

    SHA256

    147d550541385576d1fe10e9c329a868ff0bd7867a58b05008dcebc7f5fd0a8c

    SHA512

    d3bea1d0532f012524ad707f1b7e342d18683f000fdc1b98f980cabfcb2ad93ea3a19b683332a2ce5f48447a3dd21bf0bbded7850516c28ebb73d78415cda8be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    529ee1cd0bbd0f4855e32f4a7321b6ed

    SHA1

    161d01ff825f325479322ff4c83b934be6737077

    SHA256

    9eaeaa1bd0cb517ccdc0af84f33bcd50f70e4f92f3d77091e3938a5d95755c5b

    SHA512

    aaf82974b7640dc4c3e1e636f73024dbb52f3dbf59ae4ab006a2c2e39cec8c248ad043ee643a173bcb203c8546dbf188a0ed9ff86865a5247fbea755f88ae342

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f94b60f6275ad1c9652dc056f3726dc3

    SHA1

    3ba807469cacaa37fda8bdb94852421a6d5a0170

    SHA256

    a446bdd44b3cee918be49bc7b69c2e91258d0b6ca99ca3f83a8f1e76e943f21a

    SHA512

    56e6165d33c9d4dfb7329b7bc0c6cad2b446a8909d8ea19d4a16a12642de48f99de68f44d7cda58e354a78269d1707d974123ab65e9bb54259e7c8407c660d6c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8de088be10519f28a288a77cf2edaba3

    SHA1

    66efac5522845f398325af4f64ef7a31068b5265

    SHA256

    828c71cfaa2133aa4c0821f46e6b28fd9cb086b56f3e03c02024895c933b1cd8

    SHA512

    ac4ad7227d4bfdd9558d193d5c49e887730db4c4df252882ac7c58d5b8161bbe35869873906f9e52524e4eb55d0faec4bfa903ceaa3d5201f8fedfd7201b67ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    924abd90ae759bce3d7aaba84815a0e8

    SHA1

    39dcfdf07fd3d4bb0c1c24b96946756490deadb7

    SHA256

    12b03268baa1030a1445e20f89ecc5576d331cdd8ad51aa21c034112070a96ec

    SHA512

    985f4b524613996723a5b17d90257b4e04cc0dc83c05ca5c6cc170738d8834033571ccbbf55adb4ccc939799751ca4e8f8718170e1a7a22adcc0027b860b65f6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24d228d83a7cc3f4c520a7cecd62f8c3

    SHA1

    d6a40f02d81024c2532b6fcd7f108d055fc04441

    SHA256

    0e5493357c40fa54c63f83eec977243f3b14f256a0fb86e5d7dec0b608795f64

    SHA512

    c2b49afb5a759ae9400ed75f9c71800666a1efa85e6d6444ae37004ccb940973529a92c5767af296d894f9a44f45e8f96682415d330950cf54a702af89b4bf16

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12e634e19d3e0116f23d1086ef2c6eff

    SHA1

    66b5a0ec1600a9b552af18a37f5c1f2d0356f2e4

    SHA256

    1c0c9f7b6f6f08cfecd5f16eb1b9b8ea3b573d1812b6676ce9d38d74f7e58922

    SHA512

    227558d8f27dc6d87d7e482e4a19a5344e42d122312ba68c4e539057af9e9156881db3181ef7573d3421f05460c3b9d125ddb761dd32558d0dd1d9221fe06603

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bb45256ec1000749c9515d77c9734b42

    SHA1

    b7a94f6d385987c3817a84645b02cf47ed4ce5cd

    SHA256

    092ecfee0ad40258600a12586e4543c87b1ce9c4308c457849d12d940288b09c

    SHA512

    344d10155354c9d9b60b33d851f49a06207ee6658ddadc57b252f15551f3b6d896e1b03dda2510f68fde1cc5afd0d1fea481562d69f7c4f8b6573edf533fe73f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3e6e09f1554b25c43ec478ee43573e3a

    SHA1

    0ad8da55607626cb11b53fd01a59ee5a919ba0a0

    SHA256

    234665f613aa80bc1f487fe8b6c6300f5d8c53d550eca793d3052f115a0f94a9

    SHA512

    e038f9fbfd1638f4547e5895fba477b5f84188b1b5241e41275a020f9ce965b10efba9a7b6d150d734d7912080c14199e776e16f24955bb9cc521090492c5f94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    b869109d9cc5b3b174e6e0be64bffdc6

    SHA1

    48604a7471fa2f47acdd1fa06f4a65ec22ff2184

    SHA256

    d8074d242d8c9cd4123e642939dedec8e4c768ad32a7598e56db69c905ca740a

    SHA512

    2c10ecec7fe00cccfda7927302e5f4ded5f5b5b9561489ed24c8b2c623f28f164eb4e4026d6f4e1bc285fe547805ced485f4c559cac35879759c14868f0dcf07

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\RH624DN6\disqus[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\RH624DN6\disqus[1].xml
    Filesize

    239B

    MD5

    2f0117fa8f1d005f6774b2d403261553

    SHA1

    977298589a62db35459c5cd6f61928cb63df58bb

    SHA256

    30bbb1e054a0e6316754f88290df02efd2aa36ab9440598c48c328ba80423383

    SHA512

    8420db09b10f29f409317d8107be1430ec82669560ccd556d848e73521d4b2454c7dd5deb14bf53b03e519b19f6281c1d1ecc390deb0c01334cc97832fdba931

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\RH624DN6\disqus[1].xml
    Filesize

    323B

    MD5

    b9ca67c147edbc1a5f9f8b583122f42f

    SHA1

    04c58ccbc90e6345354eb76e0b739038039a13d8

    SHA256

    280283b267514c06841af0d7b9934bde095223990d76d13cd4362d793ab9f361

    SHA512

    003d71035ae0c6646334f6a8cadac874df7cbfecbdbe3c59fb6d1539f782a9a222ad14c1d4f1a4a754e5177ee5c9216f8266fe9431f6ce326fd2bc688b518a6d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EB0KZ1Y4\config[1].js
    Filesize

    20KB

    MD5

    0da7bad639c9828c84273598339511fb

    SHA1

    2ee9794740d4ea56bd21829e9539d2067f1263c5

    SHA256

    ff2116fbf9a6da972e9300bc83769cba96e14592c428fe98f362f1bfb5571dcc

    SHA512

    7616567879f3006f5d57b1f73898aeb274b74e550b01a870bc907fb74193344331e2647aef533ac9d18ce76a8d9ec7b03a4926f968f997b4d8bbeef61ce2d162

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WCATT3E5\common.bundle.36da2cd89d0ee7a41e609539df668b10[1].js
    Filesize

    262KB

    MD5

    26f10178cc49a1a52d542e91232f20cc

    SHA1

    1ccf1462f667b72e790ff5e339c2f8f07fbf20b4

    SHA256

    1913e5fa80a7d8af37a54a38b9ab6b0774076fb0fdfab01e0167c253e4d1de48

    SHA512

    2e16732d034203ed9885381d5b72b07937f03c929522a7fa25c8744cc74151ee5ce44359bf060c51be514eee95ade54a7fa7b7737245b3926671693928d0acca

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WCATT3E5\realtime.b23ff3c36dd0169627f8e54ca1621eca[2].css
    Filesize

    337B

    MD5

    23160ce2574c610ecb597f18fa8236b4

    SHA1

    de6a70e48d7864a9218c1a9ad5930c2a081336e4

    SHA256

    c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

    SHA512

    433adf82e7ebd7f0a1509498d012b5cea752ee1ea901dc568a566b08c06a93d3132307f2793c8a7e225142058a0574617971533c5229ada3143000d4a89f1a65

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WCATT3E5\signin[1].htm
    Filesize

    4KB

    MD5

    a60b19e7766fb62a757686676ee48293

    SHA1

    eec47998d70b0f8bb772420e73d3110252a39b8c

    SHA256

    6d5a4d95c9bc19640d41cf4db45e5d9fe256e2f30aa2397d5d0af76f6f0105ff

    SHA512

    781ac21224250820d7cc83af06da89d8580699d999c9bb87cc71f55493de78a4dc4566bc450f06023312f302fc5d9e2e04502489cc6e9a005b7b30524bd25b18

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDD47.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDDA7.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit