Overview

overview

10

Static

static

1

5f83145c66...8.html

windows7-x64

10

5f83145c66...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    128s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    20-10-2024 00:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5f83145c66cbd1970c00541b27e45009_JaffaCakes118.html

  • Size

    78KB

  • MD5

    5f83145c66cbd1970c00541b27e45009

  • SHA1

    546440d8fd908325ba41fd7a1d19f662e48d3f6f

  • SHA256

    e8289109925e89e08a812e0ff0cc95280c9492a95c7dc4aef6f5435cbbc36a9d

  • SHA512

    4d07fa836633e72ae208957e33f652a6bafcb919368d28ed5f11459ddc9d255a2977eb3df0ee6d2ebc86076687d1ee0aec96852689eea8a614278d954aeb797f

  • SSDEEP

    1536:bTgZNpBqLwdBpNmXiR8T9qVef7LSjBu4T0xW:bT8pBqLwdBp0myf7OjBu4T0xW

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\5f83145c66cbd1970c00541b27e45009_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2328
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2328 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2072

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199
    Filesize

    854B

    MD5

    e935bc5762068caf3e24a2683b1b8a88

    SHA1

    82b70eb774c0756837fe8d7acbfeec05ecbf5463

    SHA256

    a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

    SHA512

    bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    014cc5aa41eaadb9cd26b5394a359d28

    SHA1

    b808da5571d4f753679072a2a82ecaa0af1ea013

    SHA256

    d03bfcfe77531bab686b432f2842ea435766bedfb634ba3bf5ae135862b132f0

    SHA512

    adf6631a3039186d9823a6b1cc745ceea3c1eaee8d51acd4ffb992f1b0b06f204f71d07775499181ff685d877b5c31b8a70476c0b02e521bfd88b4ae1ba793eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199
    Filesize

    170B

    MD5

    15cd7fac3c2141544cfbba10091b49c0

    SHA1

    9c193054bb1c9224a716b4b0a33ed555462a70fe

    SHA256

    4cfc6a038ef779d23a31f09eca32a42521faa5b6cf9471a11317e1738657d3ac

    SHA512

    269fb278fc869d3f96445f4094b19ba49085c537b1fea4f994c7d1e29a35a56c4e245cf417fed3cb02448c804d9be1a68c36fe380527568d1ecc3c012db90c5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    410B

    MD5

    8cdd62565d156b287fe8035fc67e16ce

    SHA1

    9a6f17ce2c0f766c53465972ebb97cfdfdec8921

    SHA256

    d31a0257eda042695fa9ce072e670375bbf9ddcde214758d34fad271d4583730

    SHA512

    e7ecb9cde9cea5cc449096a653d8b60220a2f4c7451735aeaf55cf7381cd1909a2931ff5bbd755e8e2d2ed29bf780f0964aeaefa28e1df7710ed3a4461e25c52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    84735eb925473c8c210d179f28e17165

    SHA1

    b26948bce655f6d0e740b275e629a395a6d860b0

    SHA256

    b33873e367a01aef465f288809275703fd92d08342e5d622fe76f24f1364e99e

    SHA512

    8bd6453a7e8c6abd684a806bc746497607c31337ca3f862ce85ab1b14955b1502ecf290b51c0435cb7907975875431da2925842b51c6b601be99768879f6739b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    819c3f382453d4403260098fa51b1e5b

    SHA1

    76999b67b9351d3947b6ad9c5aadb028c5ecf101

    SHA256

    74eaa956fa293b41d48dde3297562b08102470587ecdfbc7abb5b1430669f59a

    SHA512

    b347c2519bbef8dfe20d3e6f0051d4dd1a5e357bd0d05de6b9a0defa64ffbb4b133b627af8de6fde5fc59c0efe81570b34c4fb61d3f690bde0edf37fc7216544

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a6ab98cb1cde14e1d90e0934ecab128

    SHA1

    7a9d2d80ce716028ba09b65adb680be4c2f42e15

    SHA256

    f12337dac27081e64cf60048b0a19ece690ec7feb5ad8325f624d7eb49fe5259

    SHA512

    10fbbf5a9e221bcbd528363e3e01663c80e96d99944d4751e06d07e7d33f30ec8247fe9e58fb9e2f26dff15dd33e4be921a0a82e8af85a153edfe56bd64fd5c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c376ca1baa459665cf8f6315ebb4da48

    SHA1

    678d468062d65518eb650e622be7e38b26b9b402

    SHA256

    1aaf375e3b772df69405c354eb099ff3793e1712561e897d7972e61ae4c5a57c

    SHA512

    1c3631d1686cd9e67feacf54bdd311bb5ae1b59e94483f59b7d85e0c70a5978578b2330411950ce221194eeff1c266ffd4e6ba69142e362bf9feebda6264d949

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    09ed159b7c90d6b4566f3160fe6321ab

    SHA1

    c13d2e50a55b5b63d33b8b906731d012b9b2b773

    SHA256

    22cfcad7171a219d5f34db29774ec13144918d96690af5d3c251cd9e0ca22fca

    SHA512

    ea893a0939f4ac1eb756a8468380618e82e04ef9a8a070c4ef89f6ec4f3069c66a89fd4476ec7d2f26230fc816bffcc581a838300b6e5121dd8e57228a77ca1c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    370aa09f8c19d170dfac9b1f347adaf0

    SHA1

    b73dba98743e681649cfab4337b171f956cd60f1

    SHA256

    87669c3a434061b4198144a6c6054d3dc2409876d82912573ae6d3ed36417910

    SHA512

    475dced14aa5cceee4591bf4cc04b0b8d1ad8c29bcabcc4deeed4f799c23f739be312b58aa8ba12dd70691886af676fdd14b3947b7d462c475c9dc259f1056b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    84cc4d6c34e70582a9f213e9082ebc64

    SHA1

    e03f8e168d637db086e8ce2d28a5b6539d5e3e3b

    SHA256

    78e63f5701d68fe05b89ffa6ecb0942cbc2786b2cb251d81c78304287122ce74

    SHA512

    70d027455bec2748517a0b2ca6c34d056f36945a684cfa6e508e63e6e8321d498c5650ad45803c965ae4f66b5e72e51974dcebfaf5814a9e9f1baa5ce417d8af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2c7d6ca788e649b4bacc14b798ac972b

    SHA1

    5bdf23ab5b5f32177ae8a7f3a9b4e171972430b6

    SHA256

    47a50e848977e06aabd689e3986bccd541f76a68e554638c7cbffd2536131daf

    SHA512

    63df0ff45bb862325cebfa9fc77e6cf1f19a869455bc09c049942629027d18c942660f20a5b0f827b9da3366d3a2b4cf50a39c5c09d31acef5672ef47a490d61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c0eff17de9683c2cbf798e1a2d4cd687

    SHA1

    06cb60d50f1307be3f837e151989d125d903cbc2

    SHA256

    a66a26a401380a7e6d5759e290609b7ea03150d648af60e2cec9f9adc0a65640

    SHA512

    9f844d3d63a31f3e7f6881f3b1cced5ca9421dcb747164adc241b643539f63c660ca6f8abe5103a87cde4f0a8fcece7bba163886d4cda2b22e7670ef88ab0916

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b0423011329e6f7c4b8fedb0b7bbb24

    SHA1

    46417a221edeffcfbc055b2125735828e8611094

    SHA256

    9c369281019692d81ee68e8eaf865053838d0638dcc78fed659d0bed01e1e339

    SHA512

    40fcc1f0d9b4df11dc38a56759392658b1ee00cac0e737fc86c09980dfad775124a4b8bcd54e0bc6f55138ba8bf1ab94d25da4e6f09be0ac2e311e253c27c004

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3384888dc90493931fe015e6d8e34bec

    SHA1

    6d7ca0128b5d10a7460953490bb46daa0ce61540

    SHA256

    56a5dbe3bf5373e90fcf8b68a8c4c2eb513213aa976d7d19d181bde8bef28dab

    SHA512

    abf82f4af3c5eb6efc0bd0c11c1df11b89b39eff91d8303bae4e199f3d20564f74cc66b88982fe833b81ca80414e5ff7e51d24706923a1db026f2270c5dadf86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    791211c888a0bb2f8da327d134205117

    SHA1

    6c4904aec21a5fdae83bb42b78aa50ea77b63913

    SHA256

    f0951ead05f83d76361cb3232771556d0bdda730181361fef568353a9a0fd4e4

    SHA512

    0e455d0a0f1e8716b2b045f3c1bc8f6eba41fc1158e6f48442113aa5eaf42569b575b96577513f35a4786638b4d3c3a250a85df4fba5597e9870456f166ba773

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    677c41c4c78d6a31de087fa6ac60848f

    SHA1

    943a02af744d46bf9529fbd496c229fba1a2fec8

    SHA256

    5ccfdc2510f29ec8fbce0018e39f916c8e79b22b14349401a2f2963e67be630a

    SHA512

    2b7fd5247e16b4484402769213d142a8e1759734b20d9af8460bbd0b71454a3a920621debd94c2437502cefef84c08ebcd7bc9d9b04f8f86d3d8d9c819f53b2c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8255d4f24397f6667dfc66f3ccc30ea4

    SHA1

    8ea005ac55968ba8912cb3225b45a3ceb318ca05

    SHA256

    d174e4805b7396a26463efd61feff1fa08506fdb3ca6683e4815feed766cca74

    SHA512

    3b7880315487e4542c69f3d7e19de5b53cd6e914bed5b713ab71dc0998ea21bd45513562e21b277814af8a0f39fa2ba00169fe98d9e5279a636fcd770df4a9a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    df3fa6a618bba33a7dd7832bd77a0ecb

    SHA1

    ac5096f0fb50546569732e4d65faf7a61d49ea02

    SHA256

    6d3457e3c25284cefd9dd84a6bef213a38d033003e406ed234af3853754bf18c

    SHA512

    e6e73f0671d3e9e9c70ecca9887f37a2f071ef1cd6ee8e0a1485fdad5c0837029444d3927d01faf928e3ddf1205af01337b0066ef7e53b990c58cb1161ae0eaf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    73e2287c47ce0a824cfc45832a79eeb9

    SHA1

    f37d55cbba722f604e16a001b25b1c88fcf74692

    SHA256

    18680080ee36b60af3a28a36bc604a0e864e83f8462d96d791b0306c3103587b

    SHA512

    3e8fc7f336ee755f5cf44f5118498540a11940ea7678d9aa7b07106e4a327eba34f3238620bd138dd918b5ff6512f466dbeafb1fa9557b12c60ea80ff752ea1f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    622e379d0ee8aeca9a227b85c7567777

    SHA1

    ae23de21b9b1207e5253e4437bc3b8772433edfb

    SHA256

    30480ed96b4a94630b31e7346028c31fe87a9e648554b43878d2f8606edeb198

    SHA512

    b34e58b54ea416861fe5188ce448442619d66bb34f225053ad14cfa84894a33e0f17038f16c87832bc6b67d0aed8d1e201c1f1fb808fc5be7743169b0cf8c306

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    102b09cf0294893193c14007f0adfa4b

    SHA1

    57b1eaf8109623730d04e65dd1c019b20bca39ec

    SHA256

    5077a24cc6e48c553f2241bfdc368ec646265656ed0245c9f3ccd9fe2c902e27

    SHA512

    41199d1324ae46ee68d3e1fc47b11f4c6f3ffc3f17818f0e58672a05266c0df3e47424a33ddb86e44624a06c0901ad72a895fabae4831eea3f003a9654a3e27e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C02877841121CC45139CB51404116B25_9462FEE0BB0AB448AAF2969AD544DC73
    Filesize

    406B

    MD5

    916b415aafce934128d59fe870aed7c0

    SHA1

    cb8dfe2c86281eb39e6fa8ae7a4a3b4bae7070cf

    SHA256

    1b0499cca85c3cfdee623d200785671b9992dc78e7f003974665a2c52d1a6e4a

    SHA512

    d21ee6a4fdeb254f50fa8cea65d34cf68837795aed4a8d17be3b5ef35b4b54338c5574ef7a039eb5ff9eb59aaf44966ecfbdf92a3acbc8a62bdd48052f3921ea

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DUME8XYE\2254111616-postmessagerelay[1].js
    Filesize

    10KB

    MD5

    c264799bac4a96a4cd63eb09f0476a74

    SHA1

    d8a1077bf625dac9611a37bfb4e6c0cd07978f4c

    SHA256

    17dce4003e6a3d958bb8307bffa9c195694881f549943a7bdb2769b082f9326d

    SHA512

    6acd83dfd3db93f1f999d524b8828b64c8c0731567c3c0b8a77c6ddcf03d0e74ee20d23171e6ceac0c9f099dce03f8e5d68e78c374da2c055973f6ac2db4e4f9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NT668XG4\cb=gapi[1].js
    Filesize

    66KB

    MD5

    aa012028297a26c039c37ab25a4bd17a

    SHA1

    25f23d01b5f580c00778e1c010225e5b8c73b66c

    SHA256

    55cd2316edf7159b623e4ec2c9e3a334027c01e2d1cc386f833ebcd35ed87b38

    SHA512

    d346eb082674fc26d562da9a12f36ad2cc7db1f1b35c891a8734284cf1bd052a967137c1281982070688b2bb2e06c7f4967d1c9397311a31a11a8560b9c45fd5

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NT668XG4\rpc_shindig_random[1].js
    Filesize

    14KB

    MD5

    70116351ebc507731f11cfb8653f69bf

    SHA1

    667d48cd3c244c41a84302056e5b14140045acd3

    SHA256

    e3fff060584ca9c8eb12a6925252c8c6333622f4e6aeae8417449bf0ae355020

    SHA512

    a69875a52b635e7a561cfe2c7f4639bc122be434989dd39b37ab8dda08b49aa4bfd681c572628e9dc056c69808d0a03e2c6b4fef88db20a59ca73f097870aee9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabEB2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF90.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit