Overview

overview

10

Static

static

1

63e1f0bd02...8.html

windows7-x64

10

63e1f0bd02...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    20-10-2024 19:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    63e1f0bd02afa09c26d25584e2c0be28_JaffaCakes118.html

  • Size

    131KB

  • MD5

    63e1f0bd02afa09c26d25584e2c0be28

  • SHA1

    dd92d9a781b9b9aec31c71732c6b585edf59363c

  • SHA256

    a76d31d3846c925adeb094da6c782d71f44205174f5f53fd40fc0b85b206381f

  • SHA512

    1a881251702f7ebc61d2d89728a39427537ddd961e40e9ad3c9e2c1f937ab2214e8ad6246aebb5ccf20a5596e568c17099608a2393928628323f1b597c53f8e1

  • SSDEEP

    1536:jq60s6mHeaGBe8MFdUnOjGR9ZgD8ujGRhFMEexb6w3qltc8LUBGQw4gJphEry8k4:j9oemOMZjumOIZltcSFNq8Z1wq9d0

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\63e1f0bd02afa09c26d25584e2c0be28_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2524
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2524 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1476

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cdc5f5ea49e9855a788cb82fe422b12a

    SHA1

    6640c31d8ff3d9e75a74e373ee8370be76fe00b7

    SHA256

    ba97af74e1f6d923513f53ad5d56d7012b91989a2bfd38fd7f6468427c6a61c1

    SHA512

    e0a0a3248759ab1860121b369607dd59207da8661f6da199110accaeea4a90de1f5bfab0ad614c1846340e84f52be09c1cdd5ef4d997bf8a3ec8556707b47481

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a4dda1c3e12f2bbaf17e3b382f4a64b

    SHA1

    80dd15c4ae782cb0e51fac608e2e4ad649102071

    SHA256

    2d3938519ee56c75bcbbc1bf5ce2c76b06fa54f9fb4325977c0158e88d3d7d0b

    SHA512

    d1cbf1da0c448c339faea0e6d43687a89bd321d002e9ac3abe67758854adb8349895a486291518d2f93d8e4c9ce8e42777172a75102139aa79c9c1bd7b3fa079

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a6fdfaa307314837f7bbcbff3ce75db6

    SHA1

    d6358b241676e4787ca9e6c6378b8fc93b63e875

    SHA256

    c93bb1047ab1593150d31093a850b1d7c29629d7c48aaa686766130b02bfa2d2

    SHA512

    692336e333135616b5f35668ccd05d40189196af845c4cc9dc7ca28833225c9944c6eb0510a0ce9b6053babb9381a3f5da505b5f5b2dfe217f96508ea1421296

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1deb1b91d2ac159539ee07e7ede2d8e1

    SHA1

    1ce14f4a2763d36f4d34ee4869c2b70b54837887

    SHA256

    59c92f76a77d2eaca53a5d7da4534d5504e86eca0f4f47cf8a88eef5052004c7

    SHA512

    70f7dcd51ed01f40e0b86322e64d8371f603d917c2ebe7beced6f823dc79d37b40d2e1da72cb5becc81d13c0ce4f07f8fc730a4453d0a79e4cc2722d2944d4a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b17cce665945319dd629c363ac97d554

    SHA1

    53a00875eaedf74ea4774c75b7b44f02d468d058

    SHA256

    ba03a3c25c04941ee8fcd9b4bf868d817b4e1f83e3ee6c884ade056974466925

    SHA512

    4228c2ade7734eb5959cd60e392241436d14793c7bbcb8cd9700573cc87ea6d6b83a59aad2a61575794f374454afddb78facdc33eafbaaf4529e964e50f1ff19

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d43d142dac64680a27298c4d896fa59c

    SHA1

    a6b40c5c16175aebf87bedcfca81a5cc8e06aac5

    SHA256

    fa50ab1e8d2aa31446b007ea349e1bdc99ebca33e713811ae86b88c5c35836b8

    SHA512

    a3c8f08d77cdf1a54d3abc707257f45793e3559fe8187cab437dfd0c108903305f83f4324b7c03188ad4833668c367b1fab77c92a615b555b2936c479eea2240

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    72f3f397d780f6ffa64d5098b42347e2

    SHA1

    afba57086df57a8b5eec5bdafe6ca4903747977a

    SHA256

    40afcb29bade8c24901e12a2c46106d8bee5f1d32446f2233e37412db08d7d27

    SHA512

    dc436ddd84f8acd1a3376409381e51149919a14e23256b15460f794540b0ac07bb99f6b8be6a572c5934ebd79cbdf239d80729b2c2fca14cfad87e3650bbb567

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fe3ec182bc2e8a9f8632c4faaff9a596

    SHA1

    5a63c1458af6b5fb43285624287d3ae1ce9b23ff

    SHA256

    154a2a1c4ba65efd71b42a695dfb56e45fc5aedf2f31888ff182ff2e07e4f06a

    SHA512

    1580a9c555abe6654285c76c3a2a433da84cbe4593879169384776b6cb5105abd345614aebf90ddec78e5b18c30897f1003b629e1450adcc885a50e7ec208a92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd1727efafb2cfb26a5bf57f13029271

    SHA1

    cfb857e5f57f666dc0bf52ee0ad353163deef126

    SHA256

    266b5f3983a38c61da7d6741421c9c082b79847bde74a99e6d987409abc275e3

    SHA512

    5c51fb9928e790d0281f1dfdbfc765ec67dcf741f3fe79b6c61d50a0fa670b171c9592296359573ea6b357b0cec84eb37d70af9a0c683dc3ca82620e2c5d1481

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2afcd35ea9bca47c9c5b30b086a0288c

    SHA1

    290f22f12886950f2a5337c8a91ba8dfe114cb20

    SHA256

    3331610a3bea6aa0d884de6191f4fb6a7f0468a847044273e99fbd92dd760879

    SHA512

    1b973c0adec53d0e36ad079e7e44c7b0deb3c09b274f6e9e599998aa14ace3919414858e7a9f1b588c187baa9a5b3a8c330f48a2490677188caa47c33ba213d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e43d5b2ae186b7bf813e7e5ea5acdba0

    SHA1

    cc1ccae61c54053bcf7a4586aea3d8d6eda3f6f5

    SHA256

    40b9b2e8ec56ea5895536dcef8a318dc1917b2bbe9f4b9cbc65e065ec1bccaf3

    SHA512

    7066b3dc7e7bda020acde666c21891cbf3b447d37dfbe01fc0c2223a9d452000d6f098fb836c78471ac507289911ac5989213a38ad5e5e0a84b882c1b10d47a7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    01dd503ee0ed8b4c04afc1a1264d5275

    SHA1

    9e8ec7eded0234901ec6c953497dcce6696d4534

    SHA256

    af005024502763e1cf2ecc1b239c8a78b6c851ee327f9fdf289cceb6278650dd

    SHA512

    63f797f4baa31c8bea7770788ff32c50051fe747b29e686c78b6f147801a1946eb3151aabea9cf4684e1e32051ecdb93de3e8ce35a45ac08d8b1f8f8a252d134

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA46C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA549.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit