Analysis

  • max time kernel
    141s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    23-10-2024 12:22

General

  • Target

    6ee43cf9be7103bee7dcb9f842427254_JaffaCakes118.html

  • Size

    48KB

  • MD5

    6ee43cf9be7103bee7dcb9f842427254

  • SHA1

    f5fbbb94c75aba0fe2b1608ed37025c32dfc353e

  • SHA256

    a12f746b52d574af8f87e619ea55f707c025fa81558b1ac279181b095f276df9

  • SHA512

    c29d7fcb53de149113a10a3261f0d3752479d16353ea9e78334b07ae5dd458ac4a360dcf4a8a3c5d21aeaa4c88db2271952d5ec87316e8b662771d58b9cd35a0

  • SSDEEP

    1536:ptUtUKuIMkUn2WwUAUUU0UY2B+UuUuUDUFU8QU5UU2UQU2UzU2UwUFUOU+UnUDU4:PUtUKuIpU21UAUUU0UY2B+UuUuUDUFUj

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\6ee43cf9be7103bee7dcb9f842427254_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2524
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2524 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:604

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    29a4f8d73c6d51c5091836d536c8e8a8

    SHA1

    39704403ebde99693e45734166419a4c9c8e9e54

    SHA256

    e9e920b872ef1206bad62574687eae1e4ebd1c7247fdbe33ce4000820ce86e97

    SHA512

    73e8d0e326f65adef0a5ffeb02d06caf88698cb77ec0b012f74c3992cc89d6ca19cedcb3ca7391dfae04190c24873dbeab2d0d58ff8e3be4a013fc91b07d2083

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    799909d47ac7b3552db11c58bfc05dfa

    SHA1

    87624c18803d137e26b36b37bc11e084446fd1fb

    SHA256

    d9a9853642c7236a4f9a02bbf8bf9281a6a26cadfd0812427fe076a409271ade

    SHA512

    57f3fe70eeff5e46fb5c36a5ebf721bf20d0221ab527dd9be516ad33cade54e9253f2b237752f47e953fc418501d444bd398842ec7dfd8e4bf815c0eb35f4f3f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8597ccc0833581bd3d55bb2a99d3ea2a

    SHA1

    addedd662b992b48488cd7e599d206d92a8348d5

    SHA256

    c6b86cdacdfd994a10e34d6b8b5b91df3f14a23de2dc0d801853913b12e59f49

    SHA512

    90dfc439712fcdac9681a7d60e9670d609ccae55c45dec218806ec620b94782b46eb09cf54e6ab7d9483e7da55ffccc033e39b4116ec75a44b81b30b95fe036e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a95bb6e8992c34267c84df365df26a52

    SHA1

    ccc968731ba88d707bc00a927c5a13d2f396392f

    SHA256

    99e678c236d7fa2ab7c4d97b2553e81b38ee5db5f7a9c65f6e4ee54ecf681a7e

    SHA512

    dd2f5af1e94d3dbc8ed20aca121305b20306b7937128fcc4cc0ec3117bf154e4ce6550f3cdb229dfc18ba760c1cfb27edd364fa555c3a545ddb5f4bc40759ddd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    01c66969f6f7ce6e8b8f50a08de640ff

    SHA1

    923e3515c96a56a901e18b50bf690c7e60ae7897

    SHA256

    c21419b77c85fb242577707778982d3f130f9387de6e912252c9e50ab5c524d2

    SHA512

    6fd0f15336443ffcadf639bef16951c4b79820e9261f5ce73f435b1971a0b620c6110054ce8d346668e1f542d7ff13a85f219f98721610ea2fba22720cd44562

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8ee405860228e7a25fc24e049376ca25

    SHA1

    ed42e6b4ced018c70133839333ba537ff080f684

    SHA256

    5f62ac7a4fde46b39622dfe186f8bd978acbfa8400438e6571f0a2afbe9dc2ce

    SHA512

    affbd4490e0f64f898ffd3b43c590692a716ac8e33d8cdf2262e150198fa9bc3ee0845904b576564b0a540e59c4adfe560b081847f39e0a37d00986094a85393

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    50e95567da53195df3b0761af6c2c7d3

    SHA1

    3ae4503f1b6b924cb85a161b0b664e9ab8e5716b

    SHA256

    06f520dff7a5d0f3cd08022540589f71d766b55b2ebd04bda26d868aff783369

    SHA512

    7632c0f7f2471400ab4e782c61b2a8b889bbddec4f9d300242c59253b952bda678a6a45db9c5fba08cf2a1cdf7ca0f826b132defbe4ef0dba0a19a7a1219725f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0fc4cc46ec6870db08e86b2959365b54

    SHA1

    02645c13c5f9dc42a423e0c5d58d427efc92e135

    SHA256

    acad93f5476122ef477ecad5a6a2e56cf5285a59af75f8bb7e3d1205f0afe6f5

    SHA512

    fbde126e38eaf9ec37658da16c20bfd0b0384e6689391a36dedaa85d1e7b5072078c81e178e6f5d56145d00adb6af40d2e0e829d91c1561163c99d96cf5c2904

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2e65d2c4ddfa0ae42d5785ea0c9171d0

    SHA1

    fffc9704671d1d844f82e6bc5331b7dffe8467ec

    SHA256

    8bac17eaf8330b3a150ac8d0d531936a3398fbe2ab13254f47d82c3c1178d13a

    SHA512

    5906e38c40c22cb72dc8f18643d6de1ca720182acbb54e2d82803c23e5ae183b03d115bf6e4f4f6aca191fc349154b4e49d7117bc73d63a6d99b797cde10da81

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    30d9445e5d01de510ffad289bb4c7154

    SHA1

    cb82268b15d03e20c26e9c3783d21a9594b89776

    SHA256

    fd22dd069d1837949ea7f889428d28076b422819532843a02b85562ac2dc59fb

    SHA512

    a06502220a84ba71e970f25523ce4c9acb4c3196bef39304035f53964342d63df3859b0533c9ef2045fabd3495669bc89866a77450fe7b6957525761cf317d32

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1f169b105efc3da9219299bd2dcc2957

    SHA1

    aa09e4c75426c425ac5bf560e21a97454e05b158

    SHA256

    92ba4563b96f1e7ff7d6eee53e00935d510acb9bc9479e3724894d45f0211717

    SHA512

    18b254e16a5e93d604d43f72c506877f942ae824445813db7f0858b93818999e4a242655da669e232907de09a71d0a8978a13e93bdf32fa0c36ccda7c2b4aa09

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    43b5688b37a9f0d662b79d3136b8adca

    SHA1

    b5dfc992fd87560d3a2140a5e4081853f80e774a

    SHA256

    a58a7e947f9d5895d3f5efd6b56012bd450ee56fab898637535d16a47ad7c3fd

    SHA512

    8a707ae2c491483294f4c5eeb2417c97ea86fee568395dd98701f3df1e6a032f1d9042b137556ee2daa061ba1fbe2bb8362c9b18c2da4faf3685d0cd8af6a846

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    96dc1c1872f1a8a4718cdd5b9f6586db

    SHA1

    6467bc05cecd841e4cbfd4436684315c14b63b00

    SHA256

    d3055a96ce63ddb24b520cbfc9f4d05ff2f77d11d8cbb4618183bbe1fb41e58f

    SHA512

    615f2cc2ab8d11e9ac7cbd43dfb2b4dca64bff2a41b534fe5685bc7ab33f57dac3f84a3556667ceb361865b106bbf0eb9878f738e1ebf3d8b74ddd39ef75546f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    662bd0172eb4c68c55fa376931b7a29f

    SHA1

    f5d75964540f31ec89959d3badc410eeec827414

    SHA256

    5aa02ca96a15f0a0e0fad7b4fa08dea47d9cf6f76115a093ede57cad7b3a2f66

    SHA512

    3903a52041a2c777210837f5ee99419d05e607d8069724bf90bed32c9b91a73d5f7337712513190225229ed4723425ff81b91ddd995033b9fb4d1ce616434d2a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7a1f06d76538084574b504b911aa515c

    SHA1

    d3e9693d513adb81c391699c1134a14221f0b664

    SHA256

    1495ac68c069ff6ddd8b0be0efdd48ab12e526ddb724e48741ec3403d84373c7

    SHA512

    38d9287c955d929418b07ea5c20ff3da64f2dd07f9634e9e7b30e61bf88332812d0344015bdbae722f8dd3a4c01f09b6bc216a2ca3b79dce038223a30b722361

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e88d8ac1e93ac4b63ca08bca586f2b51

    SHA1

    569cddbea33d47eb56e27a7798fe3e0246d7be0b

    SHA256

    806aa088e2331042a74baaa3cb17b3c2ce36eb316a724a8da91bbd27b427daf4

    SHA512

    7cb98103f552f88c85df8fc6d6773d7deb5f06fad83d0af6859e3e5766d10252eca6f95f52a52375e390435404cab0d69bd6d095488c2c84f9f138f6beeca55d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4919fe6a7118e9874cf35093be5b0cff

    SHA1

    c9834d7e5e0e056f0693b73749b0788593e41ff6

    SHA256

    976790407254ae0fc1826e1a6fe6889ce283d6822d860807a46a9355d83d1c2c

    SHA512

    5e64ad8dc1ba04fd48acd75d6031def3db190966b722e86465086d00ed7b7fb993ec9f00e08102c05eb7213a7837645d8469db9534bd86c6a928f97396ad7a36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    eb696953fef3c7f570b36d4cf10fea33

    SHA1

    4ae8bb78d4a8341ed3fc9541b9997c6e704241e3

    SHA256

    d1e01c483002a7fa7219443309b6d360f86d3f617b9f00ac17210d369149c8ea

    SHA512

    2c4611b5e755f040b6c6a4c395b3bf42d977d8add3ac6c5a36b71770f9aae2d73a408d76f447373858edaf625f048b6c8e4c0f0987edb41ef34125b6bfa192d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7adab4314cf22997b5e0a276bfc76f5a

    SHA1

    9f5e5fe624ec09e79ee7f9864b4ee82c5ed24fd9

    SHA256

    6f4b308983820fa2fcf5ac70df36fb1477276fb688d244bbba5ac25a88e774f2

    SHA512

    0c90dd96e4bfcbd51c8d9303e23de56633492dbec626a7f61efbdbaebc37ec2b1e10efd5babcc36183d83ef7c1217f951881d53e11f2c77f025f454775cf2570

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d736e1a66dd4e6f779c4f1e6c32a21d5

    SHA1

    af1f97ef0dd96baed92093fc97903ed0c63f8f7d

    SHA256

    4d9d25e4db1c76da10dbb027679f5230d75bf554d4ca0886eb224ad274521d83

    SHA512

    e189d288c90398cfff82f9c6cd4d55aecdd086114d23ed0bcb78bdd1373e842989f3d364687350188b5880adf4267a9da9524875875dbc16e7e7bb0d277ba52f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8f2cf742bb7b937b801d6d94eaab38e3

    SHA1

    4fc231f10a1e50fe3cc8df061cbda0156d541aea

    SHA256

    ff08b6051318a7f7d4b564fba5d0e0a75f5858b5825ba98aaa1d13dc624cb704

    SHA512

    b1accc2b415bc0df8e353c88cb5fcb4fb2511f8b79de307050cf6ec2b7fb229c725c3f1ac373531a0e064769d57afa7e339b7e6fe47a7453a78f190ed4da3bf6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aa9374376f73c93a454a2b836d4b0249

    SHA1

    b79067cecf4a1b0b52077587d05414c14cd27286

    SHA256

    98334b0693000aad50a3016d0e07e37255ba6b6319d16e2a0fb5b1bc4c1c1170

    SHA512

    711a69a358a44bf4708e782ca9af79187948e63b572630e983cf87a3df3e9acfb1caedd5002677fff80999f3d9d4db7d09fec8621946f7dfb3469e508fc1b003

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cd62585eec12873bff2fe2a851a9a4e6

    SHA1

    aaeb1712af09361bba8e233e5eae9f74e35388a5

    SHA256

    8eb1465ac10995e7e9c5f94441989c2642c1847d4b083a41a6a7a6ee225e327f

    SHA512

    06a6364580925f7b38fbcc378847bbdb4768a6715024ed3f5392b636f976c5f675310b46cc4d8795e1042033f996fe10eb91ac259e18ce0a877de38385e5be5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b5bfba519b580a0b98c2db018a64129c

    SHA1

    27ebcd88875158a0e040263b5184aa21ca0d1342

    SHA256

    a1d2e4b0d76f8ea95bbdb07d3a3cd3ec4225b2e62905ea4f0a930c7faa14629f

    SHA512

    74af87b01f87ff12d7ee4d11ff2bc5c4cd7938d77eb615042211bdeae622688ab027259b708759a3f6f5c92f0486e357e3fe70d7e5b4203eb53195268c4538f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0b1a66b7f1d89660143b37868a02adb4

    SHA1

    a2fcf6d7e5e1834b84db179dd79444f7cef77d5e

    SHA256

    408f291769036454d8889beaa556417cbb4b3cf9317fa99e56b206c385d5cf59

    SHA512

    241fccbb075d7913a8e9782f5701285497b398e774ac27b2714dead4112985a205ecdf0b4c3451af47f2da85f0f3a80ba27700750ad3c836144ed0dd999bf8e9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    386660e944dde1513381863fc0e0b8d0

    SHA1

    3665694380e23c4cb101526d0852a64cbb7f3275

    SHA256

    44775080c5c20135b823708e11b3ed050aafe25960fcee06866703663fd2fe3d

    SHA512

    bf3b97778e1f11c130f2d9512756fe8ba28ec498186e65a391718049e544bb72ee37ab4e9f2e921e563417e3f28fb6185d0ca64525bfd64a0e85377db1a78cfc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1aa0e3952636dc398a7f2b1c5ac69adf

    SHA1

    64680b1b12a776344316c3f3e99a753d736930aa

    SHA256

    7b75347225ea96d373bc4db7ac899600da76f7ff0f536c2893f4cc9f37f5d2ed

    SHA512

    c12d96678fd916d20f43bea64ccdb94320993355a29630ebee3f936e6f253219e424a79b3d8bcd96da75f53cc6338013dc4852aa34174d18f3f121a95be39aa1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fa79a01a83dd1ed2b7544a237d5bdc3e

    SHA1

    838c42886d60ef8c59e5572fd323caec0bd579cd

    SHA256

    af3767dc4e22f624fab97fd6f5720a51187c1e64ae971cf7e7ade08cffe8ced0

    SHA512

    d8b6a4cf35f9b176ed9d6269aea9dab61e11873c615ab3ea46d19f19f553622a05e87af44352e09287ecab57266e65a747d1323556be595f3303f330cb45107e

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DUME8XYE\f[1].txt

    Filesize

    41KB

    MD5

    bd6b979349270fdc04f850f767ac439b

    SHA1

    0006b0eb396c08bef19739f60dc16286b68d9605

    SHA256

    ecb62a841915a0c5a66614cd2c644c707f6057f77a4661c5144ae626d2f555a8

    SHA512

    5ccd7b605db4e3ae4d837becb7464ba725f374c0bfcd170c72334dc3220b6c48746f50b154772477975d6ffbb8a80e19858958042c9a8c74f0b644dd9e99bd82

  • C:\Users\Admin\AppData\Local\Temp\Cab9A1E.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar9AED.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b