Overview

overview

10

Static

static

1

7fe5151f26...8.html

windows7-x64

10

7fe5151f26...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    30-10-2024 16:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7fe5151f26e7117e1a22716372207294_JaffaCakes118.html

  • Size

    47KB

  • MD5

    7fe5151f26e7117e1a22716372207294

  • SHA1

    de18fd9c739dd8ef3feab067d95578c5c4b90528

  • SHA256

    7d00442af773ada97ed19fe3bc4e2d46daceb2011aef9c2dc752f82574868c2f

  • SHA512

    ca0656c64c522a7768b2d5dbde880e0f41f46b0dd4ab5efd9cfb82085e0ed5d783f57984888d8313ad555f3a8bb4039762a483676b37d4818c41a278c3de2bfa

  • SSDEEP

    768:pDxUtUKuIMkUn2sVwUc8oUUU0UY2BQQpTU4QkDUqQ2UrQeDUpQkUJQPQU1QAUUQC:ptUtUKuIMkUn2WwUAUUU0UY2BPUuUuUs

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Socgholish family
    socgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\7fe5151f26e7117e1a22716372207294_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2444
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2444 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1664

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2364ac436596c64da98fa985f9013237

    SHA1

    9d6c5fa9f5408c1a036598e1e84084f62c51b0a0

    SHA256

    0f3b07aacf1b8801d6c96e18a39cba739cbb9a9d64022dc49daf8521ffc93ba4

    SHA512

    791aa6a62d566286a964e365399290d0f814f46a58386bde283bd16832efc3890e8e66d0457b9b38bc98fc272ad5d78c198ae7a30ba313306a153f8e244bf49d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1a41544bf4d69bf6230e263e37bc1073

    SHA1

    1f7f6705d882e0320714ceaad5fc55a04050df8e

    SHA256

    996ae51faf5a17e5d9a2256aa4b308a34e139849de0c270cc6ae212919e7f379

    SHA512

    8af90346485128a2aaa0f16a1380cec998930c0e105ce91c8e1faebfafca8fbc7cdf244a9aed8ac63d48bbdace8fcc45f4ed0985d102a543d38bb05297e97efd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    083c7b4dce92f601b08d748863f13a3f

    SHA1

    80888e86be6744081524c6a39475df7d8186f946

    SHA256

    67fc3f1feb46b5c876c05355e540e24bb8057dae2a2bb774cfa362416f10a6ba

    SHA512

    657bf1f634f3c59c5437090e662bd8d3950ce2fb5a95eea123902f5617daec6bd0a2b22339a28d1226802564b4e06e2588a55fce5a2a1021a2cc37bba04a7c52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b1808e9a8c1bddd845888e67e568235a

    SHA1

    a65def840cf9524deb3f45eb58c3ac7b16d3c974

    SHA256

    952f72f6eccabf8501b6862cb9bb89a1cd405499a6cff52462b3251be4727709

    SHA512

    93c98b3600816384e41360970941b9c9104d744366f764b40c45b48a2cfd0e8a885f9294e5a7520e85797d19c2c1bbcb34d2c186f52b81452cbb26118bea8551

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7b1bc748dabae6abdf703b7066c16004

    SHA1

    e2d4f55f46cf329dece4d8a59073970653047653

    SHA256

    881598f67a96820c17568de44f6be235b2694332c5690f755a8d709b7b71d7cf

    SHA512

    2d3ff0bf1690ae8b9a31739bba5526ce99aeb47b6237cf1632fc6742984d6e6ccba5aee47543427352014e4efcea862750576cd4dd3a435ed3eb6ed841a5cdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8bb09b6bb088688621988121b7502ca5

    SHA1

    a461c24b00649da7ef2ad65d429cdec83008bc86

    SHA256

    ba535e7b84fa50d5137be6693d7b0bf31efcffc9e81479e136b39bf179f677fc

    SHA512

    7686e2aaf4d2e7f0e2a43e9f59d317d4be69651888990804d123dcbbbb324ad29780f1fdb34f8593d835e9239d01cb912b944e0d43657d808cf8028ee76864cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14e787ebdbc06017d24ddc8a54cec10c

    SHA1

    1e0bb2ab3c6bae65bb0161b288b46a230a2f7a43

    SHA256

    77d5f40e582ca8966cfb8508648e8a8359d9a4db8341d7c961f37602ff52cec2

    SHA512

    ca3e329a8d36c8cd668f9e3ebc6a581a8d3674faa2a1d6bb72ba5dfc513e8dfaa351b7279bf9aeec102c05abde22674a7f24df197576f12eb86feb0c099976f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    11084a06010b391640841dd2ca23693b

    SHA1

    9dcd58f8f63856a06ca66c9c1104d7256a0bf70b

    SHA256

    097b2df6faf44d766efd17214860a40c12b2dd6f0dd5c6665e5a8853e870aa55

    SHA512

    1c79c76710a0ed9e1beb6dd07b9fca42b58da2c55e9104824c2c44c6ae063fa93e576528f15f3a0fa90711a9c507cc439f8dffdee502a89e15808b290e9a00e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79d821df41aa51b6588188465441cc9d

    SHA1

    d2b480172f9f6db2741f1bc3a437aa272e27de87

    SHA256

    f80cf1b90bd8f0df173301c3c4246a0b1fac4a85332cff66feb49d57a652a79d

    SHA512

    eeec2f28e2ff1193197bbf378ba207b16fd24012b93ef17d8b6f27730393f9c8f832cc8b9c38416ea2f7a12bf09ac5b35fcd4b51ae6b466d4b65d08c2e202ea6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4f90f1d7e3b264b51cd82d1eccd814b

    SHA1

    9450058c47b730e2e2edf40bc1e1b31d3ae83c8b

    SHA256

    d26e9f140b98c02df17ddf9565a51e35eb79d1e30dbfab4d35519a1d46f3c159

    SHA512

    656d557ccf3db9f836a9c5ca9ad3177a5cd782e7319b922c6fbee690d3b954f6240ba7d5b0368558135e29c6308e99d9631da4d8f57d857c0d6909776ef423ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a5f99bbb019cc6dd0b0134da2829bdb6

    SHA1

    776cfaac5ed5dc83912f3841e9ae4cfe42ed6030

    SHA256

    dfed7431432791cffd1b33c5299721490553e2f796afc43434f21dbd60616015

    SHA512

    fdeac95206f1a6d31fdcafad1924d7dd73a5cee32d66db2041fa55e4d889ae5131e02ce5cae2bdb12557125b68ed14d6bf9b8e6c96ac5789e8a029eb2db616b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d5f6f9367f0e56a670c36d344ca40e2

    SHA1

    fb08c73ccaa8717192a73a40248bee6d69ffdef7

    SHA256

    857d127b933cbc7c84a807fa09a50e45bae652f0d266343afbae7e79c93a2b97

    SHA512

    e6b79aae2f444169240ff02bfcf258855a727d7fe166206f47c548b830775b0e228c14382e3cc217fc084d86603a9a95408c6823b9d6195301a6bf4f25ef2815

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6052496a225c3a4eb80b0ad0583ed54f

    SHA1

    80187b634e061f4dd7820e157c880b8cb512d32a

    SHA256

    5040068994834e1757c980a935ac7be2d218c306c173616d4fef4d6dcb7ae676

    SHA512

    7340bfb3470d22560b0a786420b071d0759b68f3b4433a4bbf0e6f3dfedbe707c0e36cae84338cad32f8e5b0c3a1255b732921780f790fd4b5e1ae846d22ee59

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f61335b4bf2e9638e443b6e38e75a8b

    SHA1

    1d4f41dc3d131c2c1faf77beec1eedb04a4d5959

    SHA256

    710afa6ff1d8910109b3512a7362775a942423086c95957053e6e69766bae364

    SHA512

    cf87b905d17e14d518d2d7fc7b0c26a76a02079e062d1a6977d443ea06eb68eed9248adf84620130fc532df592cd8a585b035be36b5243a4e08c8331ab57556d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4fdd6116e4c8c3a605d8a28dfd03dc98

    SHA1

    b1a123267bc89543846c80e7a9b1a6eba46adf37

    SHA256

    74edf9bab36bed7d7844e5444861d8d2273cc6d775f9014fccff99bce2a716b0

    SHA512

    d1a5f5e8f7def9579415382bbb375dfcc8e05d89369984b2c75c59ef82d42567e3cc6f17be30cdb46d410871f48d46dce5b6fe98c6709070dce92c9e8a7c4d18

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJB1KT77\f[1].txt
    Filesize

    41KB

    MD5

    11cbf7ab83f8525401d1e8570dc6a0e1

    SHA1

    e33ad5135ca52f4d4562eebe12d35e3cc38dd2ee

    SHA256

    07d1653840168b58c69abc888a1c655c61e945026f411bf7573fe8781da95ba8

    SHA512

    afa233867caad11a64f2fd37463b5e3bfeb50cd0a80197f8aa78d953b3e9a9d0c1f7eabe9862267ac2660abfbd7f68d1d7cb3f95de6028bda3e48b8b538dcc35

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCFCF.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD06E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit