Overview

overview

10

Static

static

1

92ff1139b1...8.html

windows7-x64

10

92ff1139b1...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    24-11-2024 06:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    92ff1139b1abd2b885fa5765c318db26_JaffaCakes118.html

  • Size

    156KB

  • MD5

    92ff1139b1abd2b885fa5765c318db26

  • SHA1

    73d2e3e6e99e7f6c99a5b1c755981c31ddab8d0c

  • SHA256

    f7ae26ec080a2269b047ad6771a743864076c6056ef09f6826e2e9ecaf1f883e

  • SHA512

    d23b41c8fda98e14c816dda64d031a88253850df293c6f0fa7430c16b7745db9bc69eea4cc9e905dfffafaf337ab6e7f3d1b4ee1d7add1d11c5a1ada0109c02d

  • SSDEEP

    3072:fIx9UcjvG8rMUcXmNRS7vaCCSIi0od0n277L82xc4K4vRmrFUkxDmZtQU:fKGXmNRb205zU

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Socgholish family
    socgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\92ff1139b1abd2b885fa5765c318db26_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2716
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2716 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2736

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    d7ac55408acc84f15078fddeae74839c

    SHA1

    6b5f20c8f8871e0d57acb5996323ec63ab42487e

    SHA256

    24ebf5b5b342a8d5d4aa3b214bc9e30587e2680c111b6c46a91cb9e2d25c0dfa

    SHA512

    59b8caf3406b2636887371b9155f2815b134a23ec6739d824d958433f2049452ea773ab1f762ae193ac7da31b36d8b65587075eea049574440d98c60e56664d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    77db217e3a92e33720a60d06be760d75

    SHA1

    b2791a9c4e1d06c37211852e8522d3aec4d696c1

    SHA256

    c8403e7019b31b8809a245b3e33e19d08ee9e6527a156c344a123e0941e42649

    SHA512

    a3fc4740c2456790f7e1fc30d26dc81e33c088ac0a6e3104961cfff32db1feb0b3f1d64e8dc852fb8fb8dc642043b63dd51ec465bcea5e6b8862f792fbdbeae4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cdfcab4675fef243e2ca39aa0147b5c4

    SHA1

    c6918c506ea527bfd4903c64921cc89a45972964

    SHA256

    4443326d7db719acc4101be64b031dbbbf49b17e47c0234f91d43f91a193fd79

    SHA512

    cc1605c116cd853692fd3645c11d021b1783b0b49b7aab038c92764db0d71c69a3b0c278530d7d6d82311e9b305aac963fec53fd7f43525b4d074cb48d1b2325

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    12d285e982ec210857f58cf81c505b5a

    SHA1

    af2f0779f64e53bc2874ff5f3f079aa7cedeea5d

    SHA256

    4cd3b3b409ac43315a25d3b0e9b56dbf0b81504e3b555bc2ab058e911769af72

    SHA512

    1d3df5503a17fbb5fe23c6baf428e58457772c21830320e3ae519e07468eba3805f9a374cf1043f6116ec7267128220fc6f9565ec256ae634e7273f911ca4c37

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f5416ab4a682c86425b6d5037491f6dd

    SHA1

    69cfeda202d9a67083d1f8b04e3a4611ef2fd3da

    SHA256

    d6b8dc789a7d18f8fa1af51d2dd84ab2e9bd70bc4cc16f67de59c41c2b897047

    SHA512

    0b41167198cdbb7a9e7515362db21afdc98264bf01436520c1570c3a4474514b30567606419d5385d5e5bdf47858c3bdfa37344b0b0ccbdb20e52036873cbcbf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f45f349f334f58be8c7b32c8be07b465

    SHA1

    0c34a34c71474f06af2e127dae025dbb954b6e46

    SHA256

    3aa34f16218d420300c1c4ce957eb1ec803c1ae11a0e3312fa8eb4bb555c3e71

    SHA512

    01fbe0f7884ed21dab8335eedd7e7e9736c9f919f634224fb38cf9354b8ee8007d0377031b02d32d840bca93681ded7c9c21747addc401345442f1f323bb9e3a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d01c6e29a0448824a3c6215f2c5dd8a9

    SHA1

    b3cc1c796ff0a124ef9ac01dc9ed0cf646ece6f7

    SHA256

    26aa0161e4bc7411b9f29b133daabb9794d6ff0223dd3de7aea945d2e5f69a48

    SHA512

    373bbb37f9c934e11ae42e94d1a0383bbc8e21bec497ea4aa4da5047a9c496d114e7b4f95d167a062373bdd29eb84bb302a7b6ac4ea919da2ea325f2b5c3fa52

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7cd9cf4d5f51a3e1c9792542370b65c5

    SHA1

    25a653e12b48bb203e2f51ac776eeed46a926008

    SHA256

    a2c693fbea2162ffca1949f2325a08e0e6b291eca5c485ae02031e660e068075

    SHA512

    f09e69a210043019ec60410a3d1b7b0d38f77a4bff4cb3c92a93446dc91ec3b5ec227145c5fa49308a33cdbdcc97101068afdd12e0c5445f9238f9ad44fc2295

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d24a2a61257fcb89d4e57bcc6ea5e83

    SHA1

    afd8fd31acd3f51525a9cae88237105dea4d8ba7

    SHA256

    92ada137f3259414535c792bd61d44eeae5eedba075b49b47fb80c6433f130f5

    SHA512

    ce36df04c4d9177e35cbaa2e5c8c30fb3fc1755bd0442d3693953168f8f4f696cf15656efa80c66a6214e28f159d7d807312050b41c994117c97d52be6d9e8eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2dd43a8dd1699b62f6b32e791522a4ba

    SHA1

    cd893c2bdea623e2ef591ad3bae7630dbca64e61

    SHA256

    c2409f5b12a1df897a14023f5821d0c726ff371b9842bc4ccf759b2cecc68ff3

    SHA512

    fc98ea54380ada24522258387a48ac857866f48e901651116b7e3d9a37c8deb9303ffaa2276a02e49b7a5926bf4993249d1665e84429e5d5175d1702f14cee03

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0d3e519446ace54f2da92f08f7aebda2

    SHA1

    59eeb8081ef5b002936ace4ce88bb3ee3fdf9429

    SHA256

    d14668087c59e9970b8f97739c4f9ca8d83e2a0c68d6798d7a4322a2d86a8a5b

    SHA512

    ad4511aae75571e26338a7b3d3e636d6734b1f35d8b2d28fc3b1a261d660f810e9ba4e5c280f04afd09097dcb9076e6b61ca23fe6b252c22c46138c9996f208f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    f51799a526273ee7e843e2bae93b9f67

    SHA1

    d69fafc393904e033e2fc05b60766e45da62bde0

    SHA256

    8cbe06bd0c6aefdc7d0de7ad60812384b55d1d0ac4486482ee570308b8405dc1

    SHA512

    dd2e144347c05d6c474e0873709d18fc20e3d084176acfbeb20a6eddd50caa2b34c0e7138db980f333add48f8fa9b9bf558dd325656caded2bee711dd91391e4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5GWW47WY\plusone[1].js
    Filesize

    62KB

    MD5

    2693cd35d818b48f4cd562c6abe0db29

    SHA1

    131c844eb658219966c722b60cc12c8a542ebe06

    SHA256

    911fa262008c6ef2bcf8448ad83a5aa8129c39355b98d957f5c7dde2babf9b7c

    SHA512

    4f692bd49811addfe89d14b156fed6513f04ec4be2629086a8b66ddcd6e7b8b7df149fa017173824c30f7492c2320a3d7b9c0344d5e1f7074742558125654f1f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab47BA.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar47BC.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit