Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

9424c5ff7f...8.html

windows7-x64

10

9424c5ff7f...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    24/11/2024, 10:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9424c5ff7f6b9db85936051bbc12a676_JaffaCakes118.html

  • Size

    129KB

  • MD5

    9424c5ff7f6b9db85936051bbc12a676

  • SHA1

    7962619837e99cc405733f6a6281f6d1789d0852

  • SHA256

    0f024507e712878ea1284d08720f2da9f04c872f2f0dde3dffd7afa12bda25f6

  • SHA512

    f87bcd65c608e1467ec18fb620411f8a6a9d723a34402c39d3ecbe632a4aa9eecd99fe4810b139239f057c1909291564337261ab9a95c475205e200a36f7d2ee

  • SSDEEP

    3072:SUUCWDxYxQ2PDxYxC2T/Z1sxoEpr2C7SeohzSNE7jfCqez8/3lu:SUU1DxYxQ2PDxYxC2T/ZIAS

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Socgholish family
    socgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9424c5ff7f6b9db85936051bbc12a676_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2112
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2112 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:2348

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199
    Filesize

    854B

    MD5

    e935bc5762068caf3e24a2683b1b8a88

    SHA1

    82b70eb774c0756837fe8d7acbfeec05ecbf5463

    SHA256

    a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

    SHA512

    bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B3513D73A177A2707D910183759B389B_C3CF9847C2CA003AA270AE473C534F74
    Filesize

    472B

    MD5

    4b50dc8421655700b94f6706c096042d

    SHA1

    8605d7edf403fcfdaabf59ba50ddfa81ceef4dc0

    SHA256

    d72a50bdc7c73d30adc5af35cbd043a7acc305cb27ab83389cd9f75387c079fb

    SHA512

    e9b3271453a4adf9930001aaf691b35a215397468c62fb59b65c8265d2af1c34556ffdd431505924b4f0f9db05715c3b9d9e1b511181dec98d4033c8602906f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    40c0e66ec57ecf1195efd26ec70827a5

    SHA1

    a3c28957259aa516c76f44c604bf75305734898b

    SHA256

    a6d89f32e945abee003f14d1242b5bad0d3b306c3b98becdfa57f374cebc49ae

    SHA512

    1a2df04e5215956228d426763bbdfa84f2dff877d0cbc78a3209747467e6bc3cafe70cefb7951c6ce2b45b3ac85aa4071922c492ff7d538c1e5caafa95b9772b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    70342deaff7e7570387290faf2d42fcd

    SHA1

    4ac054066937b16379ebcc1073f32d1a5ef08fad

    SHA256

    3048d76e946866549babb4a90403e9dfb47e87267732fecd32a709793197341c

    SHA512

    fb149587f4f5112310a45c39e01fd7c4338ab13d03b79aaec8e5fec3c4070429f5333329f650b9ef629b99ebd6fd28058d1d387892bf9eb780a78077c31c06a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    94a5acd06a83e173331433236e33209c

    SHA1

    1bcee0a7ca6854a65c4e90895b5ca81402d5e3e3

    SHA256

    8dd31d2e6b4da63ac7b88941a01894813115ba0395c327d4343146dc5216bc39

    SHA512

    0c84cc842fb744ad5b8d7509a00d4321f1755521b2e590c591789e933c559bcb9fbf3217b5b15316a030265bda4b73326674076efe8a50906032fe3620fa185a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c3ef1d84fe0c60ddb88675bcfaee5a0

    SHA1

    e5728bfba22f0388bdf44a56987640f2784890c4

    SHA256

    756a50c723442463ddc07e5ce140b14a7a9e5d10c872cc5812b9c0a5ff4af2d7

    SHA512

    664d9bb346385eefb415c318121fcef33c406882a88c8200dc83433fb6bd3c0aebe48bdc2c6fb8db131d37af0ad8e139d6ab300d355bdc9945e1063e4d483701

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    839bb51b5151d22d6c19d987c52b8cac

    SHA1

    2c213eca942fafd92b72ad55f93d3ca16f39352f

    SHA256

    2b0e4ccbf0659bdbbbe41ac3d420a8420d3dbea015f2deaea34632b9130e2048

    SHA512

    9d30f436be4f6fb07c626b157f87de43c234df692716c9abc252059d88d350bae188193795cd0cf9f899845394a5a534cbccc3e6fc9c811f3066fc7f170acb3f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9215cfcefe9ef23d07c53c20ce85f927

    SHA1

    b42f4b15c8540333a79ecd6bcd0ca72d3f3baa88

    SHA256

    466e56ba2a0b26f14614baca8307e2375989aca3571d7e709e9597c341d39ab4

    SHA512

    49c7f9e2b425d09feb007a39968f39b6f17b7eec5c506a68d9d3b130937cff884070e524f0365966a48457bdd9dcfe7f3ab6852807b799a5f4c46ffe2403c0f7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c9e0a484112255858e64e8a2d280d06

    SHA1

    22e6e4e4edacb690fd2098439de6441ea838379e

    SHA256

    42d708523f9c6e9354ed105b5181ad2d8c134f26755af29868345c14a3008a7a

    SHA512

    9f35c97a31e1a3759b26870cbb5c6d34f6ec6276d880edd4e51db8acbe50da2e14cce23e12c54f3c2268fb4b785b280264fda8b9a3a1d0321cd04a1081209852

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dd46dd31ba9cdcad12461ff420036dc8

    SHA1

    19b973d14d4197f5b3fe55de26403b097300bdb2

    SHA256

    3412cf86a981615fcc5c210fd0c63220f98ccaf9a9d09b901c431138c66930c4

    SHA512

    92397450fbb2b62f57bef7750c5271aaf618c11bfc09b958738484eca87719cfac315c388e6880a498886f851a4c82bbb1c0d4053a0d8b3b3343c19ff8ab8634

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8cc5ace9b8f4c89f3435a158326189b1

    SHA1

    806044d821a90713d7153a49be79bf5de2166fde

    SHA256

    1aa57b215f11fed4eebf5ab5fd7b10690f93ac3d5c7987b871fdc8993a1f307d

    SHA512

    97ae8e45a95b4f496d815d3300c7248e7268ddd620e843b5bf50879b9697586a851ae5721d63cd3dae8556e28e604abb0ba6553a47e2f2ffd3e3aa2488718d2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1bec14b81d83a13bcdc0ed4a3b8af815

    SHA1

    f8210d362ee37c0a7776cb4ef2b1dcd1f2a11396

    SHA256

    7b509ece1c2cb1cd19eaba683a8b9592474bd9810fb76d6140c43191eabb27f3

    SHA512

    8105f433b26f996e79464ac5e331aef47898fd057cbe330198635d940f776e767af9950680518fc18bac26cebe1f754d35cb539019eab153d56dcedebbcf9811

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7a6802dc095f34df60c1fc3ca65fcb33

    SHA1

    76669bdf1229144ab708c4c0494d38439e12ae0e

    SHA256

    79644700e3b379e0f84bf4750753be3cbd5959e9cb4643d0f527ed0cb93c8d45

    SHA512

    706fc53e5de269374d8a2f3c4d1dcdc59dcda38493b550c8f63aaedc2b0e26d38a63e7d80dca53e452ba207423f1e1a155e9b7ef0e07448c767c7125bc569424

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    af9546ab7d05ac47b3db98ddfcdf6ecf

    SHA1

    26ae583203179c186bfcb6360885d0e1ed92f3aa

    SHA256

    fab57169f95fcf7321edaca2346b25ff9a577d62fc173a5825811e2739c516c9

    SHA512

    1d46696109d1346bce506140dbff3e29723872356acc410c65fcd4b782c448821ccb671734d6e1b61e12b2201d4d8e09adcf898d914513d8614890ca3de593a0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDE8E.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE130.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit