Overview

overview

10

Static

static

1

9ad502d0e9...8.html

windows7-x64

10

9ad502d0e9...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    137s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    25-11-2024 10:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9ad502d0e9180bd9f2ab129256508dbe_JaffaCakes118.html

  • Size

    48KB

  • MD5

    9ad502d0e9180bd9f2ab129256508dbe

  • SHA1

    8d271d2ed36015399606c3d524eb2ec6890b46c1

  • SHA256

    bbe3dda4368818ae89777ac582974d9b019096a8d7f1728627ccbb9791e69337

  • SHA512

    fab11908d363445faa4f651cfc4792301785e1253770cbc791dfde7a244d443d8bfc0d94e89412a9aa39b1ff7a9653da9cb77809126a0a5710244a71413bcd57

  • SSDEEP

    1536:ptUtUKuIMkUn2WwUAUUU0UY2B+UuUuUDUFU8QU5UU2UQU2UzU2UwUFUOU+UnUDUo:PUtUKuIpU21UAUUU0UY2B+UuUuUDUFUd

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Socgholish family
    socgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9ad502d0e9180bd9f2ab129256508dbe_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2172
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2172 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2984

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a8ec0f242393a3566633e4214279de7e

    SHA1

    18f9ce686cd802f3957f4296b278d7c25d2cd7da

    SHA256

    b46528be36f74cae954953165dbdf90aea3d355390e431781141d6dd73bacb07

    SHA512

    1977fd9fc87161449930c10495c5a93d2b6d4ef71e33b357b604f9a6385dab5c87c989277fe7a2b44137a7ac51c5ad3f6edbc3075f1e7f27f28cae80c627c72f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    19368374366d384fcb73cbb1c8e95607

    SHA1

    234949ce36bd9080130a88058a2c8b6b68b789ed

    SHA256

    c0f71b653b3df2acf6e465a049bc71a1d5c958136ea23b171e8a4524658ece13

    SHA512

    e7ae170c7fb9ddf94b861107ff5f41a80be4ceee713bb08ddd497e95075213afca61580f55d88f3f677af6bd2fad465bfd5445d08a8665a5ed349d960e09a960

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    971212e41c7dc937d15579a8c7379a95

    SHA1

    9a0e0649f30ff52777a74d6b2e72103cc56bb02d

    SHA256

    2eaed24e13bb2d3c96e55da7d8dede3cddb08b47686789c8c62633317f1bfe2f

    SHA512

    8608eb9e7ac80dda8113c1696deb4e21c7d49565de167eb75fd44eed270c892e47dd93ebd917cda2bee87543cea2be29f30724c9461328a47cc75eba7a8d5a9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d752e605b7cb8aae087268720826920c

    SHA1

    187d3c95670d9063970c463cae7dbe41aa498975

    SHA256

    bc2777d8a161f470c108175630fb173f4f28d9889e8f26cc02ad2fff86aa21d4

    SHA512

    889c637712fe37b040d7009c469d23b1aa3bfbf9652f83542792f79faf4dd93325a1541cba53783876c510477e4cbdf73000e37c3af5adc76188d678b6bd0765

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f25f142435aa9076c53c9caf71ba3ddd

    SHA1

    1fa2212aa1a4a9ea2708a36be9b0ed7ad837c318

    SHA256

    aa3b6f4005baf98c162eedfc4ee0b1fae84d398062afbd778cd68c4b3fbb2897

    SHA512

    10756020e825459fd9554806b9edd8efdda88593575cd1885b74b3fece67309b0cedc5bec5ba9297ae9d367e21fbce161de11e9ba3ec44c894605029b35662ba

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    903d27da54c326b48e722a44165d63fd

    SHA1

    47287c30310e38420a0be14b2c40b63ae69f2c39

    SHA256

    28348f5af8537f88760abd8e39cb74e6dbc49292e16c9e75c170f9d6f9af69c4

    SHA512

    e670b3033dd99060a3aa827112257850ec8fe4fb7044bee879234946c32ff0d24c7c262b24e2ab4a2df475b5409888e5441e7f87e74aac50f488b0ffbaa2b701

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f3aeb2c47142e9f50e76c81b08bc706d

    SHA1

    b29219eecf02f43ee1bcba32f8817f37e36c3358

    SHA256

    b6ac5bfe9bcae795e8e2f2823df0bacb0753b3f218d8bb5f0dcd589f36168aa1

    SHA512

    8cac8b0d110bf62b5bbc30bfb86399bb15eee2a991a02c1e901b0644181d7b35cdf6eb2471fba3f234f4d1d925f89e93d989dab6ab00ff0ea2b716975de81ce7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b71098ff414add2d2bc7b2bbf0ee0f9c

    SHA1

    b4726a7642c92e33a800ee8c171dc2e15c2e3bc7

    SHA256

    14faf78052c0bb371cd5e6a3c59e9899266e9ddd0b1e2c0122c08ef50c48c855

    SHA512

    2a4f7d612c8408a71b1addb408f067042ac0f7cc33e973b7504350e8ac4211957bc3932cc3e1dd7cffa4082ce4f39f9851e211d12f1c70a9f6d8e2a51557b069

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aa7edf56d95233edd3a03d746202e79c

    SHA1

    8d71939dda6c63d095270148bfc74eca0f8a7660

    SHA256

    e42664ba5d35d1bcfdd63acbb467203c510060b9bc6ec63e9d0390284c1ed28a

    SHA512

    dd24e9153f918718302e4a29f644ade8b79a022e9f5db4db141886831866cea90b1be61e053972656bfaad5f9127799e6609d1bdb36d1fb7477efca56833f13e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    26d73184a7356907d7fccde20bab65ac

    SHA1

    0c136d5d42c882f9f8bb2a274e53d6e1e0861012

    SHA256

    7a9fd286818a7c6c8628c41140497eee7945aa2a6e564a78b90c575e5c72893c

    SHA512

    2a416b8bf95d6b1d0dea46e11bc628938d949c39ce521e40d465a7598f89cf96d9382d74c36a2a214bf85ad75b0465fa44a3ae11b5138dec7d6876ee2ad0b163

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8068eb40079b0d285e83d57056107407

    SHA1

    0186346660ec4ebb12d468186896de5363c7f1b1

    SHA256

    76affe3250951421631ffc4f0a7fb11b6f4ffad1e0e9d24e65222c45e8a3f428

    SHA512

    67f94d28632e8717a3a83b7ddccd693f3d5748ad6b91d704e0c844dbd52cb2b70ee3212943af3e8a94fcf9594eb960a3a3c1c8af4cd4cd8c5c97190e23387982

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    857aacc379f61638a25def73f122405a

    SHA1

    fd9f4e17597d8df8a096f578261d4ee5a07c4768

    SHA256

    3409ac5b8312d83108539a5a723f677ce8268cf62163c15485a12a9165488af7

    SHA512

    069dd2c584c03b30368035c5ee9c76e951eee7c2866ac11293700d41759bad7f01e0f7eb8d59ae06cdf5458d2a37548b7c2a6df09146c33d1b35955602a0f687

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DUME8XYE\f[1].txt
    Filesize

    40KB

    MD5

    bd11aa218cd33d50102506b0633107f2

    SHA1

    0ba6fae9a2464cb8d057ab2f28052bcb2d651595

    SHA256

    ebd748eed7f77fc7a05a2fa8666d5f07a10c562468300c73382723f87959082e

    SHA512

    112d5ec3216e91cbbc7fcccc0088e8d202f918b7b3878828320d7db6618cb2648dc3054fbf12b61f77a13ac3e431cb86b0d71340d5f261d9e5e6378f13443e6d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabFEEA.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFFD7.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit