Overview

overview

10

Static

static

1

c8437b2a39...8.html

windows7-x64

10

c8437b2a39...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    05-12-2024 15:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c8437b2a39eab1d7b03cd38999ea2078_JaffaCakes118.html

  • Size

    78KB

  • MD5

    c8437b2a39eab1d7b03cd38999ea2078

  • SHA1

    d1410a4913a1f27cef4932c3e1067e14835e1095

  • SHA256

    b4c56964284aa0456a8c65fad7fcade82cb63aa0216c798a40a7ec1e37976ca2

  • SHA512

    e2e1948e50eec8a6d7b5e5721b34d8867c521d21851c7d3e58bf1891cd32df78421d634b74d51179c7493e91c31c85be77a0299b0b8bfb927d928af27c4e8bac

  • SSDEEP

    1536:EirO/grfrJPia6a5ITmhoIVyb4yhbsk8zz:NrDJata5ITmhoIVyb4ylsk8zz

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Socgholish family
    socgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\c8437b2a39eab1d7b03cd38999ea2078_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2800
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2800 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2788

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199
    Filesize

    854B

    MD5

    e935bc5762068caf3e24a2683b1b8a88

    SHA1

    82b70eb774c0756837fe8d7acbfeec05ecbf5463

    SHA256

    a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

    SHA512

    bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
    Filesize

    1KB

    MD5

    bf7f7c4ca57f16f0007b0962174ec8f4

    SHA1

    efcfd9b9bfb4b0cc73be9328c80fc718cd2c92ba

    SHA256

    6315749f4ecfe6ff62eec31a4cc01df9174af24eedef6b0df2e2ab18a8ad7ec8

    SHA512

    ef9ea08c71dfe9dec0b9b96d2dbaad724f2dce19e00f631b8b258d4f71389887df11793121cd05ee57b0c1f9753c312380faeccf80a41a30efcc346030c4bc97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    17d9cab2582bdeece6457c6205124191

    SHA1

    ec9a46890b59a334e7ee0e2e1a3391f9dad9fbdb

    SHA256

    72acc2e5a17fdc59b2c85b1a36ebca425f46da999085f87c28ccdc329073fc03

    SHA512

    1b568a8a90fa367fa14c382c830cd8af1e25ecca668a16cf3576e71babbc6165ce0bf3acc3364064ca050c575aeb60d95f4451e7a277e71027a42b2ed7b2f904

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5dab84f7816abb4fa05524a93efa2825

    SHA1

    8bcf30459afc06cf27f69a6120e74a7203c5875b

    SHA256

    2ef6383cfc75442288a00c7e39d90a373c01a4f64f52f8a2eb32e60ce071168b

    SHA512

    69468139e23dc36720de0b45d5f5f1fa591a1a5d9603d24e7765d97ae6dca1edbe1afb2f46599c92e9c1d8fc493e6222d63618c41a2eeb0fd86d0a5f5e8475be

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c2d9ac5561ddf231564e03b0db825bdc

    SHA1

    0aba5d9574384597d37d7c529c917f5f0cccbde0

    SHA256

    4f3ca96f36c7a5d0130ceececfdfcb5fd7fca49de6ece6f0549b8069e131d193

    SHA512

    af1c1cde9ae3dfa184cad10dcb96d998eaa89300bd34133840dd365f27dff003d0874740a65f20caca4d6e71e3f5c6b4d82dc4e897aaeb1432b6791c2668d148

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7ec22d20219cea02b0c50d8e78100fff

    SHA1

    4b05918318e31ccd73926899cd608f5814c52f95

    SHA256

    6c233e3ec2181351a0e549e251d95777b8084ec7b527a64544e72ebcf2902c0e

    SHA512

    30e512e0592a9079d95ebb3a230ed0d4e89a8791e78d9a4f29c70acb9847f823c30b853ab3c316c526c05648b1d664bba580eca6d4d6d7d81b9960c8f5779e0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ff46b71cd91f403af1b674adb4fa7afb

    SHA1

    bc146fd5d82019bac18eabe5b8943c51f77126cf

    SHA256

    b058f0dc95545aa34126f673cd9492c21c6fb39429202b0919aa86ec8dec5b73

    SHA512

    acdb1cb2d0d572ddcac28a89fa090a804f691facd99885972312be8099af5b17bd8ff15bb6a51ee5d98f5bf5469a1e72fef9967fcb18bd631b8fb2a2e78386e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f1bdcd9dfdb7005aa416920737d8ed57

    SHA1

    e4c9b42149962a7d596c1620060541e1363e1962

    SHA256

    29304ded278da6b54c5de2c09a8aa2ba8fb2bd3f54120afe7e872ae57616fee6

    SHA512

    886a2dd24eac659465ccd5aa0d84b43e79daf588ce553e4bab1e46bdbea634f7ae3f2c07786e15b6c338202e76271f18f55618dc9c5a2f08bc69559497cfae51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eec1887667d5c0d19cecab5014f92b57

    SHA1

    8d37eb4523e9329763a2899079e0aa2a9e3f8348

    SHA256

    a137f567a8591be73b891e7c53e0c8e6a2c3c175a80382746470bc9daf185731

    SHA512

    282c7032b1498aa02158acf84601bd458b161c290d881276f17e5ec3212fa3e7ce336a1bbaf77dc8beece8a33815b6dc83458a34b130b65f304599b22dfeee8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a7b595a7463d264408ba28e236705983

    SHA1

    ed42e4ed45fda5429cc38db9e5b98a4ea0c6d689

    SHA256

    d13779722048a6603596456db662a95c134e104bb56053fd188ea9239fa79477

    SHA512

    55040f09a80716aff952634195352500a4637a65e3672837b5b53f21539960890d792ee61e197b1e36f688085a776799666ae900056062a195d98b39fc4047cd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66d7bcf2b5917ee76dbcfe52e72e163d

    SHA1

    8fceee799db26729a711fd4fac89d5ccd9e9c887

    SHA256

    fcbb648264d49345379051bbd51b8e8801884e1a1be065eff06e9f370886525c

    SHA512

    49f3182fa39be4c57fcdc111789394d4173e3fcad3a3a9fa8acff87e6b9325d401acc4af22994029f974dd7f7eeadda40b7dcc81bd088fef12022723246c23cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b140194f181229d69bc4b9d8ae1c0a32

    SHA1

    5eef305239046173ee33ae9a868573e8311710de

    SHA256

    4d3d1e12f1c7c272cec44e44e03221580445da01d1c6cf059646cd0d4e80af7a

    SHA512

    798b2c33da75f0595a574927b0e4d9bd0abe94da7ed17ce428c9c16e01200fc1f188824face41b2d0b6a7cb8f103f7e8f381970f391f1479b91494f987ff6007

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a0666a661b378bd26fbb0711afcaf84

    SHA1

    c312000aad23f8a55db289e5ef8bbd037b78e8f0

    SHA256

    d9afdcf32d6682b96d52ebdb391485807a382b3a1d84e18ceadf6323c012b0c3

    SHA512

    b8e8d2a87e28e0c082243fd2a73f74b64139832121eb7e6a1aefd550e973f7f1278c399c3d9311fabdcdd478ff86117e80f591dc62de1061a3f46610a8579a2f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    139b36749072499163aede7da9ba20eb

    SHA1

    88a45802b5cae8efce8aa527ecd245e8dbc90e2f

    SHA256

    263a437e82984cb5fb977a66eb7b224cf15a90e2538b67b78ac16c70d244122b

    SHA512

    6824134b1c9f5f323fd5171e0cfb661d44f6e204a4eaced49c4495b3493e365889cc57f65661eb954c6521fb356798842f894f08cc58da95375242ec643e5c41

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    a15cf0df7d46710acac86dea0f570eb6

    SHA1

    2f9d9f777e9bb3503847cc9a365e3c72b45f6ee2

    SHA256

    71ddd7df16bfeebb799459475c29864762818e92a16eaa63e771a7085be2b29a

    SHA512

    47e8d7591e7d57598bdcc3775f764a113a21e2d6ba14d6a477f19e285a6576124734a5d1693547d1663b0c6700528c54f7ea79c7fd318825bfc7064a22720cea

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9GP4P3HF\f[1].txt
    Filesize

    40KB

    MD5

    6edad6d964263e6cda2a4172cee22a1a

    SHA1

    4716941fca830751f7a49c50dd5eb54abb1cffbd

    SHA256

    287aafe95e8063adcd2ff9fbac7c5a076f3cec236a2a335aebc81ad60d5ea96a

    SHA512

    037674bd7d54235359e26d54a04370cd936e121362157934c064c26980db416042455f2461b583c076b447933915546f19c19bff631529aabb3d9f3b799cf0da

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab405C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5594.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit