Overview

overview

10

Static

static

1

d8622392ed...8.html

windows7-x64

10

d8622392ed...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08-12-2024 18:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d8622392ed38fd3f282cb34a5ba8c5d3_JaffaCakes118.html

  • Size

    110KB

  • MD5

    d8622392ed38fd3f282cb34a5ba8c5d3

  • SHA1

    c576222e981b0f51af7b011b5b633d3705333c06

  • SHA256

    93bdde5f56a89743a6b998c067e9681fe3249c14339ad5af83786b2c7061cfea

  • SHA512

    fc31aa14226ccf0c047e49b90b4964012c82c942d3550024239baf375f61fa3b8f7778182b4ab78919cb43420d6eeff9cb419a238b6fdac6f9c4c066c1a1b7be

  • SSDEEP

    1536:ZXHPoRbEvTuSOKAXjclagHt+o3vEO7ACHssOiwgNcirO8xaOd5PH:ZXvryRR67ACHuiwgNcx8Dd5PH

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Socgholish family
    socgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\d8622392ed38fd3f282cb34a5ba8c5d3_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1016
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1016 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1608

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    8b544fcee8833fdd2bad32c4c5847a10

    SHA1

    a39cf1198271f5949666e42de2c4fde2c8df97d3

    SHA256

    5516d4fe755b1080d766dd4385a4bff84b032bee9a2880b7714ad3721d015de5

    SHA512

    dbf2fd371ea9393a4b731b1bf04e07900da84169ae89ed4c4029a51a9fc1e1d5b75282b70fe64ba3ff5ab15b2a80708a59c8265047c7296538f15c036af19780

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    428ba2b61ffb3eece727af0117712db6

    SHA1

    8cfea38ff8cc13d68afd4635ffe6ef1c1eef7065

    SHA256

    37bf22764edc411f3c523ee7237680e7198d4fb9722310d9e0ad06587f0605c9

    SHA512

    559478a6b86bb56fd4d994ac776b741d2e63be9f2f8f326538ea47aeb97c2e7dd94375db0b30aa7e3878d84600cc5ba68cbec71a40e9f5c22e22aaddf5f0ad87

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c4ef64c1ffff62b25f44477e36a16ae

    SHA1

    f4bc696d2c42ce8db321cdf86cd2f4992eabaf5d

    SHA256

    71311238fb76223111a3d1d266b02e629b1400398269c3779d952d0059a584dd

    SHA512

    2526b4c61f9bd33fa9b96f8353c10e43d33ec7ab174f6d91f49e821e499150b8d1ebdc7a7e60418263d0f605275c451ffad44ab60da04e7b842ee536bb9e0797

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6da4ac4eafbc227e4567bbe5c3e3841b

    SHA1

    22bfed8e9755569a08c22cd5c158be2cfcf9c523

    SHA256

    6030c8a9ad71a3723c50986516b100fc3eebc2ebe3d2a83001fc30804d88071e

    SHA512

    604e8e1bc1fa9d6889be78676139aaa1576b7b247608213726864f6a4b603bac4a72779942247a2630e21c46c61dfeff62d9a0043d488d9019a3db350aa2e6f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5071f5c8d11d40d115ba1330d0036f07

    SHA1

    32a71f663b5fc4974dd21cbb367ac9b248b3c1cd

    SHA256

    63af14214e6dbe31b2d4c1c7520719b9782b7a353fb583363792387ac5f03ec2

    SHA512

    999a4612bff4890c93e1dc4f81cf3b12c0a42e378105bf3ab9a113ba85a745082f169ee454991a3cf61816a6dcd789b84eba81f0ed3779b46adf05b030b16570

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3ecd7e5de92e3f32d7157a2fdb112da4

    SHA1

    b146b71a84e47ee5531864ba3db9d4b8f0f8bb30

    SHA256

    9752a601ebd5bb35a757e6b40caa4612900b9eb9ec861784f6826d43ee3c5c89

    SHA512

    155cf5f27d2f4c3b3b065645c5556ff3ab8194811d113c8e0106d3594758ccbab74e7b9c1d793f6679e16ece5e8a143c6015f7c5ac702baf589212e14945957c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    794dfabcba904dbcd6782fb5d25d7db0

    SHA1

    67a28b54b17eb479d518a26d4523e49f72c8977b

    SHA256

    1883c07f357cbeb7dbd7ff5b6cbdf5ab158d531596faccd97849dbf08e3efea4

    SHA512

    18c48e50ec946fc13bf5ae22bb4ed6cd05057c542ad1340c7f06f9ce0e591e476f017a9ba42c048b78d3e42061fa246ba26dcc3083a5452231a4f2df416a370b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    61605022dda2d262eec0a1cf1757cd26

    SHA1

    be0596d427e4da0bbdf96b7dfbae64bd772c929b

    SHA256

    6e419b92595a4e46b60188a0c8c1c37c59d7af957f5a4e8a67bdc1a769c06114

    SHA512

    e64d050318534fd823bccdf82d12a78846311340f0d102e8591260eeacc3013bf204715fbce92929d20f3b283b061cfc1c45ea1ad5a669f92a54897883884320

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b25664c02842feccf47f73506f341e85

    SHA1

    5d1084336ab70fabfb1d996029ee3c27514c5c93

    SHA256

    459cd94c60a8c23dea28726e6b880ffb310f0afcdc18b5deb1740f05a5a86709

    SHA512

    585fb4f2f8ee154010d4bac9f1900e74657c1c46351977bb751ee6c554304536e39fdc5d9a8d0e022f2e3ee8543bff3e35987faa6522caaab000768f2d170e48

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b73d6299f69baa923821e668b4cf4e57

    SHA1

    a9dcece158db3b4fdf449be06614c5ffd6dc0e52

    SHA256

    c6435d332a4ceec0b9f8e69a3ee7d34623f304eadf94df5ad1aeb8db394401d3

    SHA512

    a7796afbda2757cf2534ed0594929ce3a2e176e49a2fdfed32f952dcc661458172a5b24aac35da4314e7875bce293ee05afff26d13c8199c96a1ad0caf8363b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bad356b7cfcce27f866806ed37783af3

    SHA1

    a4b152cf010d6700c599ccdf7e1948fcbd901183

    SHA256

    67c2c5f9f43f52a86c76c81361e86c80497b9bd09ef0cf951df8af1d79c3710d

    SHA512

    d14b686dbb06a1cc424894aa65b3f97473aa56760a9974125d87f0939b98e029e75c715e3882992d1f1f899a4518f79f030979970474d5642ba15c2a127a584c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    3741438d84fb0858083849d90376bb40

    SHA1

    7bea568a34c2dac115029b3d7226de10438607ab

    SHA256

    9ff066aa978c0372747554fbfa2e3288d8e7f35f34ffd9500472bb467e8d944a

    SHA512

    d78d7cfcecd77a06f5722a012a2238b2ef7d18a0c384684a20fdb92318cdde22f69a47287268a9b7864115e64e05dfe585fbf72f3f03dc2993c08a4d66fd8abe

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2905.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar2908.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit