Overview

overview

10

Static

static

1

dc194a2b50...8.html

windows7-x64

10

dc194a2b50...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    09-12-2024 23:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dc194a2b502e42b68b058bbd401b723b_JaffaCakes118.html

  • Size

    58KB

  • MD5

    dc194a2b502e42b68b058bbd401b723b

  • SHA1

    d7bb1751a8433eeec9232ec50ea3aa0b63f14a34

  • SHA256

    7b229b284e726a270320fb5671765b147cc698a0b2fa9f2dbb1f84fbcdb49942

  • SHA512

    21f13f394e816180f2ab8ad84a9c09fca933e99dcd2adea3065ce3d5c92150f7614fed2ee61eb1e2fcaa5cf518ce1186c9146c73de681c2e61f863eaa6690172

  • SSDEEP

    1536:Hswgr8VSeO3x7WFPvOi/tLaS6cgRrhFtCaYG:KeO3x7gOetynFtCaYG

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Socgholish family
    socgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\dc194a2b502e42b68b058bbd401b723b_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:844
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:844 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2368

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    cef82fae30a276e9f907f920ff895114

    SHA1

    4d3e0e68171055257b913b66ef115695ec8897d8

    SHA256

    813eb155e40401c2e076b561afc393ad720dba78875f554d19d3f524257c8959

    SHA512

    13496890c9bcc96cd72acbd7f4d52a9549def766233060b8e499e42e5accff195a64bec8b198b34dfafa06dfe6b8e300f4e4b3d825d793817d8640aa93106fc0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5522f793a51da29f8b2bb50c20cb5fa7

    SHA1

    d8ac423fa0e3d90ec10ad30b3afc795b7ea41466

    SHA256

    16d91ad4a20ba83dcfb481e666379bfa82cfa1760752cb5d7c620276ee524a60

    SHA512

    9d78a692fa6b0b7d418ea4440b50dfa62880bb261c2f0eca67e2ae7de2ec5ef0e4fec5c5734f65e1f0275bffa0aa8b235fbadd4c9592c3e3b0a10d7a91ae716d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8c43f3caa5ab55ff7e62adbd6e4d7f08

    SHA1

    b5128e1e401c878fbe3d870efe57c006667a8ac0

    SHA256

    e73158df3970257319f9bc829dd82e4bc229a92f94d179b1e65c1c4b84404e66

    SHA512

    d7ba73a34f4a43236a841a815a6080cf455f6d4b2d5c76432ed5b1d3ed064d42c721b5fd0893ab4d0984a404407845bd91449370dd1df5f3f5c329f6700994eb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    656bdb66de66f0d271253f28a73e4f9c

    SHA1

    021dace9b27f0b21c4fe390260d6693a436466d5

    SHA256

    b2fdeaccf8447edc44537aa25e44d89ae4361eaf4ed25a89b4691337fdd42da9

    SHA512

    dcf1932f385e5ece4a192048fc916c032c91f4286591cb61333b9e8ff145aa72989ee63aa5f2448b65c966fb32e62e2bbb2743feb363723d217cc865aa5bc726

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    a357abc3bf5fc8812be022f4fb0a6daf

    SHA1

    c347feb5bfd902ecdae6300de08a08c1e38a197e

    SHA256

    cc4f1c54cd15990f5f212dd3d08e6392433a11edc0d2d1e0f2c3a07fd0a4e091

    SHA512

    119ffbbd4bad5c4e25435b2699338f8db1e2800fba51b5325972f28dfa148cfe6400095d3d62e453e3b4492f9b3deb8f1750a2f02e995a02611693757272dc17

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\40WV1DY9\cb=gapi[1].js
    Filesize

    154KB

    MD5

    1794e209c784b5f1d14e6b9b3dd42fdd

    SHA1

    1c41e8364a39722c8c3accf6514af18534a0e883

    SHA256

    3306123926341119d694833ebf674b28191c67910f2835f7430dd9527a89143e

    SHA512

    78d17b622edb2ce77f6fa1fcc9ebb89465693a353ea97facccba6317c39d714468cb7d1970f47b67bffb0c923eb9b40dc3b741991d1d216eadeb979a199c3f09

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\40WV1DY9\jquery-ui.min[1].js
    Filesize

    232KB

    MD5

    e436a692a06f26c45eca6061e44095ea

    SHA1

    f9a30c981cb03c5bfa2ecad82bd2e450e8b9491b

    SHA256

    7846b5904b602bd64bea1eb4557c03b09dabc580b07f18b8d1567d1345f0a040

    SHA512

    1b09a98336cbc0c8ff0f535a457a3db3cd3902e4a724bb2e56563648ed1a36201dd84e63f45dcea80bb6edfe80a17db388379417386dec76341fb9eadbafa88c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\40WV1DY9\plusone[1].js
    Filesize

    62KB

    MD5

    2693cd35d818b48f4cd562c6abe0db29

    SHA1

    131c844eb658219966c722b60cc12c8a542ebe06

    SHA256

    911fa262008c6ef2bcf8448ad83a5aa8129c39355b98d957f5c7dde2babf9b7c

    SHA512

    4f692bd49811addfe89d14b156fed6513f04ec4be2629086a8b66ddcd6e7b8b7df149fa017173824c30f7492c2320a3d7b9c0344d5e1f7074742558125654f1f

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8B420DKQ\1402174469-widgets[1].js
    Filesize

    97KB

    MD5

    10356da92dfdb6968838104f2bfbc40f

    SHA1

    d94cc7cf2b2a627eb250d0783a93e87557758613

    SHA256

    6356546c93c6d71ecf24fb20384734b0bc72215b71900c1b8f475807c115a046

    SHA512

    f49414a207a5f422c2025dfd4d6e564166fdc962bb41bc17e5924d7f1afedb3e0bba9956ba7e9ef60305e77366c77484b06281ddfc2e0e53d8312c4a31b61b30

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BDDDRHWK\454518911-widget_css_bundle[1].css
    Filesize

    32KB

    MD5

    7f736e7c6844ea55b608b08713e0822c

    SHA1

    e9242a3e84ba2167c85a2364f034e26130d3362a

    SHA256

    45153ae90182f718cb7dc159ac2a02a3c8b5f9714d2d30b43e66a158a778a14d

    SHA512

    b1dda580493f8c80a68b8b13c7abfb5522fb8b13ba2ae4adfef399837e918cd6b061db721d62672c7bfb2f6daea54b0c31c71ab2af4d5c06b7dfe514d235d55c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LW44N8OS\cb=gapi[1].js
    Filesize

    45KB

    MD5

    7f9eb468c87f1581b33d692757f5235d

    SHA1

    45ddf1f08ded12a78c66e003ddc5b07c3a9a6b7f

    SHA256

    a3b3deb31d653d66ae1883f7211e6de01be20c72008b6a0d9a19effdef6e95f1

    SHA512

    14c63094ad0246178c3ef3f08987fdb99f19a5c32821593fdbcfc300b401a39f40d8a69e12ae416061ed91889362cc0712a2730d0612e11fdf0bee7eb0a0a540

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LW44N8OS\jquery-2.1.1[1].js
    Filesize

    241KB

    MD5

    7403060950f4a13be3b3dfde0490ee05

    SHA1

    8d55aabf2b76486cc311fdc553a3613cad46aa3f

    SHA256

    140ff438eaaede046f1ceba27579d16dc980595709391873fa9bf74d7dbe53ac

    SHA512

    ee8d83b5a07a12e0308ceca7f3abf84041d014d0572748ec967e64af79af6f123b6c2335cf5a68b5551cc28042b7828d010870ed54a69c80e9e843a1c4d233cf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC7B3.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCB3F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit