Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

ec8135823e...8.html

windows7-x64

10

ec8135823e...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    13/12/2024, 17:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ec8135823ead5c4cac185e9584d692ac_JaffaCakes118.html

  • Size

    199KB

  • MD5

    ec8135823ead5c4cac185e9584d692ac

  • SHA1

    f38a0c8059292aaf0883bf16f3be7f5d8804be0f

  • SHA256

    fb0b189acc6f75d161332d42b7808640fa75ce5fc22f7fcf87937aac94d2549b

  • SHA512

    076dfc39dd7ca0a103f78bea2685addb79d6de2932e1a28f686deeb376e8f511f75b6b94176702bdbb0b2dde63090e64c7e407893d669684ec4b2984327f4cfb

  • SSDEEP

    6144:Kt3cIIIW3G4k5QhL8atVyiVQ5MIsuQyf5bTM+MdBXpKgXpgx4t48O9mge/bE6zbB:GcDd3G4k5QhL8atkiwMIsuQyf5bTM+MX

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Socgholish family
    socgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 53 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\ec8135823ead5c4cac185e9584d692ac_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:560
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:560 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2944

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DDE8B1B7E253A9758EC380BD648952AF_2E8C46D6B6144EBA435CCDE0B3FD5C15
    Filesize

    472B

    MD5

    1d2b34136d950ebb2e67d0da20fff33f

    SHA1

    f71cec96e57721bb87a70d90bac2128f9bef7e9f

    SHA256

    31b4c5cc6667915bf8dea34194997dd6d854b1a483035251e5183579dc3ec00f

    SHA512

    7e6997151d1e0a47ed438d7af554b292dd26eed5311243608ed166bd6773c8ac4fd6baf64ddb1cc4aa3fd2d69ac62d2cfb68d05a22424843dc501aed674b7f28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    4825adea66cb55060afe1eaa11960eee

    SHA1

    af61dc5c873156db2e6ef872aeecfc0c742e407b

    SHA256

    045632f9cc842d2dcccbbd85aac0cd441bbfd6f3d6b4bc6e9aab8cf3fa9d4bcc

    SHA512

    438de2b6e904771a6f38da920e256c756378c372611cade5786d0b8add60897deb0bfe416e0793575542749abd4c0b258f8c822c4b7cef327250fd58987160ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a783e43545c99229f0ad6fb5cedcc9fd

    SHA1

    1612d6514987e5bdf1daf37dc7ce801b6dcb74d2

    SHA256

    3729a7edf58c7ca316c6ec96002ef545f22c9999b5ce9bd7178ef401f00eed59

    SHA512

    3d2123e5b75b2a62528d86176ced489861195d1fb420e63d243c2f04cf7b57c9f90acb2b6384cdeb0cbede845e1396393f4eb1724cc44b415782837033c3cbcc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    20f6e35bc0a282dd636fbef3ddd13c0a

    SHA1

    b18ddbe05df1fc0b7e8b0be737c9c6bb4e62a442

    SHA256

    cba5ebae062186036ec45a651a2fb1dd355d6edc3755d4eb7a3dab794dafa03c

    SHA512

    476c6d80fc83fc9523885a8248833ed1755b4ab99972185decee038f0fdf36f810026f126dca5bccc20b5322ae5b22e0b06d53b0610b0a8cfa37a8dd9dc66840

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7de7dbfcbf485b9794c1b35c0ddc9f13

    SHA1

    4a443df5c5542ef91f8d3ed62668b609ce2ae64a

    SHA256

    f563f53c3a9e87bb7ed08d0364fb42b59f807fd4839e301a553fa060350d72f2

    SHA512

    8a6edfea9d3393d5ff23962e8a430ebb92f43e8c7846e98a2c0b643ed6d42d5f45d71bea9443e207f99dec809613bcbb23917af40381fac04bdde7e47db0c7cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ae31268b7d60143bbbe2cd214b8a6b39

    SHA1

    fb33b3a4f7573dc4fa490914fbce2408c04b5b8c

    SHA256

    1908cc2912021ca3b33378c8164d85ffc3e53ebad85bee86270a55737db6cedd

    SHA512

    c16416433f443543a3f0a82d45ac6a5da3f06d88420d44de36a6e2ff721263178330026459061f6a3c08297f4e0bb398b539dff0f54fa43cbc92196c23e91c2b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24878cc66401bd95cd278a2c22ee6b72

    SHA1

    27fe4a62c902b89ca3628eea557c18429a69a140

    SHA256

    e230577a95815585f4232e5c571cd8c05b2258db19a944fbf13d1683ec5de5fd

    SHA512

    46772bbc283ad24545ebc3b846f78ee908c4d1ef535d7a809b7afa5d0fd04aa7778cb554b30e616ae70a39672fc251ddb8ca5e483688946dbcd070e0826cc82e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a97eecb323c6f1c846b6718237a0a014

    SHA1

    a31ddb05b43135a291f702d46377677d11b1e58c

    SHA256

    962510e899018ea00352286b76e03132045c34415c68a758e48ea1b1b52fc466

    SHA512

    474303f3471734bc2cf7b600726ecfdd4840fa328d532afa8089fc37b96b5d05ba7a5dc7e5ab7a7ce5f03e03c40b5600c263cfa3009a02d00d1167bcda5fd201

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    91a7a110793388ec66a984533e21e762

    SHA1

    c621ef23a7ed81700a58a25a78fb56f601e2ba57

    SHA256

    a3b6b4307e2baf546adc4268c2a9ced3aa7bfd7b6e2b2e3598d174075a0a0d99

    SHA512

    f93d86bb7a68573e5ba8803918888129de6df8bf07185efbb2da9422e0e8e0a05e79ddffa71c2d54b9eb0c90ffe3b59a261ad95f2d82ffbc8d23d85a8ef4467e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    dc0f53473419bee495f190524f7f311f

    SHA1

    0b4ca32c61f660dd1582d8516374c214be622bbd

    SHA256

    1deddcced5c7dce882e2b1951e02b9a1ee3b4a25bdb523332259e82bbdbca372

    SHA512

    c9df8042e3d8cb80c47cc9fd897a60b80e2d491814b3a33fc113e8cfbc0ec43f0288f0024b2875e88f024cf6195ba98759fa4b00c5fe09f083246288abd61348

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\YYU1HF7E\www.youtube[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\YYU1HF7E\www.youtube[1].xml
    Filesize

    229B

    MD5

    dbad3e40ccf3f9919384406351028a81

    SHA1

    d715c6db654cb71865689d3ee18a4766e1800d56

    SHA256

    b7d8ddc7acac7152e284c2d61d23d5202b820905cd30809ed391a2ae668b5280

    SHA512

    5d5114fe1885fbf68cd5cb523d3f48a8ed85dab18e577cdf65d641b59610b9a906377116a015d804ab99b45a709046804d47c82ff493ca6bcaa35b9eac02e33a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8B420DKQ\cb=gapi[1].js
    Filesize

    58KB

    MD5

    b103bb58d9e7cecaa60bdf377d328918

    SHA1

    0f094c307bceef833a64f408d2f749a10f79de44

    SHA256

    81dcd274347bd909cf132d3c8bcc9924e41921c33eca07fd6fe5e2a59ca4f5b7

    SHA512

    b1a4fa329b76df7c861771e1dc36749155895dff623cd916811f2af8c95f3bcf9fe75a3b9a56833f066a227444982ff4883459e24f7eead79b521c2ffdcaa844

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BDDDRHWK\CPZW5CP6.js
    Filesize

    157B

    MD5

    67e216a27dda24bdcb086c2385b0cb99

    SHA1

    17141c80f5d32bec3691c5ab24741d8b7dd5f0c6

    SHA256

    9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7

    SHA512

    802319543dc64cb011bc2684004e878a842b73aa55e4da1141ccb8650cbf42fabbf2b46c730760bbfcc7a140e11700244b9f5da78bafe9fca7ec7825c12b4255

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BDDDRHWK\rpc_shindig_random[1].js
    Filesize

    14KB

    MD5

    45cbe9a36a384fe9273d25ef64ef8691

    SHA1

    325026cc1cb9022ccd8c9c2089597251419201cf

    SHA256

    d9959cd6fb35fa6a7aef91a5bb9bb5358e7f91271d84130de6d06910076c5c5c

    SHA512

    0a70b1b12658418caf529a01ddc4d7fd6c59276c4658028ce2b5f7dcea64ef91f353fce7e67349c8534b68fc53c0ff23c36a7260337dcd307b836e55bec43dc6

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LW44N8OS\2254111616-postmessagerelay[1].js
    Filesize

    10KB

    MD5

    c264799bac4a96a4cd63eb09f0476a74

    SHA1

    d8a1077bf625dac9611a37bfb4e6c0cd07978f4c

    SHA256

    17dce4003e6a3d958bb8307bffa9c195694881f549943a7bdb2769b082f9326d

    SHA512

    6acd83dfd3db93f1f999d524b8828b64c8c0731567c3c0b8a77c6ddcf03d0e74ee20d23171e6ceac0c9f099dce03f8e5d68e78c374da2c055973f6ac2db4e4f9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7F10.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7F13.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit