Overview

overview

10

Static

static

1

f9e97a87dc...8.html

windows7-x64

10

f9e97a87dc...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    18-12-2024 03:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f9e97a87dc9c6a5789e9d20942fd04d4_JaffaCakes118.html

  • Size

    106KB

  • MD5

    f9e97a87dc9c6a5789e9d20942fd04d4

  • SHA1

    9c180ab687dba8967ec4e238462d14626465f852

  • SHA256

    d7606f4111c14354815f83d21e2df9ce9302ff078a8d879f78f5fd2e5cba13ed

  • SHA512

    379a80045fd476c8b12e1f2dfd8549f55ae23d6cafe11fe000d1050ee93055a22ec310683b8cf26389bcd9fd6dac148cd4bf1045b449ebbb4c75b0bcc7d4fb11

  • SSDEEP

    1536:gEPY6RYZo0GNPNkb1bTNrlQGN2NnNHN8NEWFLN0NZ8Nf9RJ7O+iQqoR:fPJmz1xlG+Q+iQqoR

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Socgholish family
    socgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\f9e97a87dc9c6a5789e9d20942fd04d4_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2328
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2328 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2968

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    4404dea0a4e6933de0f4c09ac11cf4fc

    SHA1

    2b1dc9870b960cc0fbefe63161347faa9b865b10

    SHA256

    b5ff07a546de0f7f466f36792bdfa131aab46624ee57664c50837e0a9e27700e

    SHA512

    a569bc39eac4bb0f6efe21089d099e0e32b65ce7addb02637f60163caa0965ce3fa550b1312d13c5cf1f2aa8b0c038aeb9957d07f7fadbc8176bf2735bd38ed7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f7022fd010cd16c10ff62631a9c70e0

    SHA1

    dde9f2d57cb3532b864ce6dfee611e9b3444b388

    SHA256

    27b714820951b764eae5edf56fb10b0ac6a5567f94abc518dc73ade8e79ee2ce

    SHA512

    4550cb88b372748baf940093e66c72521e4e9f8a2704f10067b1477ad16ad52f02db50ee03caedf86cc917becf32d92df18d7a0ebcad15112dce2df848988984

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1218107fe7e4afa3d29994d673152af8

    SHA1

    759882db0b3f82fb7f79e39ee3ae0245b519b662

    SHA256

    114173c7cd316dfdc16c206fa5f1357fd71b0b8785b0e02508ce1872023e8a62

    SHA512

    1c3297b76eb333afba3d207e62ec256b154d692a3be21dbbe2888bb5453c1e168474357f97afcd278c836c05e418375a91136f0345fdecabffe1025d8a189f17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ce88669b3a801442080d03fb71181667

    SHA1

    76a62730354f366fce1e1ad795fda0ba88e891a8

    SHA256

    9f6c9cde9969c7d2205315f58e73cfd75afd83f77256fa667efed317dfb229d2

    SHA512

    bb966d5609d94d0b71554a7bfac87c2b0a7e6f0a98ab20d6b4b483dcee32b2fe3fd62107ad6e412da83b5961bde4e3574d5e4e348530664f9b8d5c5bdc725309

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bac1471ca912db6c9cc859dda99bd4cf

    SHA1

    c4725526712ecab92b74ae5ed321f90a0f4f1462

    SHA256

    dc4b2e22587a0c070e0a06716121067df762d1b9e28781ff75a47aaa4b1076a2

    SHA512

    c41525aebf91d86ec287de649e1790ae9bed5d7f9bc34ce4a782f5fbd7893e0c7958e8ae07a744a6f03c840dd0d2247aa3890dbf76aaca0e14de5c94966ae148

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66678483393b1d03147e56b42ff3c5f0

    SHA1

    55eddb7eb91ed0ed86a157664b4716e5b3e640bb

    SHA256

    d6892b7847c617c2c2cf914e5a3c1f0f071005038999f5eb9e56658ab49b8c48

    SHA512

    2c86bff4c9ca5b0803410c52337abbf99b36894a3ef13d5366f8420f43374a8fa609fde1b6f0e3b770f779f857cc45870b83a9aa43ffa6c6d0e821d4d0bb9c26

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    397139e6c013147b613e4c996b53a182

    SHA1

    8f049406b442fea4514052072cee448c0c3cd769

    SHA256

    dc874f73396a8d2fb7e6cd7e9feb4ce6ee7b7a6db2461152dfaa19467ca96920

    SHA512

    00bf71c2cfaee719c1fbc2cf92ef9f1a9b0a63fcd9694c78c673bc7d3ec43bf793c0fb11e02e7cdc15fc7ccfa50755d5673ba55c78380fa7ab5ffbecf5c01185

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cfc33eddba9cc83d2378e7581cb78cc7

    SHA1

    3dd7e13be7aab162fc29b4703ac2e422f819cd47

    SHA256

    e71164f95d8b06ddc89bb95d569ae0a4416d1c011a4d40c1e0629441d496c9a4

    SHA512

    a7e515c7031a634050974b97bbc9e89066ad78bc9ffd45e24a1fe5813ba6a27286203e16894a398c3bf5a38bb8d612d1d494559627688932979d7918d865e2e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2c057fdd89c06db6d2f153db63109478

    SHA1

    5640ab3729a679a04cc61543d8708a2447666d98

    SHA256

    f5d04268698503d4e0d25e33439740f215a13c5f5c6feaf2919e95012d8e73b1

    SHA512

    90935c16f8a4acbddba5a56429337ab1a7c44a53c9cd775d51cfc7ead7bf262fdc73648599621a1d20a7aa2e415e6798d606ee82af553afa33bee6823a89a2af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    68821f4a92e0c2fadc663517f7ff789d

    SHA1

    26311030c84d65fa93b1bb3d7fe3e109a7c7f0c8

    SHA256

    7974e529e79f57f4bcf80cd1fbf58c20bb520eb930bba6f4ef0a7e068fc42e19

    SHA512

    6c5cbdcf3b68826df99b80a39eb9c740e281c6de8f0ae97daaf7decb02da31744fbcfeee63ead74fe93bc5a65b614bebf46e7344033a8fdbb8746d4447486922

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    8689a90566891b1151272dc7cdf927a3

    SHA1

    1864c900f9b1ca7ca882058809200904459e91a4

    SHA256

    ad2089cf893c945b4ea89fff36a3721b528eca318c1bb9f22a6e99b2191be3f9

    SHA512

    4cf7dd9c482bc20655e4a05b592452de2c3988e8a9ecb813421234884ecb4bb4784cf89a9220f8fc834bb6ccfaae6f57a17c69efd28147f9ce443fac08fc0174

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDF78.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD70F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit