Overview

overview

10

Static

static

1

JaffaCakes...d.html

windows7-x64

10

JaffaCakes...d.html

windows10-2004-x64

6

Analysis

  • max time kernel
    141s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    09-01-2025 16:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_ccd702f52d9d10930a96901df042a82d.html

  • Size

    157KB

  • MD5

    ccd702f52d9d10930a96901df042a82d

  • SHA1

    834b9db1bba38be32d2f4bed5cae5f34eb56e130

  • SHA256

    6d8376aafb60f67a3c16965ab190d54e09d444284420c0f8cdb41ddcf076c1f9

  • SHA512

    3682b07d16c82ac292807fbd7db18cb9f5a9a268e0519052a752220f0149830bace38535f4a9e38e9f90df8d3b3b407e6444a4ce8eb243709482e9b666ab2582

  • SSDEEP

    3072:nOMj439rt89dLnPKBJJ26C0xz/jIeILOrEoZ+ud5+hNJT:gmdLnPKtE

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Socgholish family
    socgholish
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_ccd702f52d9d10930a96901df042a82d.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1812
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1812 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:1940

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    bf05988caff92e1ed36f3caf6bac29ca

    SHA1

    db57c211901a026386612fb7f6153f198f3f36a4

    SHA256

    18abd277a5b256f0a8e406c9160851230ee21c56ed042d73a9358d69fa6f19fd

    SHA512

    da3eab9a8af8182c7ec1f403c965fdfdb43bec3c71275587f85a420e16983bb9bc8824245e42b405ae5d32a3e942aa8c134e72eda9b900f86429fa3feaddb407

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e49e7e8ef460098e64856d508f7fb428

    SHA1

    283dbb371f3847e60dfdb7dfe18812806dbaf5ed

    SHA256

    4c8e936305fba827e692a0b9f9dbf3701e6c5e7312e982bbfb7e2b828a34e16b

    SHA512

    b735fe721e8462c4188ec2592de61159a54ce8410ed6f8d2b1c34c79e85d14a738eec79e17fd9e47536f6ebef1b3c96c0f8a9dc86bbfc0df2d7ad01caf0ce523

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aea8a2c535236d053026dbb811e01601

    SHA1

    5034045dc050ed6cc6eae520d39dbd6550842862

    SHA256

    c7b0a515b7a20bedcde3657899561b4b4046abc1aa0d14e1a2e7484502389335

    SHA512

    ced50a8d44df1c1f06f68155d5499f819132a06a8b925589935993f0d02dc605817aca34dc1e37efb0ef56475fc80715d2ea47569d3ec875ab11d017e09cda17

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eff9f66f5e7ada24b71b7e1b2f77a220

    SHA1

    34330860438df02cccf4084aa0b99d05556708cd

    SHA256

    a2171e5c8fa36f49838a6e7cfb0b31dbb83e192dbdb046ffae194d949fbd3f64

    SHA512

    ee92a48e0862f7323a6d9fd27adc14caca7f255c6a9bbf1f36595be9f6ac1310c741a3a66acfed442f8524a5fd0e7ddb02fe80651fb37f5ec0588b2256b6153e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51fb0f0bbb3cb2f3cc49a83f2e100ab6

    SHA1

    86ef8faaf83ce6a37493596eae9eeb75cc9b2184

    SHA256

    200ae2712fc646990456d3dde663dca67f8d5d1a8c5700bb13e42abcd42ee504

    SHA512

    65d508799f4fa60a834cdd942d305c1654984acbf10f0a02b53486c7f094472d656eeed8b5af664a694155deb079c7b1f70714ecdf1e8cdb505b3cfd55b66f5e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f40fe3eebbc73fe692bccde0ea7805b4

    SHA1

    d68dea92ca5a213d336e2aa2e7d3d4d50cfc5686

    SHA256

    a25bd8bd3548a1110f0e65e06db8a7a1e2b0267baac235362ede801ced808b10

    SHA512

    7d4a5c24b12a7608beb565316c83167f823ca95fae40579e789ece9d002ccd437d02f23813a7bdae38d3260dd174e863699d489b909b9ae7a380fb0915be67a3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8ba21088a404a86c371a15449e1ef83b

    SHA1

    9df23d260f6fde800585a3a3a11d4f2123425283

    SHA256

    47516a78abd70a14a4a7bfb1d8729786a0a9154e7ce2f77f6d93b93e2358fda0

    SHA512

    95694dbbfa7fbb939aeda270f02e32e1b550f5d262b9528978682141d75129d676f7b2d22fc0b2c6eacb81ef758b4194fd179192e6a3dfa40cf83f3344edf523

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d8b2ec2960fd2771f938b2cbe4ccc08a

    SHA1

    74799a0faeef87fb9ceb7f09b11dfd9e836680c2

    SHA256

    ce014921e9eabac57abde861de04e51bdd5994952758f6c7e61e24aedc5622d7

    SHA512

    9a388121a8aea129077722e7a1ff1030dbd0456e57b4e46726063c85f1d8eabfbb9861a4ebafd081c0645a027e52f81f7bcdea6a53a0a18f167a396eb31771ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d94181aa5a4cf15d6d36a395a34a931e

    SHA1

    9096b99f6cc8d188ed78f11a269f10089115bf2b

    SHA256

    674117d962259b68946222ceebb59f97710312c9bd0bfd21f720a793bfd6a85f

    SHA512

    f1b4cdd9c5ba55a0580bbabe8a7446c0190ad3b57dc761b744da77eb67bb14540cd1ba9563a2569c39bde8c748614f89266e95b2523f09a31f6f4390e4e1425f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4591ff6405c40877226c3e1da398eee4

    SHA1

    e1dfb86559f3fd0d323bd967f9d99b88f5dffea7

    SHA256

    f4632f4055d86c104498cc8fd38f7208fe1cf8831d9ce1f52b1e93f4f26c3e33

    SHA512

    62da824b44c90d6c7b4cca07c386d46d4c5860b096b13cb3c82658323dd66100792ca2cce2c0823d63477cf0f4dfb851bfb3b43cfe243d6bfacc6745cb890c65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    92feae9fd0030eb2192506eb5c6d2275

    SHA1

    a8900825ee38c2ee8c6ed8754bc9aa9f0919e826

    SHA256

    2d8283cc6f24800ed55e80b65b14370e3b4652b72c213b815db8767af0905416

    SHA512

    4444530569d702c92c992d6058575ff508380d65515d07b7ab2589f9a6342ec4a5b30e07799780614fcefe05eb4fdd7acb4054c79cedef389e30dd192b819b57

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1825d5bdf111f21e596650f79aaf7b2d

    SHA1

    6752cdf9b765a9c9e57227e268466dbc1e078512

    SHA256

    c2300cd1890dd171cc26957ac50318be557d77742c79adafb68a19ca3b14fefd

    SHA512

    6df9aa1546a5aec376b19ff7f8723123a7bd073e6ee68b577efd6df2ce64fadf78db66a9d27e77d08d8edd07751b2c60da5ab409b6c0c5ef4845244aa182ef2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    8e7ce61da34e69d505801a90d2ce340a

    SHA1

    2672403a0b39298358033ed97cd396c02a9c3556

    SHA256

    f042a1f794d78e130f2bbc0813db6df00ed869a3c3f5764062e808b1314c06eb

    SHA512

    3275923c74ae7a3b38fae1332f1663dbf6e87fb496bcf8301a8bf0680491992beb79f2ff9f00630a0e455d28d3c9c1a54d2a6e57d96430bebac0e900c7af3931

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5GWW47WY\E9WCNZGA.htm
    Filesize

    75KB

    MD5

    c3bd0bf75c7b04aee6cc9e33346de44c

    SHA1

    208041663211fe25033b497f90004a3cee385c7e

    SHA256

    e9c8b67c51c942fa0ba142c4ba59b02efaa8f6274798f81a6e15a6184c33abe9

    SHA512

    7374d97b868759023c59f408b188d6c1ea820399eb9df2425d2e0809b4d9b5d8966be7b915ca94e052fa6e68b68390e76d2ab28acfcdc76f4263227e0f379462

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5GWW47WY\plusone[1].js
    Filesize

    62KB

    MD5

    2e4a448a27b8a58d75f607c7bdcca6f2

    SHA1

    31cf764c6c2240148eaaa2b9816e1219a273d0bc

    SHA256

    d3696859f3485d8aa6f8a4d0054d64fc1ee614e57725221dd1c97b930f02bc3e

    SHA512

    09ca4d8b6a0fc653490921befcb3d752e150ac9abf24d1fdd49c9453fe2baf969b76433a45121451ef642ea3f73f9c62871cdde5e07976ffdc03ee5200e4d35a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RLHRIIGD\BidVertiser[1].htm
    Filesize

    87B

    MD5

    6c60754af27389e2778b3584bf10f3a1

    SHA1

    196be0cdc74708ee01c01f86a648c16573e18fc6

    SHA256

    ff2485a3dc35082ae7e3799388665929ffd72227191bf24b7c01033bfe19ddd9

    SHA512

    36724f44d31c798e9c641567f282807f4cb357dc7ed4a9ef8ba633d8c2f14477dac67f4afb3f1f131dd16489d615114486eddc2cc34eff9e0d3b3cc443fa464f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabBBD2.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarBCBF.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit