Overview

overview

10

Static

static

1

JaffaCakes...7.html

windows7-x64

10

JaffaCakes...7.html

windows10-2004-x64

6

Analysis

  • max time kernel
    142s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04-02-2025 23:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_9937add738802c4a123e7d97cdc479d7.html

  • Size

    130KB

  • MD5

    9937add738802c4a123e7d97cdc479d7

  • SHA1

    7bec56849dc18160bbbacc76fe09b0c8b7d3144b

  • SHA256

    0e4b9eeb5bdf56d6b009808bdce2505ad9a68ac0dbf526703f95dd2373be26d6

  • SHA512

    d0c75cc02eacd419fc2b75e282aef49c1cf3fad5cdcafc44713dd9b68bc450f6fe057f7505d7d3d7d0bcced248da8d3dd2517bd466ab3b958976786d1d72b733

  • SSDEEP

    3072:wL6JPErYxYiv+8ysOZHvOodEhNiawd/RNHTcjW4YV:wL6J5v+nV

Score
10/10
socgholishgooglediscoverydownloaderphishing

Malware Config

Signatures

  • Detected google phishing page 1 IoCs
    phishinggoogle
  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Socgholish family
    socgholish
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 5 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_9937add738802c4a123e7d97cdc479d7.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:536
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:536 CREDAT:275457 /prefetch:2
      2⤵
      • Detected google phishing page
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2412

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    275cfc5498124358e36ee6b0fe276bf5

    SHA1

    0b6b47cbc9423b2a092c9e5f4ffb41a116b53bb7

    SHA256

    345341149fecb68d6ec3dec457dd23bdcdd2dac2fa59f619b059afaea1edfeba

    SHA512

    d9cdbf2feca5ecad444f0f0892cfd5e9b5cca2ba53ce10a37830d0ff58293c890f28a48dabfce3d0ea303345c57fa764fb518648437f5b05449fe098bd6d88c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3d7e95c8612b45c6c937c8770234040a

    SHA1

    d0451eb9d074bb374f430be2d913193b4571c18c

    SHA256

    325c5dc4a2fa8baab0a9e1f5d4fe1f091681913480bfa6f6491df8c6e5d824dd

    SHA512

    efc8bae753797a9c7a5f51db322696ddea3067ec37c7dbd805bb563117de8ba095774019097797a99cb966e94bf44170cc57fd99bc6a9cf758f48615b2e11b3f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    299f6d0d67428172e901934085f29ec3

    SHA1

    6c9bc77cbfe075b53e515990ca90e9f4579f875f

    SHA256

    a03a1646805297d97e9e7b991800f2ebd9edc0be46919d1bc854d895c462ae21

    SHA512

    ca751f785604e50fd90c743a3443191c735bf2a5a5ce86c908f669ba67f592f8464334315b0f80342f4dcddf188ee057a065720e42b0f6eac9eb76f65bff37cb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aaf72189850e04a0d9ede31298d1a0e9

    SHA1

    c7677335c1fb640396aaf4b2c29599f0b15bb1b3

    SHA256

    81b70e5a54e09a5422c0faf41ea38490631686061c0656aac89793a257dc26fa

    SHA512

    b0315f35b5d993152579d1b0abf81d575f1723c51a05a6c1970f2f710d4bad2d6ca268a3cd7664e0b4fe6ba1577943d9a9ee9f0144516672a3e6c2152c23d6f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0db176b090340b7cfe7445ac5e0034ef

    SHA1

    053a4c9516568299a0b681b37391da588866035d

    SHA256

    6421dfb4d680ab4ff90d3387fd097fba05a22008e52f1df2e826d1c4f650a849

    SHA512

    72da193a6fb55d6de3244d244737df2d46847217cee15924031cce0d5df60816fb2bf2bb0406d0cee3f9893de80b27e03c58e63bfbd03faf8ee70637f24f2dc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    158e1eeb5e98689088e6c282fc34df24

    SHA1

    63248a07b293d0aa19c0392554de9fecddf67b15

    SHA256

    91936e9e74fa20707c36730628f2bc6b28cd41d2202a09e8091911919a299027

    SHA512

    c7bfe4c75b5e526d081b77dd66deccea3813929c3f0ed56fe554452dd3ac13c2720f8657df717176cb6560bd6797ae5886ed53ae8205da221eddfcf5a592f83d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    811225b0b4540bf73e35f98bedef0d9c

    SHA1

    8e758966b16d21c65c8daf32c994ab0bf9e7b49b

    SHA256

    1c7ff4a58567d9d6dbbc574abc1639f714a1e0bc9c18d0e72a7405dc36d3ce1e

    SHA512

    a259d572c31775d13c9b85a9c9e0bf3a2498310e70ccbef702f8218e7d95f3749180f72a4e14718b5cd0d8dd2807024211b063dbf3383caae5af6ed2eb00ff9a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6fefa02fdc503dd22d25f477b3c55905

    SHA1

    fd24dfa4a2a641e6e2bee546405f48458afed649

    SHA256

    7ddfc540b5c2ed5f1200147c147d8fc77671d09f5389fbd42b7b50a426894edb

    SHA512

    c730354b5eb205b257a4c531798610f50c7d5642802b47773b66a14848b19944b134f274c51449f5bfb131a3ddbccca3ac5cc6401fae0b53567b1f487fc1ccdb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6f7dc86955cb68dd177cc62f8f48802d

    SHA1

    b21fdbe2e63b6fcbbf7c2d8b8d337d5086808ad2

    SHA256

    8c7fbfa305b42fd3cef5d0dd82b17e3a5e06c20b1de2a808a1d3d236ee0a8440

    SHA512

    5f7313b2116a22d2c1202e1de17f37bb4097d8bc70e390fb5fab79f6620b84649f95a4020a30e9ae7105aaaf537278c7245721c02c10c7da1ec69245a3e4b31f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a75c1057ab9498efb3b3e2dd3dc89fc

    SHA1

    c48a229d38c5acf8bd02c7f71c9b8caadeb65c7d

    SHA256

    d9f0eefd3e5e9952a27901824f28797889f467cbe161256ebad924dbf6120f30

    SHA512

    c338156a718caf5d2f8629853e5d4ab06554ea439f3dc1b83ec5a200b554197cb63fc7a0e9ac58be414e0899b4bf2a4607f1fffa444078086076f70429c33583

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2a255e5132e61853235de9c0a3f4faca

    SHA1

    a35a7fb4059ea500fc1f76df356dd5e5b4793c06

    SHA256

    248dd566e0cf02b47d76d2e5cddc7b30d56bc9cb026a319cd957b21be3ce73b7

    SHA512

    8ba6c40f4219b942b30012a8535106cfe748d9a967305284dd145869f52351f9d2be7dda4d3fdaad9dbee3b92b08c4fac1bebb25864195a62220ed058ca0fb95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    143b118dc066e4ca3967673a072f8fea

    SHA1

    2860c17c664883cb0cb4b3ceff1b5ef7c032983f

    SHA256

    ce1af18faa8a1393645132fad59abcec5dab3f9c56979cd8b5f5e2096f38d64d

    SHA512

    503b14a89238521f90941d925eff86bb461a4d5d7df72e47df14b04a499d3d332cea957b33203e8ade4550c5ec7d1bee75e72d44d34c3f963c075ebdcc82b758

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    dfbe8cee9ef413212e62239f83b1fcf6

    SHA1

    2f0c69fb38d20ca6561b504f5e5cb66039978fe9

    SHA256

    8e9ad623ca3e099eb1f582276082c7343f00403bfce124ac131e40365ceeb1e5

    SHA512

    4e8b5acd82ba579ee424d63070a6b9e2a9438200c02744b824bb1500529a67feb9420c3f1b1479051ae970fbc1e8193758371f04ed5c198ef62d2cc9f15df974

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BQQODH7V\maia[1].css
    Filesize

    42KB

    MD5

    9e914fd11c5238c50eba741a873f0896

    SHA1

    950316ffef900ceecca4cf847c9a8c14231271da

    SHA256

    8684a32d1a10d050a26fc33192edf427a5f0c6874c590a68d77ae6e0d186bd8a

    SHA512

    362b96b27d3286396f53ece74b1685fa915fc9a73e83f28e782b3f6a2b9f851ba9e37d79d93bd97ab7b3dc3c2d9b66b5e8f81151c8b65a17f4483e1484428e5f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDB53.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDC40.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit