Overview

overview

10

Static

static

4

JaffaCakes...2.html

windows7-x64

10

JaffaCakes...2.html

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    04-02-2025 22:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_98fb87c7d1e19ada92141c4e48806ce2.html

  • Size

    130KB

  • MD5

    98fb87c7d1e19ada92141c4e48806ce2

  • SHA1

    25a08aa3bab3beb859400397f8417b965dc54242

  • SHA256

    75e416130b32b9a631b5343e6ca6a9b1e0d460ce128f1d1814decf2d426024c5

  • SHA512

    40fb4e986b630e34024a989df6fd47a3d92ea80205ee13de2327a739cea51b808684a46635fbf9b7352ba507826a106802cae52cafc44a73af958866094d9a13

  • SSDEEP

    768:2ok1ATx+Bw24Tp7VjoiJRidNCiZW0HI8JjoE5Jcsm09XWhCFAfDv1p4ODMtFA6ck:20H0iJTiZdIXE5F4ZDMtFbcDO0t8Ff

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Socgholish family
    socgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_98fb87c7d1e19ada92141c4e48806ce2.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2236
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2236 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2788

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    31ba49d6ca8a07fefa95a81157d9577b

    SHA1

    24b25ab4b0b47475fa9a42b57aa72fee5af8aade

    SHA256

    49e304e2812b79389a7bf34f5f85bee77d2cc22331c7df699f11fc9455c497f7

    SHA512

    e6cea2efda3d4d043d18a9b5a8dca13202d260d6cfa33d03d8282125faa6b75c27351ea7cf6d36e33f1a9185bf3e6513e36f9036016acf8582bb44f5dbbb422e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ced131bf3496bfa6cdb5854eb4c42902

    SHA1

    3bee41d6a19430e2667602d435e7069e8fdcaa24

    SHA256

    fa88ebb76b63ae4ccf392387c3093e46c1906b7b7b2b20dd03c40e649e724c90

    SHA512

    98a50884791f0dd9ed928a83877dcbf99a9c20302f7c379a6b2e1f6d4b39441756bc9ea285433cc0e865632c39afcdef0cef9bfabd1f251e22528d63a404cd05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9a5dbd8d3114441bbf6d6992d136d77

    SHA1

    1b572b93abe935b1e058979554caa213b8856ebb

    SHA256

    6fb7f9397febd24caf156a4f0073fb5ebd2b1832cf9e0a4186d5b45fbb053acb

    SHA512

    5df16517a8ad087ec1f3b0ab167754ca25cdc3773717c506494d8b461eaae56c2ce8c5bc9e9cf34245f6be072e7e12107775853abdb1415e855c5e50bbda8206

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    54c92e7c1aa0ff1d6799630f57a334f7

    SHA1

    a1d988829aff45f413dd9001faccb36fbc960eb0

    SHA256

    3ee134672fa4dda5deada9adeebe9666f8f6171dbc6b57522a76b86c18c5f272

    SHA512

    4e943f4098ec42a032fb1a9a7d2b727614d356b86e8db6bfa43cbb7e80ef96ae7bae7a6897df86c9ce562b44d02714d763604397394b4c7d5cce8ed726739951

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    432248c0502abbe25daf5b1ef98a5f3f

    SHA1

    ac813e2192b3a58dbf0224fe320c7744519e63cf

    SHA256

    fa381d24ef47d1ba488454e71714a1a6fd86557319607047cb4845ec058af232

    SHA512

    5ebe75b3632c11b06e59b0f6a292b7eac4e711f7e0dbf3ad796aaadcf56b6e399a717453d0b3053f90134becd1e1f1eeb9635a12c88ed07fb596090e7cef9673

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a9cc677e31b51e4c3a870791b60dc850

    SHA1

    8b7c906ace91ab0390e5c57cc49ca75e403b565c

    SHA256

    b9b3a42aa205729f62a8111bc25f13e0656982e95e8f76f11a9ebcb30a7a1f54

    SHA512

    db0870559191f477b1ce252c77b46b3d5597205b71b2e380f2cbf23a3f23f6655ffabbb2ab19f4105cc27c6ec59a40431cd13e82150624cfc1004db23eaf9c9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bd3240d516d3a7e9cad231cbf8df4437

    SHA1

    3aac4dda8b04f350b4c9cd71915ee855de4d1d50

    SHA256

    f4665954d041f863596920fc9b9a3297c139d87a91a8fae164b285e91ce22980

    SHA512

    3a2f45b04908e0ad413db7a101a866758a43057bf5b20b5d07700e179c48e47f33785f7ae27033c2c6e8e9e27a3cabed28b43921f23c00277faf928e302a3001

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    50add82f583fd4309f4c82a25716d7c1

    SHA1

    81b839f863b3f1b4bd44c71fb506e8db544f1eaf

    SHA256

    efaab2cdb4eec0560b693472cc2aec9fadf538d414e86898318f30a6c6428d15

    SHA512

    cb869afaa9dccf24ee80430b8d9099806380baed1214e7fd1860d82ed5e65b4b775a0bde1df47f4ece8b616d3d3a475a2c1de055d55374bcbd4f5b95eead124e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ceb96b87db0e0f56bdfa656921323e24

    SHA1

    ab4aeb0ee0da10d80f5f212e7d26c18d7f8184c7

    SHA256

    1333415df29e0a6f6ff95d57fdfc8c94cc5fdc5a8a567c523e14ca71734239aa

    SHA512

    5990908bdf5b8b8f872d455820fd6a67f930f5ba82b3d1b06623e463e73cf0a77777a206b667b57e7d18b9a3d4373930d746d6a1c71542b91fc5c70a3ca069b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a2eed1aa40b3282b44951bf707c18fac

    SHA1

    f964c7750efae2a6d5b575e0c39a6d995e129906

    SHA256

    602ee1aee46eec4c6c33f6a2562f4100cbf331eaa1432f93c4a951153438f501

    SHA512

    45afaad1cd2a44e4dc8ec85b296483dd08442336e62a17a839e96bac3b09e33c1e108ba3bc8ce025d7d931922fa101309d950a05e7296b33f5413ad747f8b41f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    96899bc4e7fde26ebe0bbdba3900b2e7

    SHA1

    3d731502df712b6e0c90fe40efec215bbdb00666

    SHA256

    1f27d3cc2cc41c2f82e89cc57fe283b78a22047babfdee8c9d8dd28863d43e66

    SHA512

    c581d61b4f0fbabb846354536d7f55d77d26f2292747df1d56563c0d3c1379e74b796f5820d94a308d59acdf84b772c5bbae1e410f9e8f90be74352f1f776002

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    dd01901e44dd92b664a353d59d191903

    SHA1

    b6136a4acbd0c8e0423ebcaa64613538ee24e264

    SHA256

    8cd87128aa7d7ab7e7a97ab22a6e59d4b9e05ac18ddebbbc331684ecdd50e6a6

    SHA512

    22c1ffc794ff1d753f5ba4b1d55ce4a69dc336878e57500ac82bcdb2f6c6323029d688f05eb7c86f11a6f0585fefdcc4de244ae4fd709906b56c941897165d9f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab7254.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7257.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit