Overview

overview

10

Static

static

4

JaffaCakes...b.html

windows7-x64

10

JaffaCakes...b.html

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20250207-en
  • resource tags

    arch:x64arch:x86image:win7-20250207-enlocale:en-usos:windows7-x64system
  • submitted
    08-02-2025 16:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_c50af4c866dd1f4a240015607e313a3b.html

  • Size

    130KB

  • MD5

    c50af4c866dd1f4a240015607e313a3b

  • SHA1

    326b4326dfb5497d061fbc6fb9240cef09cd659e

  • SHA256

    f3176a7423118f1ae523f65d875291739d631b74530e2d75d143388c8378239a

  • SHA512

    3575f141226e576b29134cf5ec11fea5726b3e24039b5b1cefe5c4b114bb5eda6ca48872f849037c439ff581a3e4b3fe72ffbf54904ac52dafd2cf99ba23fcf6

  • SSDEEP

    768:2vk1ATx+Bw24Tp7VsiKAidNCiZW0HI8JjoE5Jcsm09XWhCFAfDv1p4ODMtFA6cVj:2RHsiKIiZdIXE5F4ZDMtFbcDOatOPg

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Socgholish family
    socgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_c50af4c866dd1f4a240015607e313a3b.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2904
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2904 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2832

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    401ec8579175b1bfa54de8b5c2219ea8

    SHA1

    1a5f1ad52f085d4f671e7f8ef612338cf316d90b

    SHA256

    6768e8b0ea911ea2fd674490e0e695a81969f4a9503dda85b42cc3cbe52ee676

    SHA512

    b9093cd348813f4a213cb44fd6dc10bfd421a4abbdfd3583c88d065dfdb73f0c454a75f61df88e8e1d6a4c6035b99e5535cef8cfbdeaa14f59ad4012ce127f0b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4103bfa7a284af588a69c815109d65ba

    SHA1

    f084cc2abd875401a7707db7b6e5bf4a03fc1d7d

    SHA256

    976eb4250f60e50d15924b52ea26fc7afd3cabe29f4adac50e36b0e1d1ba1c9c

    SHA512

    315b2db853ff611b7d0b20376a7c5350151db54628a871b5d871c076a450b493600f90e1990998e3512c4daa6fb27245a5e9bd75206fa566e1cbc53c196f80cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    95402b49e57e182c7de34a6c5982cbd4

    SHA1

    825796a612dfd787f00b9714e4d0d8766d6b4a3d

    SHA256

    c602ef8c560d612785903c61a5acf2fee7764b47961de88e34cfe2f51db0d18a

    SHA512

    3133c4ff0bf28e51d39f3cc208bb75d040305d7ce1a44dfa4ce55c3cfbac062d90b02e1951a4961af9428abf042f5372603bf40ea08088a3d942806d426b5b05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    547ca91f2a95f1d7f0647c9c7c413d54

    SHA1

    8f60b5c872a129809e4d3f99ca853c3bc5fe266b

    SHA256

    ea35752a2aff99ce064f77670004c4183c6585123a9632e5125564f122b653df

    SHA512

    d984b14a44900143edd745d8215178cac77bf9e2740fcb56614a5c8d398fc1b47a0a86716c7b6e6f0408912063b38ff4b42a0a1c41ebaf74fde43ff5b36ae7f2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1edfc8a23fc90e3127c2a7997fe23c6d

    SHA1

    83de8bc342a3b6bf89d43e4d30c58eb1789845d7

    SHA256

    f88e4bc11cbcb605bc260a0969cd220f276e719da2047fa013b82a4e01c62daf

    SHA512

    c88879e8fb01bf643a95a35a06db1b7af35819acc41e0b303738d8dd0853b8191ef78c39292153aefe6fc4977642eeb44bd3ac4157b364f81b96bc8aac7bee4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    268e3fc1ff0a0c9a83050851d312351f

    SHA1

    69804775ea157bc4512db6aa220c5a7005a65cff

    SHA256

    993d6af0a6fe03aee1658102df322409b9835e692da575952e8f8faa9aa1640e

    SHA512

    d898c1d181cb2cf35c50fd16354511697a6598fb6f937c4779721ed31bce0a3dc78be86714d1dc2f46d7e77cd048965dfa78ca3953577fb4e5c81d8f5853db42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    02ef32b9e7ae5c10dc2efec25ecf7490

    SHA1

    22ef013135e18828db14b53e2a55dc696ef7af4f

    SHA256

    1092385d243d62030ce1e91cbca93746d213d103041f310f4050323b3aaea1f1

    SHA512

    02e6b1aef3293a2a4bb8c86a62c32a9e70b171fc69968b7d77a343b0f5e39799a3d60b66d8bbfbd2531ef37f1bbb0e487564c94fc598854f6b9a04c3eed7d02a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDC5C.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE248.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit