Overview

overview

10

Static

static

1

JaffaCakes...c.html

windows7-x64

10

JaffaCakes...c.html

windows10-2004-x64

8

Analysis

  • max time kernel
    140s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    08-02-2025 17:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_c5ae0fb9513e19d630a5db92b968e34c.html

  • Size

    43KB

  • MD5

    c5ae0fb9513e19d630a5db92b968e34c

  • SHA1

    192560f5884f0d46d23660d26696de4ba7f88d23

  • SHA256

    112eeed01f5576855c0ca6b83ba82df2c249a8b60cdf6beaf62350c10762968f

  • SHA512

    6aadc43ee6e92d508d3e8d2e914351d95613671609c4d2491e8ffe4b54b9e5c31bbe5993ddbd21af50503aee40cb1e411bd40ccbf860d8278cdb8fb13d45d392

  • SSDEEP

    768:ADHUtUKuIMkUn2sjwUK8oUUU0UY2BQQpTU4QkDUqQ2UrQeDUpQkUJQPQU1QAUUQw:AzUtUKuIMkUn2iwUaUUU0UY2BPUuUuUW

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Socgholish family
    socgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_c5ae0fb9513e19d630a5db92b968e34c.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1572
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1572 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3056

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    46fdc59993389c5432629894beb86571

    SHA1

    8c3a26b25dc89311c95872a343c21183b9a853d5

    SHA256

    e0b6661b393c7255fb5af1e4903ca288dca35bd57b292da36c727165566466ab

    SHA512

    4b8c7fde4c58ad6f6f66b4d367a7e3cc58656e7566cb75f75581337d37650bdf566293f1e8f3075fbacdcb20636a0c1c37f3c05bd7f74e7521d457bfd20603b8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee38e69c6ce47392a1f14f94ffa8483b

    SHA1

    bc684b000a569944e5de67d5191c94b3991753f9

    SHA256

    753473c70c73f513e95ecfef9acd46f819f24292345aab8e59d73ae005d9312d

    SHA512

    2081b60a1192c364b80476727e2ba502e82c7d27bbe768323a7095541aca056dd0011b4f2ec8c9b951e75ad68d58b53f2759f201de92f018695c1402372e168d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f236d0c2890af97d211229701c996d22

    SHA1

    6c10bcd8d3c80aaf8d7e27a58c0b44d3506f268e

    SHA256

    efaae265d565f92bafe31a57ab462ebf855084801c34a261c50beac8d99d6050

    SHA512

    3fe41e05263baefef0b96e40876eeaf10fe624e7e2305f0e4993b1df16bca0ec9f81465c363dba905302a4114141863df448cacbdb4da5e2122449e9e30fe30a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24cce878ee67485d7765af55746aada0

    SHA1

    ab282df0494c4b30ede781aaef594d01b5e7bf01

    SHA256

    7e4a8ca02ee8e1dcc4c24ec4cfac0e3906b20cf1cc7f7b0905f1d6c5aeebbaea

    SHA512

    86b521ddda88a5e6488089fe99d93dbcbbcc7929926fff14174605090d0fe5e35920b49843bccdea0778f1e99eeb61b0a5c487914df8c3f807eb38c828bfdbdb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    39dbec3037e1cb9c49b60c2f745e4000

    SHA1

    65bac2daec7e58b49eb2ffecb5d7f027a6638606

    SHA256

    989561892e492fef1b2ceb0badf18842677094cd3b12b5401f8f1c56ca6c7004

    SHA512

    1f2194aeea16ce82404c6f3c1c81bd48adcf5746bbaccd5b02159e60095eb0a6f62256cf95c02367960ddf37744949f914d0c14db50fc3bc88be26c9cfb10ab2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a487e7fca8bb33cd0c278b62d61be71e

    SHA1

    968e2c392285124550f63231fa9ac0a77981dcc6

    SHA256

    2bf6ed08ce823072b005fea5fefa2bebd5b9b8d08bf94090758c88bfe054809f

    SHA512

    437cd2da01f2b730e6102d986ce75a9cb38be2f2df6d04f76e74f0c8a0fd47117d144f72698a2067206b9acafc0c4f3db80c960594671c474a43702d2272ef40

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K0PVW9XR\f[1].txt
    Filesize

    43KB

    MD5

    e3f4ff7ea79e91f010343a26232fb1d2

    SHA1

    0fd1bab13b44dad931d43fe91b601584fe82d56e

    SHA256

    6f1a58bea1c3058deaa8c4f560b0821c050baa5c014b257020656f4b8f275706

    SHA512

    e6b81b5ecc41a20f91ccf3431264c6d1a5a14b4d85ec7ebc7c0a4f0d96d3d02687b1e136e33ca11e73cbbe76d4a7e475a48a931961790c8f194db2ca34ca13dc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD8A4.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD954.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit