Overview

overview

10

Static

static

1

JaffaCakes...a.html

windows7-x64

10

JaffaCakes...a.html

windows10-2004-x64

8

Analysis

  • max time kernel
    121s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20250207-en
  • resource tags

    arch:x64arch:x86image:win7-20250207-enlocale:en-usos:windows7-x64system
  • submitted
    09-02-2025 12:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_cf41f5f5bbb5526a8bb0a8dfd7e525ba.html

  • Size

    129KB

  • MD5

    cf41f5f5bbb5526a8bb0a8dfd7e525ba

  • SHA1

    f16cea2fecb48dcb27d337b88b16934a7fd0dabd

  • SHA256

    0df5d1ec52a2f9ab56434e07a9322e8021c6c8bcdf5968581a93924a947cbed7

  • SHA512

    75ea21d6b393f9cdb65c83efad09bde00b2fab5300be48e530026a83f3d098d18cf4e62e9e2d0bf96c641233d03050b4ea122ef3813b3e00115a2a26d1db7b90

  • SSDEEP

    768:bPCJEXyCdEE6Sl0saC2OaH9wufDnDD9BVZfkHHjKEklnpfF7wsG+w+iyV:bKJECCdEE4CkLnDD9BVZfkjqf5w4w+i4

Score
10/10
socgholishdiscoverydownloader

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Socgholish family
    socgholish
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_cf41f5f5bbb5526a8bb0a8dfd7e525ba.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1388
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1388 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2640

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    872de610d273322098ea4aacffa38a4c

    SHA1

    46c94fafdab99e6399d204681cb0a8e86f4c12e5

    SHA256

    0798dc6f8ec932787300a1685bc02cd2d0c379154284103db9df3f53f0b6825f

    SHA512

    cf7c892cf6b916f52a61143055148a0adc1a2dc3d0d37de99ea051eea4cc966238d09c0bfa32ce0d0f1f70e20fa18ee1fc5cc746ddb1d3ae7c974525aab5d0e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eca992e5371faf723ddc1e5c6d773859

    SHA1

    aa29c8cbb784cd3f90d366ac089ee3e8b096dfec

    SHA256

    49f450d452e6d54f20fb62108cdcbdaac556cb98fa13150862752a525afcfe7a

    SHA512

    88cbd77be437c3786adeb31a5b9e9be4c98bee6d701398ce3b11a8d8da8c4da32a78540ef5e75241ea410566f8c160fa2105733ebcfd2d851fc6322f209ffc28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f98cb001c20c1a475dd17ab37eeb7293

    SHA1

    49097683b73ffb06d054ef66f4b68502f0c0f80a

    SHA256

    6ecad797163fd57dccb4f0c68b22de1188344557d46b14306cd69f72ed3d8add

    SHA512

    43b6774ec79a13b6082a1fccee57094239da2253a48aecf6e0d21ac30545a4d00f6dabdfc55db5cc03506c4ba2816d85667018eb50513545712f21a417c169ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b8a52aced772543d3c4db2969cf0b250

    SHA1

    63618310a3edc92d723bd722a72878b190946ed1

    SHA256

    4a17970389861dbfc004d77d677eebd4e821f6ea81dc0aac9433fcf529c30043

    SHA512

    47acf401d9aeaada1b38f2050083117d623d341e34e12688d0f7ca586f3890ee00138310af143a5ecd2d1b3cfda4dc90c9c334cbd85b861d81c5b82b66172db4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    23c6ead932bbafa6456617c0abf70ecd

    SHA1

    da592dc1cecb67a2e78875a2b2925bc7ae08557d

    SHA256

    fe2111605def9e4f258548c71d1926120bc1279be2106bf8677aca4ac34b12aa

    SHA512

    d0f5171a17eada5e44142ba1d7a3b3b95453b8ddcee598d3889928df020b04b4afcf11d503a53266857076e5818a51222e3edda63b03dcc372a433a566bb8fd4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c91c46d2b41a3f3676ae4a57c7d375c6

    SHA1

    5a5413b5f06279695fe5014e10afe68bd7166b5d

    SHA256

    2f67e698adbbf3d5d1c9adf6919a66ad71981cc876347026275b547d0b6dc4e8

    SHA512

    2a7a743b780b5461f87e23847d4eb8bc75331f3ea559a916265bc963fd38e06175164c97e8525f34bea191ca056600648e300044212e433be34fcc1dedae1d5e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    817ac40d75faac02ea1f85604f47514b

    SHA1

    8697833375fad4e0783eb39fdee30af8c8e81ecc

    SHA256

    06b6aab4528e0a167ccd16f1e5a66be9f3ba015f7a211bb00b68f142b9166679

    SHA512

    056493be6512bfdc3f3705b81734ffa6c4bebe591961bb6bc9f4c6c5cc0802dc8e1d9f2bf21e5cb1bf0cdf144b939faa22d22c7129128096de228e27347ed182

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FN7UQQ6Z\f[1].txt
    Filesize

    43KB

    MD5

    262fad08e7c92d7089ae608a49ff952d

    SHA1

    40a5cffc9fe8f4978e001ff5df004f2609bd3d29

    SHA256

    dcbfe574aa94418c28c85845d4e1de3affb437340a4b5109a78a3cf74dec7983

    SHA512

    a2e354337393a00c57f6d9f83a2bb08cb49540da4951eff47d7b334a8e1f64f79e51903817787277981d48c2c386e39bd9dea19345603312ce72a97643e168c5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF356.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF7FB.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit