Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

JaffaCakes...1.html

windows7-x64

10

JaffaCakes...1.html

windows10-2004-x64

6

Analysis

  • max time kernel
    147s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    10/03/2025, 01:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_5c6aef976966ec374e8b74c410befba1.html

  • Size

    225KB

  • MD5

    5c6aef976966ec374e8b74c410befba1

  • SHA1

    0ce74892fb0eec08f6e2b94408b96d1825fb27c1

  • SHA256

    009d5916fb38c565aa2668ceb35d6f2e8c2abd6c0de3abf11564ab21a29f90b9

  • SHA512

    cda10d8b183287297e7b628a3212f2a9a25ded570e52e607c39cbd04d676578d879447e9a988a9334dc735b9709935fd18d28d95ce17e85668d2a9e7c291ac35

  • SSDEEP

    3072:Xnw5lKseu3SiodSh5AWcC8mwqARwlq11MOnv8sF6OZ7+3Vy+2ZrNSh/MxY+Kj0Md:XnwPKsbA5SCK

Score
10/10
socgholishgooglediscoverydownloaderphishing

Malware Config

Signatures

  • Detected google phishing page 1 IoCs
    phishinggoogle
  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Socgholish family
    socgholish
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_5c6aef976966ec374e8b74c410befba1.html
    1⤵
    • Modifies Internet Explorer Phishing Filter
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1860
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1860 CREDAT:275457 /prefetch:2
      2⤵
      • Detected google phishing page
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2264

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    71KB

    MD5

    83142242e97b8953c386f988aa694e4a

    SHA1

    833ed12fc15b356136dcdd27c61a50f59c5c7d50

    SHA256

    d72761e1a334a754ce8250e3af7ea4bf25301040929fd88cf9e50b4a9197d755

    SHA512

    bb6da177bd16d163f377d9b4c63f6d535804137887684c113cc2f643ceab4f34338c06b5a29213c23d375e95d22ef417eac928822dfb3688ce9e2de9d5242d10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    5757df014134f50bfd3ad633a4eb2ad3

    SHA1

    d52843374bf9fb22b39c6a488fda6ec6f8d941d4

    SHA256

    8cee329992cb19bf5e5f992a1b2faf3a2fa31244a7bb145a4b1a53b69c668cf2

    SHA512

    ee9723210f4916ede0332ac7e772ba2242c322e0b2774ba9f52eedb109e9d5e1ebea3e28c5af7f180d5e316df4c59e42205a5cad508067b137b4b4e5fc032136

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c89173fbb922c192216d30c091bf1422

    SHA1

    a0f7170a37a9f5bbf8c413bceaaa0a887f07d3e6

    SHA256

    9bd283a45422735c3dfceac8d347ddd0fd82d918237cbca1c44146b7a1faef20

    SHA512

    d629104b5775d3d552e029b1534a64f12b806a3dd3835648ac680ed8fbb3a9ed4399cafd213bc51bd502ac7b501c4e2fa34231f23ef94c361d0d73f3ac4fff86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eb7bd21fa4f702471fc32ef208d115ea

    SHA1

    f63fc52305c0db3b0d1c0b008a2c9289c0265b92

    SHA256

    425b759f04bb3bf890581538cb8e4c3ef0875eabece4bf277b44a348b9b35e8f

    SHA512

    0f762676c3ad049366aa9d848710c5bf4d6841cb966711e421f85c23690fd8e33b63792c65dbbcb41a0e22fc5b2009b1ffb63d42800db773b9a52c93c06e6ade

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    74523128446af18330e9ba8f7ef9d370

    SHA1

    80fea7ebfd9f16559ac99ffa887049c973b14ae3

    SHA256

    b5ef241804554281374fc2f7c3c6899540623f9e48805000b896a84dc8196e84

    SHA512

    fa0fd531bb3b9f78536e0cfd6c08c29ac238efe0e93f71528af88b79838628dd536c8675c83609cec5b12e0aa30f3d011cb27e2920cee11c59eef0beedf6b5d8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a97a50f62d025ea7fa0cac3d505064e5

    SHA1

    736b38fa8b1514c791e275b82dd9ed2fe106cb61

    SHA256

    e19a74586a7bc30c5b730063dbd07bcba5f21f23b550c43e42af699b882a4c02

    SHA512

    1a24ae05cd580c9e00c401ba3c696e8ac892d4aed03e5d71b1437cfc7f7fa22c993085afc3c1669cf215c2a91ea3619c7e8d03778cd86e632e84dad17149167a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e4496eda8d6f8c0ca07ca61a650c9b17

    SHA1

    a50aa48973130a70cb43851b8dbfdf8f1d4408dd

    SHA256

    ee99309ac1cc21e9dfea0885c5aa9b4e8a48b2fadb81bb95cd2d9f68557d99aa

    SHA512

    2cecb928bd9f2be5ff9368ef9167b2b602bcd2ab5df25c442e90251e1272bf9662463c751f40c43b8bb733b5c83764823fd7bac06f3f4f48ad1f5f2e6783f9fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ba0b39d820d47920398b4141ffe06c2d

    SHA1

    e3a4cc68b285fb78c2e081ce145b1f2ebbaf0c2f

    SHA256

    a1035b7d4e89827c0e9292b9fa9b78e572eb9a7b1724933a5be565b562544757

    SHA512

    f33a24802d8676082acb7aa2cfdf0a9556bd7a3143e46a91cc6417ad1dbfd7b9521f02ad45dafa2301194da7c8675701b7c34191a49e320122477a0895795ed0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8ab8c00eacfeed92b2e6cb8d4d77d8db

    SHA1

    04a5088fea2eb1a4a7342503f3070ab211f205ea

    SHA256

    f4a128d713cc244e087c2c2ef696d4a362b2dc5b91cbfe00659a530c2e73b19c

    SHA512

    5d63c54adb731c5014c3d6d5bae48ca2618d1f6feee2928b8c5ddc4bd5234623246f7859d993933f9261e89d691e26bc692a8bd86917045e1e0a09a3d5fa71d3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    83cb4de9f7d733430adf62fe9380f5a8

    SHA1

    af9fc484c6a70effc9832610ff43a9fc70d50a25

    SHA256

    403429d0def5e52729ecbd26adcf80f8c6edb13e41823cfec365f8baad739f2b

    SHA512

    80205476ed473ffbc9e6c47f41f361fd7c1e968467f1f06c0b7d652c1c4e957ecf752cf30273e163bfae3fdb2d2efe03ae1eac34662d831acc9aa0e98172bf4f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dc3fb2fc17f03829f8d6eb0b7f49fe16

    SHA1

    c345babf09446cf842aa38b424cd04f0d3bfd239

    SHA256

    7dc443505648079e22ff57f522cb91c85eaac70949b2c083f67c5cbf610ce546

    SHA512

    1a1017d3f872686cea5746717d24cfbb4549e2bfd81da16bf33fb4f9929a156bf14b6e19e1551a7e67d436c396e0b1361e0b2116543c7ad4ff88c5afca379f8d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    db09c17ce1100eb98660a3a63c83200c

    SHA1

    0e51e764ddd1c803f5e3cc09591fd2ebecaf4963

    SHA256

    ae028c88fae6ea0d8eee11e8afcb371b617657f00affa7269eaad00c0eeb399c

    SHA512

    4ddfd99845f4927d042000454e269f7d0185860616ff75fea2752e48c54cc8397a982b3291f8315f0d0f273bb2b61f642d03d8b6c1ac8a55a5fdfdb6f66b9c38

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    ca67842b38e59a6567e58662b5fff488

    SHA1

    f70fde57a507c74522a0109fc865d69ec7e814f0

    SHA256

    a976118bc468f023401a0560b8800d3110cceb0961e8d169e8a1bae748430d25

    SHA512

    a4af2f73032b19ebced129d0d4b3e8445d6fa500a75bfe351a80adbf7172372289da74bae67036e44b78c199c54fcb03b8676af31f15600acf146f311990bbf9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1LNUKNV0\3987138876-postmessagerelay[1].js
    Filesize

    10KB

    MD5

    ec8b302065565466dbf8af95165a491c

    SHA1

    3573398ae291f8e3904227c6cea99b61988b22b9

    SHA256

    fb0994f96c5d8c60b6f8a3c1adb0ff7bb07f4250db121bda3c397fd02f614682

    SHA512

    1164205d9767509f928e0c205c7a6b2cf52eb407ce0a1a0c1b62f3d586b8bfe073047f008d04ee8d6258f76953068a5bb159584a9abc2c6eb0295a693df6a9e4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8452S9S3\cb=gapi[4].js
    Filesize

    58KB

    MD5

    2073e164f36fe71026c0efb49400e354

    SHA1

    a9ecb2d6654e2eb3b54c874de506461f92ec21b1

    SHA256

    444431685839e07706af385503418594c7da6bd417d6a80ce4095c07ac1a2dda

    SHA512

    4be3ef84d44fb0c2173b20476ae08494cad14738470eaeb01ba15119acafdae766c6e07b2caa445cfb5e2d3251cb19188f8bb5cea94384e042fc4e420c068f9c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IAE3FJ0M\dam[1].js
    Filesize

    150B

    MD5

    18a5ebbb9b9da1cff4de40fb1385d301

    SHA1

    f62e73aa5f9fb3a8c7c27230c98f8060ff4698f3

    SHA256

    693ffde224523a247b0d2290b8bfd7c8f35a41ed317bdc80c5ac1c26baf6ead1

    SHA512

    01f370dba0ad9a3e7eb81aaa326d6f63051f221799d3cc8672f60f587edb3b9eb265a79672b9e62b524aa8051307c892b09f5d8e13d2c5913b70e223c9c433cb

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IAE3FJ0M\rpc_shindig_random[1].js
    Filesize

    14KB

    MD5

    a9ae47b839cbeffe4b23711e64135db0

    SHA1

    e3ddb76450192d05f04b1c3f3b47697caba4afaa

    SHA256

    bb283683fa10d1c6448ea3d73e2986ea9e76b63e6cb858f659f3200ff69e5e4e

    SHA512

    a29afb9ecd4f9a57cd4b890a38c5c0d534670765dc76f37d09c7e5edfabb7abe39bf946ace8ce7950033120e30c1143bf7aaa2107aa5cbbb33e62a4bd120519e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD664.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD665.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD746.tmp
    Filesize

    183KB

    MD5

    109cab5505f5e065b63d01361467a83b

    SHA1

    4ed78955b9272a9ed689b51bf2bf4a86a25e53fc

    SHA256

    ea6b7f51e85835c09259d9475a7d246c3e764ad67c449673f9dc97172c351673

    SHA512

    753a6da5d6889dd52f40208e37f2b8c185805ef81148682b269fff5aa84a46d710fe0ebfe05bce625da2e801e1c26745998a41266fa36bf47bc088a224d730cc

    Download Submit