Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

JaffaCakes...5.html

windows7-x64

10

JaffaCakes...5.html

windows10-2004-x64

6

Analysis

  • max time kernel
    132s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    20/03/2025, 11:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JaffaCakes118_82a710afb866f222fb7e4a3de9751005.html

  • Size

    228KB

  • MD5

    82a710afb866f222fb7e4a3de9751005

  • SHA1

    5c438dfb49464236e053167c747a640b79fac246

  • SHA256

    14c7bc4d85d7d57b8e80498f38916ba71f81ab2634ecee8d50ca7e406f8458c5

  • SHA512

    2a7a9ccac0c4c021631c73502540cd28e0a1ded51637ebafc75616e6596516a95e30854f6cdd525df4db8054fb5a40b0dd8e42f4d2f08f5b649cc1d06ffe5d59

  • SSDEEP

    3072:Xnw5lKseu3SWodehecbccSTmwqARwlq11MOnv8sF6OZ7+3Vy+2ZrNSh/MxY+Kj0Y:XnwPKsoXSmW

Score
10/10
socgholishgooglediscoverydownloaderphishing

Malware Config

Signatures

  • Detected google phishing page 1 IoCs
    phishinggoogle
  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

    downloadersocgholish
  • Socgholish family
    socgholish
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_82a710afb866f222fb7e4a3de9751005.html
    1⤵
    • Modifies Internet Explorer Phishing Filter
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1768
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1768 CREDAT:275457 /prefetch:2
      2⤵
      • Detected google phishing page
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1056

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    71KB

    MD5

    83142242e97b8953c386f988aa694e4a

    SHA1

    833ed12fc15b356136dcdd27c61a50f59c5c7d50

    SHA256

    d72761e1a334a754ce8250e3af7ea4bf25301040929fd88cf9e50b4a9197d755

    SHA512

    bb6da177bd16d163f377d9b4c63f6d535804137887684c113cc2f643ceab4f34338c06b5a29213c23d375e95d22ef417eac928822dfb3688ce9e2de9d5242d10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    159ca670cb1dc3b2d0529bca41a8cbfa

    SHA1

    b9e77c3a5c6c0586e362e53c78a0aecc88f6053f

    SHA256

    bfd90d7d1f191bbb75cc750706cec5fd1b978979ab4bed2da485f81de76148b4

    SHA512

    d1e31699406f948e6b8c41ace4d0789857492b5f0767f2686e3eb234dd56135bf958910c8f16c65ca7faa0bff1f1810014400c9c33ea3057788d5abaf3780ac6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    14ab29dedd315b8bf4400d115b52ee19

    SHA1

    e6b95f088c776f32e44e2d009b4c342ceb98a1f2

    SHA256

    66cc0d8eb41b567d84d0ef7a9805e91da65afab0e9f47ec61265f86eaa6680fa

    SHA512

    008a9594c57e0995568884c2f36bb2e2d2cb228c53c33f42a5827898e1ab34471d39875a2322d24ef4566d2c54d0e5840f9f47f76723421ef2378bf3fa45eb91

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a830ab656ef76d3d47014a45a4b65c59

    SHA1

    8dd8a9c8c5de9520004a94fdf1a6e53bed3112cd

    SHA256

    a24e88f4d74319555196f086dbaa626974ddb85a5312413e5cbdec4d8d160956

    SHA512

    aa5e365028b0e6a57cbd87b518b2e96994468734470dbf4995ba69c0d966236b03d59cfb4deedcdb65d1826ef8db5119d4b3bfa8a720e79ee12d5d1e6838b410

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    732721e2ef971d686af201bf76deae90

    SHA1

    d90ed4e5dd7f154c736e2268c8763249b2602d78

    SHA256

    de81bb6b6765e7132a12903d641d45547d8b07cfa7b23363101b1a40851296e7

    SHA512

    0754cbdd51b1b32ebf6be9e04af8ab058bbffbc17f9f4cc151b9fde11476b41896b0ab3c0ff19b97855e15a7a42236cc6f4d430417226a93f87f66b9370bfda3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c3b769754dfb59ddb90a515d2d82bc79

    SHA1

    6a8672b8aa181b42d3e1edeefeb51932b96d8c03

    SHA256

    375ba59312aab29f320db0b159762f07b0b7abc5cfbad92f6dc21d9eebc9d959

    SHA512

    5cddeafa54310dba4e9b5c730a0a93536b58ab6fbfbfdf6ac78a2c62cbe0e151143778a8af8d0e26b6b92e5f54bb1177ba43e4be2fbb33d996523dba974fd925

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6cc0ee86c63ec3124a441858aa044f77

    SHA1

    645d49bce45223456bd187f999814ad45405b199

    SHA256

    038b008b9ec3e2a19f6fe2ca5e12c45552f1d18caf996f0db9e9924926658bbc

    SHA512

    810b5d4c12bbab35a403596ae532e644164cb86191b082802e50e2a7a82cc7bff3fc997a5e98393caa1e4f57938712d84bb44b550a1cf76a6c07624d01c3c8a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fded0e81abff81ebba9a0f1a429d7d02

    SHA1

    70b80a2c2fb490e5257454e15dfb876053d2b368

    SHA256

    3a39b423ba692888f50f12d72e10dfedde5ceac600aec09fe72f55a9522ae522

    SHA512

    5ab195186b3e5a5e033a9c3423ce4624c5c31a7f168111d3fa989c9127038f90738bd4403a2a8181345096e02e4b176338abfd8d3906242675af5f92ad928942

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    351b600e903fe56dc53608aedcebce1d

    SHA1

    6c9a879753244b6dbeba1df347fd669f60b4fcb9

    SHA256

    fdbec40182b52cff534c4090d24dbcbda68f7323f337345960d3c23353a3f103

    SHA512

    0c57ede60ef24c3e0336fc37a7a7d8a4834c1bfdd572b4fc777f31b630701a0fcc120b9081bda5099fcd9ae1bceffc3435106ceed225b94617f02a76fec5ab84

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d73f43ffaab4c1b304bd1176df217a61

    SHA1

    4f1147bcd0614f58549dc8d89ea423bc2720dbb1

    SHA256

    05a51fb822777c1fcc493b7804ae4d3541cd1aec3aa1be7ffbfe74c1a2113ecd

    SHA512

    ba65fbaaaa231cc1c2c05d78bd0430041a67f9582dfe2a2661b943880684f0f06fbf6caafb7a967eb986f64205dee33f19efe66b5799e3aec82d71c1e700bae5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7712007249d092089c5ae57a0ab29870

    SHA1

    2c2af7733681973f3baa97e26c4e96e4ef2ce90e

    SHA256

    489803cd0149d19f41a33b3f496c5a04c0014a20270779a033a9da82e37f7c32

    SHA512

    c9091106baf107c0b3e4e359d4038ffebd2ebc24c64ac98b5b3896d87cab08ada6fe03ba4eadd2ef6ffaa4f82d35eb0a0a45ad2f0015e26efe6cf3b195d849b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f55b988acc74ddea7346222eae1f69f4

    SHA1

    b49fbf171188df8c34d050f844c0c6e52e73a3d7

    SHA256

    a3a7773ec4d60d2bb3c7a8a50c62504557358a664502946c5b71a0fffb02eac2

    SHA512

    93d84abe8d59e867bb3319124d78cdf730349eed19b12ddf4d9982846bc8c49a13b74c912a8ac5a58850a4a7e70e49b94f009e9ac8e31b4b9bd3988f0218be9c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2fc4b027b2842d7c90a3977a759fbbdc

    SHA1

    baa5c0f11f6fe9998d76c5c28e3dc5545a1058b4

    SHA256

    fd2f98b108e7cabc1ae18ec65dd68c0fe7a4690833312d27a18853a4fd1aa777

    SHA512

    4f5155c427330a47df9b7115f1bbbe43caad6660c13651b6b2b8599b5a9e3a439a7d0104a0e2654d0a2623af767045e13e17d99188be8f44c3dcd2f94d92d9d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    7d1342d5623339878e39d3f8a2afd038

    SHA1

    a264f486d7696003353e12088fb858cf06a5d593

    SHA256

    a21e8432fe561606809edc9ba1d8fb8ccf00afca2c8977cbc0207a361178794b

    SHA512

    d94bc5d13850bcfdfe8c67ffef74c56ae6b866bafe6df489875b280fb09f14f69d5286103329e0c94ece528013a87579f918addda36e27b83d678aa33ca57611

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7CNUR30T\3259361050-postmessagerelay[1].js
    Filesize

    10KB

    MD5

    2201b9a3252d88939c55317e87491175

    SHA1

    3fa8e7f6a0708a4a2aabe2c324797656fa3166ba

    SHA256

    309e7f41bd4db097cc0d37495c30b9049192b8661e3380a1fceada8611dec809

    SHA512

    a082adba0770e7b85bcadf920ce744eac564a1a0e03ac75b835810e00bd8c97dc1ee8aa5575c2002b31e20cf2c68afef6b739025637e934dc7fdd5801de05876

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M4TQDAHL\cb=gapi[1].js
    Filesize

    58KB

    MD5

    567a30a95c33b85e13fa85ef6e36afbb

    SHA1

    52c833aa4d05d9c4ca62f358a9bdac81d05e68a8

    SHA256

    5598aa73edbfcd4c9e0caecbd8d8b7860f800821b581ff0e7010b11fdf660e07

    SHA512

    da4e758bbab75c38bd60bfbb95f01b1058f533d11ddb0a9f31c724ec7d365b86e22b6a69a377e12e03c905c9813e7c97695533a9823d6f44cf606866dbce492a

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M4TQDAHL\dam[1].js
    Filesize

    150B

    MD5

    18a5ebbb9b9da1cff4de40fb1385d301

    SHA1

    f62e73aa5f9fb3a8c7c27230c98f8060ff4698f3

    SHA256

    693ffde224523a247b0d2290b8bfd7c8f35a41ed317bdc80c5ac1c26baf6ead1

    SHA512

    01f370dba0ad9a3e7eb81aaa326d6f63051f221799d3cc8672f60f587edb3b9eb265a79672b9e62b524aa8051307c892b09f5d8e13d2c5913b70e223c9c433cb

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M4TQDAHL\rpc_shindig_random[1].js
    Filesize

    14KB

    MD5

    a9ae47b839cbeffe4b23711e64135db0

    SHA1

    e3ddb76450192d05f04b1c3f3b47697caba4afaa

    SHA256

    bb283683fa10d1c6448ea3d73e2986ea9e76b63e6cb858f659f3200ff69e5e4e

    SHA512

    a29afb9ecd4f9a57cd4b890a38c5c0d534670765dc76f37d09c7e5edfabb7abe39bf946ace8ce7950033120e30c1143bf7aaa2107aa5cbbb33e62a4bd120519e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabF49D.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarF4BF.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarFA02.tmp
    Filesize

    183KB

    MD5

    109cab5505f5e065b63d01361467a83b

    SHA1

    4ed78955b9272a9ed689b51bf2bf4a86a25e53fc

    SHA256

    ea6b7f51e85835c09259d9475a7d246c3e764ad67c449673f9dc97172c351673

    SHA512

    753a6da5d6889dd52f40208e37f2b8c185805ef81148682b269fff5aa84a46d710fe0ebfe05bce625da2e801e1c26745998a41266fa36bf47bc088a224d730cc

    Download Submit