socgholish | 20a7afbe77a51be32b2fb7afbc3cb5b98934d69546ac2e4184115f10c141c4a0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0976edd0549e3126d8a1b2e1889b349f_JaffaCakes118
Size

129KB
Sample

240430-kmp7dage32
MD5

0976edd0549e3126d8a1b2e1889b349f
SHA1

cdb01e38f7fbdf79a75651d65d5fc3da5cefbb08
SHA256

20a7afbe77a51be32b2fb7afbc3cb5b98934d69546ac2e4184115f10c141c4a0
SHA512

e679dafe6cfac3b37847be5c286a9008af40ad7daef11c8d3dfa8b4062626709fab97865762c4dc7507476dbf0a4f983fe1da2f6d3cb2ac801cec1d7ab89d977
SSDEEP

1536:+EFwEzGTBznBQ7qTaNWeGOpPD+jeNtEL1iDznZH5df1:X/ABW7quWeGOJOQK1WzZH5dt

Score

10^/10

socgholish downloader

Malware Config

Targets

- Target
  
  0976edd0549e3126d8a1b2e1889b349f_JaffaCakes118
- Size
  
  129KB
- MD5
  
  0976edd0549e3126d8a1b2e1889b349f
- SHA1
  
  cdb01e38f7fbdf79a75651d65d5fc3da5cefbb08
- SHA256
  
  20a7afbe77a51be32b2fb7afbc3cb5b98934d69546ac2e4184115f10c141c4a0
- SHA512
  
  e679dafe6cfac3b37847be5c286a9008af40ad7daef11c8d3dfa8b4062626709fab97865762c4dc7507476dbf0a4f983fe1da2f6d3cb2ac801cec1d7ab89d977
- SSDEEP
  
  1536:+EFwEzGTBznBQ7qTaNWeGOpPD+jeNtEL1iDznZH5df1:X/ABW7quWeGOJOQK1WzZH5dt
Score

10^/10

socgholish downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdownloader

behavioral2