socgholish | e1e9ea3c7726f55003117adef22b60fa214ef0a92e82554c0fd64e1c4d17c1ff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09c32a1d06483bd729a5f1b1c227a452_JaffaCakes118
Size

138KB
Sample

240430-pn7j9sgf34
MD5

09c32a1d06483bd729a5f1b1c227a452
SHA1

6a78964c0c431f36c6f63f0f68b1427ad8ef5b68
SHA256

e1e9ea3c7726f55003117adef22b60fa214ef0a92e82554c0fd64e1c4d17c1ff
SHA512

dfa6e38014877d3b430ad84e159282ebe4e6c289fbd1c5c8231565965f01fcd4862b168689d44ccd5aa52a29e3f34309126405aba5b2c2d99cb5fceb0d2e5910
SSDEEP

1536:H9zl9KZxUnw+LRa54hoVfmfoOQd2LOrAAYriyOqKMtnAn:H9x9m2w+FZQILqS2qKMtnAn

Score

10^/10

socgholish downloader

Malware Config

Targets

- Target
  
  09c32a1d06483bd729a5f1b1c227a452_JaffaCakes118
- Size
  
  138KB
- MD5
  
  09c32a1d06483bd729a5f1b1c227a452
- SHA1
  
  6a78964c0c431f36c6f63f0f68b1427ad8ef5b68
- SHA256
  
  e1e9ea3c7726f55003117adef22b60fa214ef0a92e82554c0fd64e1c4d17c1ff
- SHA512
  
  dfa6e38014877d3b430ad84e159282ebe4e6c289fbd1c5c8231565965f01fcd4862b168689d44ccd5aa52a29e3f34309126405aba5b2c2d99cb5fceb0d2e5910
- SSDEEP
  
  1536:H9zl9KZxUnw+LRa54hoVfmfoOQd2LOrAAYriyOqKMtnAn:H9x9m2w+FZQILqS2qKMtnAn
Score

10^/10

socgholish downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdownloader

behavioral2