socgholish | 2f216d6f66da0fdddacad801bb2f9b0323b7f33cabb461c44bafc10e4544cf06 | Triage

Sharing

General

Target

1132172a4aad48246bc27b783f910c87_JaffaCakes118
Size

135KB
Sample

240504-ch7xmaae9x
MD5

1132172a4aad48246bc27b783f910c87
SHA1

bd0d7b820fef7f1a871e90ca5c84e98418164873
SHA256

2f216d6f66da0fdddacad801bb2f9b0323b7f33cabb461c44bafc10e4544cf06
SHA512

048c9c352de50f9b1fd2227e94b813d447e66d278c06e30bdbe6fed21a0c8dc47b5a95c76721d95d6cb150648ac4fc21093521b958a9ad0ee667fa4f49be5399
SSDEEP

1536:nEFwEzFTUfnBQ7qXuhOPMKKj0OgPDPmeNL1iDiuO48n6yt5gK1:E/dUi7qXtPMKKj0OcKu1WGx6yt5gG

Score

10^/10

socgholish downloader

Malware Config

Targets

- Target
  
  1132172a4aad48246bc27b783f910c87_JaffaCakes118
- Size
  
  135KB
- MD5
  
  1132172a4aad48246bc27b783f910c87
- SHA1
  
  bd0d7b820fef7f1a871e90ca5c84e98418164873
- SHA256
  
  2f216d6f66da0fdddacad801bb2f9b0323b7f33cabb461c44bafc10e4544cf06
- SHA512
  
  048c9c352de50f9b1fd2227e94b813d447e66d278c06e30bdbe6fed21a0c8dc47b5a95c76721d95d6cb150648ac4fc21093521b958a9ad0ee667fa4f49be5399
- SSDEEP
  
  1536:nEFwEzFTUfnBQ7qXuhOPMKKj0OgPDPmeNL1iDiuO48n6yt5gK1:E/dUi7qXtPMKKj0OcKu1WGx6yt5gG
Score

10^/10

socgholish downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdownloader

behavioral2