socgholish | c452bf06059e431dee891cc0679b518fe44750e8f1f2b9ed184e8b25ec4e224c | Triage

Sharing

General

Target

ac541c1ddfcefdeddebedf5e5e8532b7_JaffaCakes118
Size

75KB
Sample

240615-bcd7paxclk
MD5

ac541c1ddfcefdeddebedf5e5e8532b7
SHA1

b287b228c279da2203adbc81e69007186f214217
SHA256

c452bf06059e431dee891cc0679b518fe44750e8f1f2b9ed184e8b25ec4e224c
SHA512

1ee2ed134a4a525dddedcb6b4ae9812f5e8e9db258be6472c194072a1dcc2e58e6c1f6e929b9ac69bb6eec41e11eef75c59ed538461bb5d1172a1a731b35780d
SSDEEP

1536:/cwONnAPASOAkXjVuRAkeIcsAluCH61CAk61YEgozKpLcPnnD00vkHeEexSi0C89:kwaAPAlAkXmAkOvlU1CAkWpzKpLgnnDK

Score

10^/10

socgholish downloader

Malware Config

Targets

- Target
  
  ac541c1ddfcefdeddebedf5e5e8532b7_JaffaCakes118
- Size
  
  75KB
- MD5
  
  ac541c1ddfcefdeddebedf5e5e8532b7
- SHA1
  
  b287b228c279da2203adbc81e69007186f214217
- SHA256
  
  c452bf06059e431dee891cc0679b518fe44750e8f1f2b9ed184e8b25ec4e224c
- SHA512
  
  1ee2ed134a4a525dddedcb6b4ae9812f5e8e9db258be6472c194072a1dcc2e58e6c1f6e929b9ac69bb6eec41e11eef75c59ed538461bb5d1172a1a731b35780d
- SSDEEP
  
  1536:/cwONnAPASOAkXjVuRAkeIcsAluCH61CAk61YEgozKpLcPnnD00vkHeEexSi0C89:kwaAPAlAkXmAkOvlU1CAkWpzKpLgnnDK
Score

10^/10

socgholish downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdownloader

behavioral2