socgholish | d990fb317f28124c260c21f15532d03a52faf3dc0615921b089c80498d7e6dad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d121f859777d569ac8e75426580fd778JaffaCakes118
Size

72KB
Sample

240907-n7zs4atbpq
MD5

d121f859777d569ac8e75426580fd778
SHA1

71e28228849de19720525b63933fc34831106b4b
SHA256

d990fb317f28124c260c21f15532d03a52faf3dc0615921b089c80498d7e6dad
SHA512

a74c2e16fc78f14ec13569d8a8b9fba832bf435d105757788ba7a8bd9c8ad4d2bbc8cac0759a577d77d7687740a2e6fb2ad80d4baa3fedf2336f20ca6ecfe9ed
SSDEEP

1536:+WVOZOUjf43jprQ+lIrJ26iGFxgxz/jIeILOrEo+Y+ujNT5VSNvb:mOUr439rtIrJ26exz/jIeILOrEoZ+udW

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  d121f859777d569ac8e75426580fd778JaffaCakes118
- Size
  
  72KB
- MD5
  
  d121f859777d569ac8e75426580fd778
- SHA1
  
  71e28228849de19720525b63933fc34831106b4b
- SHA256
  
  d990fb317f28124c260c21f15532d03a52faf3dc0615921b089c80498d7e6dad
- SHA512
  
  a74c2e16fc78f14ec13569d8a8b9fba832bf435d105757788ba7a8bd9c8ad4d2bbc8cac0759a577d77d7687740a2e6fb2ad80d4baa3fedf2336f20ca6ecfe9ed
- SSDEEP
  
  1536:+WVOZOUjf43jprQ+lIrJ26iGFxgxz/jIeILOrEo+Y+ujNT5VSNvb:mOUr439rtIrJ26exz/jIeILOrEoZ+udW
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2