socgholish | b2d87412cfb6b01c3fa6975f3af2f34b1b394e6c421d41f1fe49d93784ee37db | Triage

Sharing

General

Target

1cb08877829dea6bb6643d0381a67290_JaffaCakes118
Size

130KB
Sample

241007-lev84asalb
MD5

1cb08877829dea6bb6643d0381a67290
SHA1

8af1b6090e3ce41fa91bc57530c484effb6cac18
SHA256

b2d87412cfb6b01c3fa6975f3af2f34b1b394e6c421d41f1fe49d93784ee37db
SHA512

364053ad7bb0284f5462e9eed8134db991632acdc76af8afdae2d94a7e875ad9b9d8ae6957ba816fadaeadbf5a97b786b4b70ce8cab0dd039dd6127fd83fe025
SSDEEP

1536:sCmYxk89NMmu8u680Okh8Sb8rB8uQ8rB8rmeF4wF/SFbEwdQYimwDUUaj5IrElB:sCZR9NMwtaj5eElB

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  1cb08877829dea6bb6643d0381a67290_JaffaCakes118
- Size
  
  130KB
- MD5
  
  1cb08877829dea6bb6643d0381a67290
- SHA1
  
  8af1b6090e3ce41fa91bc57530c484effb6cac18
- SHA256
  
  b2d87412cfb6b01c3fa6975f3af2f34b1b394e6c421d41f1fe49d93784ee37db
- SHA512
  
  364053ad7bb0284f5462e9eed8134db991632acdc76af8afdae2d94a7e875ad9b9d8ae6957ba816fadaeadbf5a97b786b4b70ce8cab0dd039dd6127fd83fe025
- SSDEEP
  
  1536:sCmYxk89NMmu8u680Okh8Sb8rB8uQ8rB8rmeF4wF/SFbEwdQYimwDUUaj5IrElB:sCZR9NMwtaj5eElB
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2