socgholish | 3f500071eb08c4803d68a046f934a07c24d68132da11ec28a270d05799c089cc | Triage

Sharing

General

Target

30f202f0f314b6973835e6da65849257_JaffaCakes118
Size

107KB
Sample

241010-vetjya1gll
MD5

30f202f0f314b6973835e6da65849257
SHA1

9f5c5a5904c6639c179f7ff75c4e9032553e7f80
SHA256

3f500071eb08c4803d68a046f934a07c24d68132da11ec28a270d05799c089cc
SHA512

f075696c2e2b078748009eeb6351cc26e8fecda8ed48b9b9572f6aa952261281ce0f3684c4c1779c923899970e0f1c100e1a286760e1f977d513cf830446c21e
SSDEEP

3072:T7JwTK9pYO6ttjaAgqNT791pTjB4tkt9dy:HJwTK9pYbRdW

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  30f202f0f314b6973835e6da65849257_JaffaCakes118
- Size
  
  107KB
- MD5
  
  30f202f0f314b6973835e6da65849257
- SHA1
  
  9f5c5a5904c6639c179f7ff75c4e9032553e7f80
- SHA256
  
  3f500071eb08c4803d68a046f934a07c24d68132da11ec28a270d05799c089cc
- SHA512
  
  f075696c2e2b078748009eeb6351cc26e8fecda8ed48b9b9572f6aa952261281ce0f3684c4c1779c923899970e0f1c100e1a286760e1f977d513cf830446c21e
- SSDEEP
  
  3072:T7JwTK9pYO6ttjaAgqNT791pTjB4tkt9dy:HJwTK9pYbRdW
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2