socgholish | 410c1b917cc64fe76c75e6c9d702086aeb6d4743eb23b95ec97e11063cd2dc1d | Triage

Sharing

General

Target

40b16f6a8016b47cd45309ed687ce573_JaffaCakes118
Size

65KB
Sample

241013-s5yv8stgmg
MD5

40b16f6a8016b47cd45309ed687ce573
SHA1

0df519ab3b3475eab22c02c324ffda8abab43470
SHA256

410c1b917cc64fe76c75e6c9d702086aeb6d4743eb23b95ec97e11063cd2dc1d
SHA512

991f4835880480e633f9d9c66c2b0577c8490c366cf1351043b8bff66a10de2936dd57334d423ae25b6a80c5e93b48cb4cc9e2e6832ecf2d14b81604f8d3bb01
SSDEEP

1536:AOz7rELWxykcHmNyWt+huN1FAEiVYlmJg6R4mNV24fOQgNVeJtocBzZan7EtKnzA:AGrELWkkcGNyWt+huN1W+ka1UY+gNVeT

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  40b16f6a8016b47cd45309ed687ce573_JaffaCakes118
- Size
  
  65KB
- MD5
  
  40b16f6a8016b47cd45309ed687ce573
- SHA1
  
  0df519ab3b3475eab22c02c324ffda8abab43470
- SHA256
  
  410c1b917cc64fe76c75e6c9d702086aeb6d4743eb23b95ec97e11063cd2dc1d
- SHA512
  
  991f4835880480e633f9d9c66c2b0577c8490c366cf1351043b8bff66a10de2936dd57334d423ae25b6a80c5e93b48cb4cc9e2e6832ecf2d14b81604f8d3bb01
- SSDEEP
  
  1536:AOz7rELWxykcHmNyWt+huN1FAEiVYlmJg6R4mNV24fOQgNVeJtocBzZan7EtKnzA:AGrELWkkcGNyWt+huN1W+ka1UY+gNVeT
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2