socgholish | bb8444e0d0484869bb10c6289ee08b1e5660f0391586c9db70746e409084db9f | Triage

Sharing

General

Target

40e4600df1a9943696d36c726e05a48e_JaffaCakes118
Size

175KB
Sample

241013-tzmfpazhmn
MD5

40e4600df1a9943696d36c726e05a48e
SHA1

d6821cb375a38302c6a6b3b0bbfd42632b350471
SHA256

bb8444e0d0484869bb10c6289ee08b1e5660f0391586c9db70746e409084db9f
SHA512

836cd37019f29812fe8b60fa535c3b47fc632179dc1255d48376a6add55ec70be5c95607a6a64c2afc64d168ca98a19eb443cf398880bab1391e8ba5a58e94e1
SSDEEP

3072:14c0gOS+ROLkodEhMFn+6jXIPztOJUjXNYt+Fb7zse0mP1Z3m8f9uiJz0zl849cN:14PgDtd+oMmmFtfNwZ83

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  40e4600df1a9943696d36c726e05a48e_JaffaCakes118
- Size
  
  175KB
- MD5
  
  40e4600df1a9943696d36c726e05a48e
- SHA1
  
  d6821cb375a38302c6a6b3b0bbfd42632b350471
- SHA256
  
  bb8444e0d0484869bb10c6289ee08b1e5660f0391586c9db70746e409084db9f
- SHA512
  
  836cd37019f29812fe8b60fa535c3b47fc632179dc1255d48376a6add55ec70be5c95607a6a64c2afc64d168ca98a19eb443cf398880bab1391e8ba5a58e94e1
- SSDEEP
  
  3072:14c0gOS+ROLkodEhMFn+6jXIPztOJUjXNYt+Fb7zse0mP1Z3m8f9uiJz0zl849cN:14PgDtd+oMmmFtfNwZ83
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2