socgholish | b2188b23797f59e37174cac4eb9cb7f6b555d390076cfaae52651018175cae61 | Triage

Sharing

General

Target

41853b7150abb914c80eeeebce9a2f1c_JaffaCakes118
Size

172KB
Sample

241013-xk49qssdrd
MD5

41853b7150abb914c80eeeebce9a2f1c
SHA1

86376c8ec1b0c5af897395e82f897f685e16d258
SHA256

b2188b23797f59e37174cac4eb9cb7f6b555d390076cfaae52651018175cae61
SHA512

d6835c8cf8e3b2467bf9683efb6d663f45fd506835492c7c810b7d6cadb16aa121059ee7d9941e0fa91c60b3b504fcb88b879265866e1731df13097dcf6b9dc9
SSDEEP

3072:14/0gOS+BOtnXM07odYhMFH+BjXIPzkEdF+48EnBG1mxq7seV/6mG0sJ80V9o5xk:148gDVtnXMX+BM2wIJ6HYrfNwZ8a

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  41853b7150abb914c80eeeebce9a2f1c_JaffaCakes118
- Size
  
  172KB
- MD5
  
  41853b7150abb914c80eeeebce9a2f1c
- SHA1
  
  86376c8ec1b0c5af897395e82f897f685e16d258
- SHA256
  
  b2188b23797f59e37174cac4eb9cb7f6b555d390076cfaae52651018175cae61
- SHA512
  
  d6835c8cf8e3b2467bf9683efb6d663f45fd506835492c7c810b7d6cadb16aa121059ee7d9941e0fa91c60b3b504fcb88b879265866e1731df13097dcf6b9dc9
- SSDEEP
  
  3072:14/0gOS+BOtnXM07odYhMFH+BjXIPzkEdF+48EnBG1mxq7seV/6mG0sJ80V9o5xk:148gDVtnXMX+BM2wIJ6HYrfNwZ8a
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2