socgholish | 70c175cf921ce826ec1f1c34d9763b86bdbf315fd4f7418a88ec12442d3a49ce | Triage

Sharing

General

Target

50f4a49b479118402e89375057149a7c_JaffaCakes118
Size

63KB
Sample

241017-gmh7aaybmr
MD5

50f4a49b479118402e89375057149a7c
SHA1

99fee5b4bd1a96713432f6071ec23d442efc4c83
SHA256

70c175cf921ce826ec1f1c34d9763b86bdbf315fd4f7418a88ec12442d3a49ce
SHA512

5541feacd5f79aa4c1916d9152e4f2573c7b05f1cd4c25ce468e5c0f662e6e12c39b72b543141df461d8a59f0275b3564b3a6d1735419dc12a85c0d06ac543e5
SSDEEP

1536:gw7bDQtXqUhVKrdhVKrP+MF1t3i9F1aZAst8U9NZYi6CYz5Qm+r2thlt:gw7bDQlqBMF1tkF1aZAst8KNZYBCYW3k

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  50f4a49b479118402e89375057149a7c_JaffaCakes118
- Size
  
  63KB
- MD5
  
  50f4a49b479118402e89375057149a7c
- SHA1
  
  99fee5b4bd1a96713432f6071ec23d442efc4c83
- SHA256
  
  70c175cf921ce826ec1f1c34d9763b86bdbf315fd4f7418a88ec12442d3a49ce
- SHA512
  
  5541feacd5f79aa4c1916d9152e4f2573c7b05f1cd4c25ce468e5c0f662e6e12c39b72b543141df461d8a59f0275b3564b3a6d1735419dc12a85c0d06ac543e5
- SSDEEP
  
  1536:gw7bDQtXqUhVKrdhVKrP+MF1t3i9F1aZAst8U9NZYi6CYz5Qm+r2thlt:gw7bDQlqBMF1tkF1aZAst8KNZYBCYW3k
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2