socgholish | 37c1eac271881708f02e4fa27c6f268de33b6ea9080987005ceb3c85a7f7fea6 | Triage

Sharing

General

Target

5264f98e7bcc8fac61c5bfb2f25d5a4c_JaffaCakes118
Size

168KB
Sample

241017-r3yl1svdln
MD5

5264f98e7bcc8fac61c5bfb2f25d5a4c
SHA1

d6bfa2c378e3180f2606cbb92bbcbd8dd860fa6c
SHA256

37c1eac271881708f02e4fa27c6f268de33b6ea9080987005ceb3c85a7f7fea6
SHA512

3fe1b916da6949c334a2adb022e600dce7df08dbcae62466bc592adf4631dea0b75f67591873c7a072d842072ede9ab7d7c704ee45da3706d54a2a7791058852
SSDEEP

3072:tbUQHvMpBkGbuiYhLpOT9mjAJBhHJOEyTsFod1hynjILt9HQ:tbUAvMpBGQ

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  5264f98e7bcc8fac61c5bfb2f25d5a4c_JaffaCakes118
- Size
  
  168KB
- MD5
  
  5264f98e7bcc8fac61c5bfb2f25d5a4c
- SHA1
  
  d6bfa2c378e3180f2606cbb92bbcbd8dd860fa6c
- SHA256
  
  37c1eac271881708f02e4fa27c6f268de33b6ea9080987005ceb3c85a7f7fea6
- SHA512
  
  3fe1b916da6949c334a2adb022e600dce7df08dbcae62466bc592adf4631dea0b75f67591873c7a072d842072ede9ab7d7c704ee45da3706d54a2a7791058852
- SSDEEP
  
  3072:tbUQHvMpBkGbuiYhLpOT9mjAJBhHJOEyTsFod1hynjILt9HQ:tbUAvMpBGQ
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2