socgholish | 1f67e6c37f0d3d505a4c7de07cfb126452fd35b1b91c3b72a28bfc3cc8729c02 | Triage

Sharing

General

Target

59371424cb002bae6431e589dcaaf727_JaffaCakes118
Size

53KB
Sample

241018-y1ppnawdjf
MD5

59371424cb002bae6431e589dcaaf727
SHA1

1dab817efc91fb627119df68e4437613b1c527bf
SHA256

1f67e6c37f0d3d505a4c7de07cfb126452fd35b1b91c3b72a28bfc3cc8729c02
SHA512

b7a24c5f2d023aa23709662a10cc352a3ed6bb9a9026ab6dedb51ab1808c114ee3d71968de35f4f90a481321910ef21c9ff9adba0715718c622db20549f0337c
SSDEEP

768:dSS+jdlKiZ5dYhXWE+upjWm0mKcNrxRQnhbQM4qkkUnUa2Tb0bQpBfbHuvBA2fwJ:IbI9vZRQ0HnT8pBfKvBA+PK3wtbXO

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  59371424cb002bae6431e589dcaaf727_JaffaCakes118
- Size
  
  53KB
- MD5
  
  59371424cb002bae6431e589dcaaf727
- SHA1
  
  1dab817efc91fb627119df68e4437613b1c527bf
- SHA256
  
  1f67e6c37f0d3d505a4c7de07cfb126452fd35b1b91c3b72a28bfc3cc8729c02
- SHA512
  
  b7a24c5f2d023aa23709662a10cc352a3ed6bb9a9026ab6dedb51ab1808c114ee3d71968de35f4f90a481321910ef21c9ff9adba0715718c622db20549f0337c
- SSDEEP
  
  768:dSS+jdlKiZ5dYhXWE+upjWm0mKcNrxRQnhbQM4qkkUnUa2Tb0bQpBfbHuvBA2fwJ:IbI9vZRQ0HnT8pBfKvBA+PK3wtbXO
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2