socgholish | b6ef6672165cbe0d2b1ff9f276a169f27b6d16a31063945bd6746edd1c6eeeb8 | Triage

Sharing

General

Target

6d70f982e62712d63a68163a90e57690_JaffaCakes118
Size

104KB
Sample

241023-gybatavdnb
MD5

6d70f982e62712d63a68163a90e57690
SHA1

b0f1af6f26ab8bcc64d163e96ee14d990ba966a9
SHA256

b6ef6672165cbe0d2b1ff9f276a169f27b6d16a31063945bd6746edd1c6eeeb8
SHA512

b372df0f2af26e78f252cae6fea9dd8fffedc4460b2a4b8fec7d51b5d9cadf3eb56d742acb5099c3a7cae5ab783203d3a406a73fefca85d1cf225a2a4d5964d2
SSDEEP

3072:ePEijZeqLVEijZeqLczqpX8B1R4XGHULpcSuxw0sVAxxsVzM:ePEijZeqLVEijZeqLcfB

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  6d70f982e62712d63a68163a90e57690_JaffaCakes118
- Size
  
  104KB
- MD5
  
  6d70f982e62712d63a68163a90e57690
- SHA1
  
  b0f1af6f26ab8bcc64d163e96ee14d990ba966a9
- SHA256
  
  b6ef6672165cbe0d2b1ff9f276a169f27b6d16a31063945bd6746edd1c6eeeb8
- SHA512
  
  b372df0f2af26e78f252cae6fea9dd8fffedc4460b2a4b8fec7d51b5d9cadf3eb56d742acb5099c3a7cae5ab783203d3a406a73fefca85d1cf225a2a4d5964d2
- SSDEEP
  
  3072:ePEijZeqLVEijZeqLczqpX8B1R4XGHULpcSuxw0sVAxxsVzM:ePEijZeqLVEijZeqLcfB
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2