socgholish | bc6e40cf14b9209e90a767d439f6aa063ebcaf3e10acaca2117d16e9445be590 | Triage

Sharing

General

Target

7f80f22698f276ffb5413e8714cc7319_JaffaCakes118
Size

172KB
Sample

241030-rjf8mawpdn
MD5

7f80f22698f276ffb5413e8714cc7319
SHA1

d40cc0af88f27dcde0fc4f19087e1cd8d7b8c433
SHA256

bc6e40cf14b9209e90a767d439f6aa063ebcaf3e10acaca2117d16e9445be590
SHA512

b74e493cc95cfccc08b80c35f19a232bd50823f4597bb8d867c34d9aca09b2cef5362dab3ef45706456a15e8e595407f0739f20b797db33d668748b8962a1c9b
SSDEEP

3072:14q0gOS+cO9nKE6uodjhMF4+iIPziEdF+48EnBG1mxq7seV/6mG0sJ80V9o5xm8j:14tgDC9nKE2+N4wIJ6HYrfLwZ81

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  7f80f22698f276ffb5413e8714cc7319_JaffaCakes118
- Size
  
  172KB
- MD5
  
  7f80f22698f276ffb5413e8714cc7319
- SHA1
  
  d40cc0af88f27dcde0fc4f19087e1cd8d7b8c433
- SHA256
  
  bc6e40cf14b9209e90a767d439f6aa063ebcaf3e10acaca2117d16e9445be590
- SHA512
  
  b74e493cc95cfccc08b80c35f19a232bd50823f4597bb8d867c34d9aca09b2cef5362dab3ef45706456a15e8e595407f0739f20b797db33d668748b8962a1c9b
- SSDEEP
  
  3072:14q0gOS+cO9nKE6uodjhMF4+iIPziEdF+48EnBG1mxq7seV/6mG0sJ80V9o5xm8j:14tgDC9nKE2+N4wIJ6HYrfLwZ81
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2