socgholish | bec146eb43289f829dcfa94d0b369a2f92fcb9a0d82e1826eb1af23e3f0ba9c5 | Triage

Sharing

General

Target

891ab5327532f2245825f4454340b0dd_JaffaCakes118
Size

118KB
Sample

241103-chzags1nav
MD5

891ab5327532f2245825f4454340b0dd
SHA1

093e81218e9c6853ca4f4cd5bec430f85b678ace
SHA256

bec146eb43289f829dcfa94d0b369a2f92fcb9a0d82e1826eb1af23e3f0ba9c5
SHA512

37486593dd8da8f066d39d73ffc2d3d3f7bce280f1c2c08357c2cbea5cccf8c3204ecfa09e21a7c51a35b02e895ebdec02113660e04d45a68bd2a67eda7a712d
SSDEEP

1536:nEFwEzZTUtnBQ7qVujm2uBDfqqBj1AvTvoTA5ei1:E/JUc7qVujm2++g1gTQTA5e+

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  891ab5327532f2245825f4454340b0dd_JaffaCakes118
- Size
  
  118KB
- MD5
  
  891ab5327532f2245825f4454340b0dd
- SHA1
  
  093e81218e9c6853ca4f4cd5bec430f85b678ace
- SHA256
  
  bec146eb43289f829dcfa94d0b369a2f92fcb9a0d82e1826eb1af23e3f0ba9c5
- SHA512
  
  37486593dd8da8f066d39d73ffc2d3d3f7bce280f1c2c08357c2cbea5cccf8c3204ecfa09e21a7c51a35b02e895ebdec02113660e04d45a68bd2a67eda7a712d
- SSDEEP
  
  1536:nEFwEzZTUtnBQ7qVujm2uBDfqqBj1AvTvoTA5ei1:E/JUc7qVujm2++g1gTQTA5e+
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2