socgholish | a650ac689b456dc77295f3a5ced101a74910a2d927e02cda22b1fed538db8d43 | Triage

Sharing

General

Target

942848a0850bd520ed92723609e79965_JaffaCakes118
Size

71KB
Sample

241124-msq2zasjgl
MD5

942848a0850bd520ed92723609e79965
SHA1

a96c244c6cbfb9f3ba1c1d8cbe00910b7c6b0111
SHA256

a650ac689b456dc77295f3a5ced101a74910a2d927e02cda22b1fed538db8d43
SHA512

b8218cb03056961bc301d2f9c299b54ca89e7e906ff6da0bb6abd729188ab789262ae681213c42d9bc2b7e0645ee3523cc4c68e9f663ddd542b91ecdc43fb842
SSDEEP

1536:v1HGlr4OD+xOgpttkKKg8NIUHtAotodphgndapyCmfEYT4NIYeykQ2tegPyG:v1HGlUM+xHpttkKKgRUNPtodphgndapy

Score

10^/10

socgholish discovery downloader phishing

Malware Config

Targets

- Target
  
  942848a0850bd520ed92723609e79965_JaffaCakes118
- Size
  
  71KB
- MD5
  
  942848a0850bd520ed92723609e79965
- SHA1
  
  a96c244c6cbfb9f3ba1c1d8cbe00910b7c6b0111
- SHA256
  
  a650ac689b456dc77295f3a5ced101a74910a2d927e02cda22b1fed538db8d43
- SHA512
  
  b8218cb03056961bc301d2f9c299b54ca89e7e906ff6da0bb6abd729188ab789262ae681213c42d9bc2b7e0645ee3523cc4c68e9f663ddd542b91ecdc43fb842
- SSDEEP
  
  1536:v1HGlr4OD+xOgpttkKKg8NIUHtAotodphgndapyCmfEYT4NIYeykQ2tegPyG:v1HGlUM+xHpttkKKgRUNPtodphgndapy
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2