socgholish | 799a2292fc610283090d7fc36c1fbeb4062055a518d55adda52fea01ca3f8c5b | Triage

Sharing

General

Target

96b4b980f05c2733c48a3ef3b30e2049_JaffaCakes118
Size

219KB
Sample

241124-x1kv2avlgz
MD5

96b4b980f05c2733c48a3ef3b30e2049
SHA1

f70a7dba064703c1c673f273f01c4b467e359d86
SHA256

799a2292fc610283090d7fc36c1fbeb4062055a518d55adda52fea01ca3f8c5b
SHA512

def0d0a382855331a1ad82b5560b425ad0dd3f4684f087abd427090ffb6a864660dacde2abe64b677127736138bc60f3d6e9d172a197119da6084a25957f2bda
SSDEEP

3072:uWfCpj9rCX7CeDs1T7T8635etL5MvyvpOxnGBT9rCX7Ce4sah22FUlXnU:KMp

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  96b4b980f05c2733c48a3ef3b30e2049_JaffaCakes118
- Size
  
  219KB
- MD5
  
  96b4b980f05c2733c48a3ef3b30e2049
- SHA1
  
  f70a7dba064703c1c673f273f01c4b467e359d86
- SHA256
  
  799a2292fc610283090d7fc36c1fbeb4062055a518d55adda52fea01ca3f8c5b
- SHA512
  
  def0d0a382855331a1ad82b5560b425ad0dd3f4684f087abd427090ffb6a864660dacde2abe64b677127736138bc60f3d6e9d172a197119da6084a25957f2bda
- SSDEEP
  
  3072:uWfCpj9rCX7CeDs1T7T8635etL5MvyvpOxnGBT9rCX7Ce4sah22FUlXnU:KMp
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2