socgholish | 9a7f3c59e2e76e15b912b6ab5f0e12209f788da6f6229b4ef2273f6ae5c091ee | Triage

Sharing

General

Target

968577348f5c3ee70428f850f8d3bce3_JaffaCakes118
Size

53KB
Sample

241124-xc4m8szjfq
MD5

968577348f5c3ee70428f850f8d3bce3
SHA1

4d71932f2d0464680107f061f100509faa1396c0
SHA256

9a7f3c59e2e76e15b912b6ab5f0e12209f788da6f6229b4ef2273f6ae5c091ee
SHA512

2c880a892dd6b99b73e665442d9db891f9853697281cefbff6f6836b0144e1517f7c3ae8512a21cd653b947166367f4f6d63476f0ff9f2610e794d88a329bb60
SSDEEP

768:dVS+jdlKiZ5dYhXWE+upjWm0mKcNrxRQnhbQM4qkkUnUa2Tb0bQpBfbHuvBA2fw0:jbI9vZRQ0HnT8pBfKvBA+PS3wt8w5

Score

10^/10

socgholish discovery downloader phishing

Malware Config

Targets

- Target
  
  968577348f5c3ee70428f850f8d3bce3_JaffaCakes118
- Size
  
  53KB
- MD5
  
  968577348f5c3ee70428f850f8d3bce3
- SHA1
  
  4d71932f2d0464680107f061f100509faa1396c0
- SHA256
  
  9a7f3c59e2e76e15b912b6ab5f0e12209f788da6f6229b4ef2273f6ae5c091ee
- SHA512
  
  2c880a892dd6b99b73e665442d9db891f9853697281cefbff6f6836b0144e1517f7c3ae8512a21cd653b947166367f4f6d63476f0ff9f2610e794d88a329bb60
- SSDEEP
  
  768:dVS+jdlKiZ5dYhXWE+upjWm0mKcNrxRQnhbQM4qkkUnUa2Tb0bQpBfbHuvBA2fw0:jbI9vZRQ0HnT8pBfKvBA+PS3wt8w5
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2