socgholish | 1640745a13817aa7c0b39f83b9967e078c5653264ab8aa38b3bc2753e7eeb867 | Triage

Sharing

General

Target

969dd8d00d9facac99f06e835347d4b9_JaffaCakes118
Size

136KB
Sample

241124-xntbmstpgw
MD5

969dd8d00d9facac99f06e835347d4b9
SHA1

d45d2a63fe2de5acde162ad7d4cb204ba46f017e
SHA256

1640745a13817aa7c0b39f83b9967e078c5653264ab8aa38b3bc2753e7eeb867
SHA512

85ae8abefe78ec64d49ee864e37e5f75eae79c2c4b54cd01cb898873a38b993e38218297db444b27047d905469d2d140b183c0194be1bba8d4394b4b68a00162
SSDEEP

1536:JaOPblvgtZEe3+KR/CthsH8N79uREwTTON6Td1R5MghZ7AIZvJibdz:A33+KRCbsg79upTlTd7ZRibdz

Score

10^/10

socgholish google discovery downloader phishing

Malware Config

Targets

- Target
  
  969dd8d00d9facac99f06e835347d4b9_JaffaCakes118
- Size
  
  136KB
- MD5
  
  969dd8d00d9facac99f06e835347d4b9
- SHA1
  
  d45d2a63fe2de5acde162ad7d4cb204ba46f017e
- SHA256
  
  1640745a13817aa7c0b39f83b9967e078c5653264ab8aa38b3bc2753e7eeb867
- SHA512
  
  85ae8abefe78ec64d49ee864e37e5f75eae79c2c4b54cd01cb898873a38b993e38218297db444b27047d905469d2d140b183c0194be1bba8d4394b4b68a00162
- SSDEEP
  
  1536:JaOPblvgtZEe3+KR/CthsH8N79uREwTTON6Td1R5MghZ7AIZvJibdz:A33+KRCbsg79upTlTd7ZRibdz
Score

10^/10

socgholish google discovery downloader phishing
- Detected google phishing page
  phishing google
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishgooglediscoverydownloaderphishing

behavioral2