socgholish | b01d83d009f865532e779c05d3bb4e6e0df383134e68fa9f328d433b3962fd9a | Triage

Sharing

General

Target

9f24315d74f287d1cbb2fb253a32a4bc_JaffaCakes118
Size

106KB
Sample

241126-b7nplsxndz
MD5

9f24315d74f287d1cbb2fb253a32a4bc
SHA1

18250dd1a351efda497ad10ed0e0b7c4b3edda21
SHA256

b01d83d009f865532e779c05d3bb4e6e0df383134e68fa9f328d433b3962fd9a
SHA512

afd0929e15e58b408bec4cf6012edc43c37ea1a4a2f249c4ac7c224ddc0fedeb36b0f6dbdb8b795262c72b58d0b046848297aed3f2d34faf2f21f8eaf3342a2e
SSDEEP

3072:14K0gOS+gO+POWDodvhMF0+RIPzIm8f9CiJz0zl849cl:14NgD2+mWo+yGf5wZ8X

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  9f24315d74f287d1cbb2fb253a32a4bc_JaffaCakes118
- Size
  
  106KB
- MD5
  
  9f24315d74f287d1cbb2fb253a32a4bc
- SHA1
  
  18250dd1a351efda497ad10ed0e0b7c4b3edda21
- SHA256
  
  b01d83d009f865532e779c05d3bb4e6e0df383134e68fa9f328d433b3962fd9a
- SHA512
  
  afd0929e15e58b408bec4cf6012edc43c37ea1a4a2f249c4ac7c224ddc0fedeb36b0f6dbdb8b795262c72b58d0b046848297aed3f2d34faf2f21f8eaf3342a2e
- SSDEEP
  
  3072:14K0gOS+gO+POWDodvhMF0+RIPzIm8f9CiJz0zl849cl:14NgD2+mWo+yGf5wZ8X
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2