socgholish | c5fa7ea0bb44ac9dc5c8cf0e11685582cd4f9004129b8af040a183a17ce35835 | Triage

Sharing

General

Target

b06362504c937fed1b721ed4cb9e3959_JaffaCakes118
Size

53KB
Sample

241129-lnf6jaykfx
MD5

b06362504c937fed1b721ed4cb9e3959
SHA1

77c0f5b64e0ddb6bdb41ea2121c6c99559f135f4
SHA256

c5fa7ea0bb44ac9dc5c8cf0e11685582cd4f9004129b8af040a183a17ce35835
SHA512

8066fc1bda016186e11e6deca5c0beef185ae4ef88a6d88286bb528f12cf5f9d981bb3a8ed1369b707f2386bb3c21616851087e384a40aae874f9f7494403567
SSDEEP

768:dVS+jdlKiZ5dYhXWE+upjWm0mKcNrxRQnhbQM4qkkUnUa2Tb0bQpBfbHuvBA2X0B:DbI9vZRQ0HnT8pBfKvBAOPgD3RtxYzJS

Score

10^/10

socgholish discovery downloader phishing

Malware Config

Targets

- Target
  
  b06362504c937fed1b721ed4cb9e3959_JaffaCakes118
- Size
  
  53KB
- MD5
  
  b06362504c937fed1b721ed4cb9e3959
- SHA1
  
  77c0f5b64e0ddb6bdb41ea2121c6c99559f135f4
- SHA256
  
  c5fa7ea0bb44ac9dc5c8cf0e11685582cd4f9004129b8af040a183a17ce35835
- SHA512
  
  8066fc1bda016186e11e6deca5c0beef185ae4ef88a6d88286bb528f12cf5f9d981bb3a8ed1369b707f2386bb3c21616851087e384a40aae874f9f7494403567
- SSDEEP
  
  768:dVS+jdlKiZ5dYhXWE+upjWm0mKcNrxRQnhbQM4qkkUnUa2Tb0bQpBfbHuvBA2X0B:DbI9vZRQ0HnT8pBfKvBAOPgD3RtxYzJS
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2