socgholish | a8529fe4d6b90ec325f752cdacd00320f27cbd9db7af209f76e26482226103f2 | Triage

Sharing

General

Target

d70deb692f11586a03a5b84ecdf856b4_JaffaCakes118
Size

139KB
Sample

241208-ppvxvstlez
MD5

d70deb692f11586a03a5b84ecdf856b4
SHA1

10c7367b1c44480f2e2d2df6010b9b712034e734
SHA256

a8529fe4d6b90ec325f752cdacd00320f27cbd9db7af209f76e26482226103f2
SHA512

86540b50a81604d845295f2b9a9a1f719e74eb3b4a49aff449e36425bf7e375422418cf2c4a93ec44ba124e7ed82517492430dbf6031cdce51d4f77d798c7969
SSDEEP

1536:nEFwEzZTURnBQ7qJeWYhC9eOFMpyjm2WBDfqqBj1Av4wI9KvoUa5tek:E/JUA7qV/FMpyjm2meg1gs9KQUa5tr

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  d70deb692f11586a03a5b84ecdf856b4_JaffaCakes118
- Size
  
  139KB
- MD5
  
  d70deb692f11586a03a5b84ecdf856b4
- SHA1
  
  10c7367b1c44480f2e2d2df6010b9b712034e734
- SHA256
  
  a8529fe4d6b90ec325f752cdacd00320f27cbd9db7af209f76e26482226103f2
- SHA512
  
  86540b50a81604d845295f2b9a9a1f719e74eb3b4a49aff449e36425bf7e375422418cf2c4a93ec44ba124e7ed82517492430dbf6031cdce51d4f77d798c7969
- SSDEEP
  
  1536:nEFwEzZTURnBQ7qJeWYhC9eOFMpyjm2WBDfqqBj1Av4wI9KvoUa5tek:E/JUA7qV/FMpyjm2meg1gs9KQUa5tr
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2