socgholish | e544729af41ffbd4ad735fcc73fd8b2097e86f7bd845d2be226e0f4554471297 | Triage

Sharing

General

Target

dd85088dc2deb7bd5b58c92943cfb150_JaffaCakes118
Size

151KB
Sample

241210-hn656ssnbr
MD5

dd85088dc2deb7bd5b58c92943cfb150
SHA1

0aa2eef02c726e8a49b5d9368e837e39b23f686c
SHA256

e544729af41ffbd4ad735fcc73fd8b2097e86f7bd845d2be226e0f4554471297
SHA512

5bd0ce7e0ae32d19d18f7527d85a41fd8b71459e0031cae533db843cd1820e037a6992b1322681f1bdfec313a2eeacfdf0167fff46d6af6c99d752578646688f
SSDEEP

3072:ZglSDn8E+CoJqx3aUslHdGlDCv5C+zMzV2W5s47Mj4yUCn7bk:ZglSDn8Ez1

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  dd85088dc2deb7bd5b58c92943cfb150_JaffaCakes118
- Size
  
  151KB
- MD5
  
  dd85088dc2deb7bd5b58c92943cfb150
- SHA1
  
  0aa2eef02c726e8a49b5d9368e837e39b23f686c
- SHA256
  
  e544729af41ffbd4ad735fcc73fd8b2097e86f7bd845d2be226e0f4554471297
- SHA512
  
  5bd0ce7e0ae32d19d18f7527d85a41fd8b71459e0031cae533db843cd1820e037a6992b1322681f1bdfec313a2eeacfdf0167fff46d6af6c99d752578646688f
- SSDEEP
  
  3072:ZglSDn8E+CoJqx3aUslHdGlDCv5C+zMzV2W5s47Mj4yUCn7bk:ZglSDn8Ez1
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2