socgholish | a337351adad3f687b21d0b776a27516fd12ff62ba0d7864fb72cccc06d252465 | Triage

Sharing

General

Target

eebe3078ebf405cc8808fa995f23b0a8_JaffaCakes118
Size

129KB
Sample

241214-pkjc9stkfq
MD5

eebe3078ebf405cc8808fa995f23b0a8
SHA1

b8c67f697dc64794f66c6ef4b95076ec95263a35
SHA256

a337351adad3f687b21d0b776a27516fd12ff62ba0d7864fb72cccc06d252465
SHA512

40b60fc6773d3dc78ecd122b7dad792a7b56995142af057b5174ca32ee6a73a93d1c6430d1f8c064c38b3038f004cf590f932a96db71d3a8e925482fbcc1f335
SSDEEP

1536:nEFwEziTUpnBQ7qn7gWZqBxOOOnOOOrOzeOO/M1Hjm2jBDOtqBj1AvMvoUd5jek:E/0Uo7qRq/M1Hjm2Nmg1gMQUd5jr

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  eebe3078ebf405cc8808fa995f23b0a8_JaffaCakes118
- Size
  
  129KB
- MD5
  
  eebe3078ebf405cc8808fa995f23b0a8
- SHA1
  
  b8c67f697dc64794f66c6ef4b95076ec95263a35
- SHA256
  
  a337351adad3f687b21d0b776a27516fd12ff62ba0d7864fb72cccc06d252465
- SHA512
  
  40b60fc6773d3dc78ecd122b7dad792a7b56995142af057b5174ca32ee6a73a93d1c6430d1f8c064c38b3038f004cf590f932a96db71d3a8e925482fbcc1f335
- SSDEEP
  
  1536:nEFwEziTUpnBQ7qn7gWZqBxOOOnOOOrOzeOO/M1Hjm2jBDOtqBj1AvMvoUd5jek:E/0Uo7qRq/M1Hjm2Nmg1gMQUd5jr
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2