socgholish | 65e92bc3024eb9c6d512af683608e0033cc3220c10b1add648c0bb2d220a6788 | Triage

Sharing

General

Target

JaffaCakes118_0c7555bfafad94e09a01e8d27e39df68
Size

120KB
Sample

250106-ea5teavngz
MD5

0c7555bfafad94e09a01e8d27e39df68
SHA1

53132369770d47da7bd2c225347efab87c7e8c06
SHA256

65e92bc3024eb9c6d512af683608e0033cc3220c10b1add648c0bb2d220a6788
SHA512

ff83a8ec9958c529397256c758a1d620cfadec41bab986549a6ade6e70b4b8dc7468971d3ecc333e17e4bc0623a3c7dbcbb62bf2665707247f576d71089491b4
SSDEEP

3072:C/GFk7/5qZzt8aNxF+xM/RRP/s19ZNfw58V:Yq9t8aNxF+7ZN9

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  JaffaCakes118_0c7555bfafad94e09a01e8d27e39df68
- Size
  
  120KB
- MD5
  
  0c7555bfafad94e09a01e8d27e39df68
- SHA1
  
  53132369770d47da7bd2c225347efab87c7e8c06
- SHA256
  
  65e92bc3024eb9c6d512af683608e0033cc3220c10b1add648c0bb2d220a6788
- SHA512
  
  ff83a8ec9958c529397256c758a1d620cfadec41bab986549a6ade6e70b4b8dc7468971d3ecc333e17e4bc0623a3c7dbcbb62bf2665707247f576d71089491b4
- SSDEEP
  
  3072:C/GFk7/5qZzt8aNxF+xM/RRP/s19ZNfw58V:Yq9t8aNxF+7ZN9
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2