socgholish | 7aada9cf0266f56451a8d784b4c9dace7b5f891fec8c9648c60eb7511daf9177 | Triage

Sharing

General

Target

JaffaCakes118_9c581fc70cf39bd03bf11d112dfccbae
Size

307KB
Sample

250108-m9nm6szlaq
MD5

9c581fc70cf39bd03bf11d112dfccbae
SHA1

738260456c18f9f4e6be4844fb1f4ce61e158bab
SHA256

7aada9cf0266f56451a8d784b4c9dace7b5f891fec8c9648c60eb7511daf9177
SHA512

f5158dcb6421ec454d1c53e3f470b0aa542e81e8c3f32518c705355a221cb3dacbfc992fccbab142b521ab4e553f496b4d9cac782618226110a326ff824b073a
SSDEEP

3072:zexjt0G8qxAGXmNJUzi64WvP4yQxvLVbhxz4j6aweRJ2TxZG8lDCv5C+zMhY02Fe:zQHXmNJvvLVbhxz4CVJ

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  JaffaCakes118_9c581fc70cf39bd03bf11d112dfccbae
- Size
  
  307KB
- MD5
  
  9c581fc70cf39bd03bf11d112dfccbae
- SHA1
  
  738260456c18f9f4e6be4844fb1f4ce61e158bab
- SHA256
  
  7aada9cf0266f56451a8d784b4c9dace7b5f891fec8c9648c60eb7511daf9177
- SHA512
  
  f5158dcb6421ec454d1c53e3f470b0aa542e81e8c3f32518c705355a221cb3dacbfc992fccbab142b521ab4e553f496b4d9cac782618226110a326ff824b073a
- SSDEEP
  
  3072:zexjt0G8qxAGXmNJUzi64WvP4yQxvLVbhxz4j6aweRJ2TxZG8lDCv5C+zMhY02Fe:zQHXmNJvvLVbhxz4CVJ
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
- Program crash
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2