socgholish | 2225d605d4bd7227172a56d99636ecfc955e4108162abb0e0add0992aa0a486e | Triage

Sharing

General

Target

JaffaCakes118_bb46708e84fd805ff086ec51613073e2
Size

122KB
Sample

250109-dzkzvsyngq
MD5

bb46708e84fd805ff086ec51613073e2
SHA1

678f131945c6a7f8f85cb84d469a39ab507c9cc5
SHA256

2225d605d4bd7227172a56d99636ecfc955e4108162abb0e0add0992aa0a486e
SHA512

ec9f789fcb7de3382b2aa9eecee386bf4bbbfb5b6e743a37d8369dd1eb6c3eaedf9d36c03f7e38b30f3426e9c416c711fa0b70c785bfbb7aaa1c864d6e108ba2
SSDEEP

3072:C/VFb7/v5izt8aNuJNMdWRifs19yVMqfh5eV:I5kt8aNuJpyVMqS

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  JaffaCakes118_bb46708e84fd805ff086ec51613073e2
- Size
  
  122KB
- MD5
  
  bb46708e84fd805ff086ec51613073e2
- SHA1
  
  678f131945c6a7f8f85cb84d469a39ab507c9cc5
- SHA256
  
  2225d605d4bd7227172a56d99636ecfc955e4108162abb0e0add0992aa0a486e
- SHA512
  
  ec9f789fcb7de3382b2aa9eecee386bf4bbbfb5b6e743a37d8369dd1eb6c3eaedf9d36c03f7e38b30f3426e9c416c711fa0b70c785bfbb7aaa1c864d6e108ba2
- SSDEEP
  
  3072:C/VFb7/v5izt8aNuJNMdWRifs19yVMqfh5eV:I5kt8aNuJpyVMqS
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2