socgholish | ab6536553254cc5e311b753b830cf49c830ecbb9861bbbf9da563ee54776c203 | Triage

Sharing

General

Target

JaffaCakes118_bc6fd46aaddf5d30a0623d0d487d002c
Size

72KB
Sample

250109-elrqxszmfn
MD5

bc6fd46aaddf5d30a0623d0d487d002c
SHA1

abe3ae1e150b25a6a1825e5d64e5e639da2b5947
SHA256

ab6536553254cc5e311b753b830cf49c830ecbb9861bbbf9da563ee54776c203
SHA512

83127ae46f25be1a99fa1cf13497e35173675605357c94db9cc0354164ac1c3fc14608d2acb599e9ab0bc86e1b93213ccdef2f64f73973c60279067fe7b3b6fa
SSDEEP

1536:SWVOZOMif43jprQzD9BJ26qDTgxz/jIeILOrEo+Y+ujNT5+PN34:qOM2439r49BJ26u0xz/jIeILOrEoZ+uV

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  JaffaCakes118_bc6fd46aaddf5d30a0623d0d487d002c
- Size
  
  72KB
- MD5
  
  bc6fd46aaddf5d30a0623d0d487d002c
- SHA1
  
  abe3ae1e150b25a6a1825e5d64e5e639da2b5947
- SHA256
  
  ab6536553254cc5e311b753b830cf49c830ecbb9861bbbf9da563ee54776c203
- SHA512
  
  83127ae46f25be1a99fa1cf13497e35173675605357c94db9cc0354164ac1c3fc14608d2acb599e9ab0bc86e1b93213ccdef2f64f73973c60279067fe7b3b6fa
- SSDEEP
  
  1536:SWVOZOMif43jprQzD9BJ26qDTgxz/jIeILOrEo+Y+ujNT5+PN34:qOM2439r49BJ26u0xz/jIeILOrEoZ+uV
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2