socgholish | 6d8376aafb60f67a3c16965ab190d54e09d444284420c0f8cdb41ddcf076c1f9 | Triage

Sharing

General

Target

JaffaCakes118_ccd702f52d9d10930a96901df042a82d
Size

157KB
Sample

250109-tyttdawphr
MD5

ccd702f52d9d10930a96901df042a82d
SHA1

834b9db1bba38be32d2f4bed5cae5f34eb56e130
SHA256

6d8376aafb60f67a3c16965ab190d54e09d444284420c0f8cdb41ddcf076c1f9
SHA512

3682b07d16c82ac292807fbd7db18cb9f5a9a268e0519052a752220f0149830bace38535f4a9e38e9f90df8d3b3b407e6444a4ce8eb243709482e9b666ab2582
SSDEEP

3072:nOMj439rt89dLnPKBJJ26C0xz/jIeILOrEoZ+ud5+hNJT:gmdLnPKtE

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  JaffaCakes118_ccd702f52d9d10930a96901df042a82d
- Size
  
  157KB
- MD5
  
  ccd702f52d9d10930a96901df042a82d
- SHA1
  
  834b9db1bba38be32d2f4bed5cae5f34eb56e130
- SHA256
  
  6d8376aafb60f67a3c16965ab190d54e09d444284420c0f8cdb41ddcf076c1f9
- SHA512
  
  3682b07d16c82ac292807fbd7db18cb9f5a9a268e0519052a752220f0149830bace38535f4a9e38e9f90df8d3b3b407e6444a4ce8eb243709482e9b666ab2582
- SSDEEP
  
  3072:nOMj439rt89dLnPKBJJ26C0xz/jIeILOrEoZ+ud5+hNJT:gmdLnPKtE
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2