socgholish | f2d1ad4f4d3b13acaf18699877a1a418c6799c3fb8af098d94a94d3356480e32 | Triage

Sharing

General

Target

JaffaCakes118_de5294df1e24bc4410ff710d0081c407
Size

144KB
Sample

250110-h8a88syqhp
MD5

de5294df1e24bc4410ff710d0081c407
SHA1

b0b0b970925487911db45a90645be152d9162d8c
SHA256

f2d1ad4f4d3b13acaf18699877a1a418c6799c3fb8af098d94a94d3356480e32
SHA512

71af5454f08ee2f89f902e16d1150478f0815968a397797edcc9f524974f6d53c5c68c44d080a239d6d4eda66b76ebfda14d2d52dd9fa1530efee4853f6af161
SSDEEP

1536:1EFwEzvTFtnBQ7/X09pFZzI260tGZyyHo1l2mRADfZ79pq1RTjUxF35y2S:C/7Fc7/EzRimRA3s19of35yV

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  JaffaCakes118_de5294df1e24bc4410ff710d0081c407
- Size
  
  144KB
- MD5
  
  de5294df1e24bc4410ff710d0081c407
- SHA1
  
  b0b0b970925487911db45a90645be152d9162d8c
- SHA256
  
  f2d1ad4f4d3b13acaf18699877a1a418c6799c3fb8af098d94a94d3356480e32
- SHA512
  
  71af5454f08ee2f89f902e16d1150478f0815968a397797edcc9f524974f6d53c5c68c44d080a239d6d4eda66b76ebfda14d2d52dd9fa1530efee4853f6af161
- SSDEEP
  
  1536:1EFwEzvTFtnBQ7/X09pFZzI260tGZyyHo1l2mRADfZ79pq1RTjUxF35y2S:C/7Fc7/EzRimRA3s19of35yV
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2