socgholish | 71ae69e181ce81f31e84dbb3df8679c5609f2b5609ac9a6eeafda828c83b074f | Triage

Sharing

General

Target

JaffaCakes118_e81da434248963aed53ac315cf4bd079
Size

131KB
Sample

250110-s8xscaymf1
MD5

e81da434248963aed53ac315cf4bd079
SHA1

679ba0d4d8e05b2fcbd40aecfa57e967181a1b84
SHA256

71ae69e181ce81f31e84dbb3df8679c5609f2b5609ac9a6eeafda828c83b074f
SHA512

c10ba2ffe73fd62b158254431015925f5bce67cb19aba618bf5dd4ecafdda1a365ea5d4e43476f5cfc02ecb4dbdef291c0eb67b9a155bb603a5f5b66c7803460
SSDEEP

3072:C/4Fo7/Mxzt8aNvXaktADZMuLhJJM0cRM/s19of25RV:pVt8aNvXaktADZMuLhJMoI

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  JaffaCakes118_e81da434248963aed53ac315cf4bd079
- Size
  
  131KB
- MD5
  
  e81da434248963aed53ac315cf4bd079
- SHA1
  
  679ba0d4d8e05b2fcbd40aecfa57e967181a1b84
- SHA256
  
  71ae69e181ce81f31e84dbb3df8679c5609f2b5609ac9a6eeafda828c83b074f
- SHA512
  
  c10ba2ffe73fd62b158254431015925f5bce67cb19aba618bf5dd4ecafdda1a365ea5d4e43476f5cfc02ecb4dbdef291c0eb67b9a155bb603a5f5b66c7803460
- SSDEEP
  
  3072:C/4Fo7/Mxzt8aNvXaktADZMuLhJJM0cRM/s19of25RV:pVt8aNvXaktADZMuLhJMoI
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2