socgholish | ca13de365fc795aac52ef26baf3178109d48137eb607b31d5ec83f7409115361 | Triage

Sharing

General

Target

JaffaCakes118_f2eb5a091f47b6bc2cc0e2c12215f4ee
Size

175KB
Sample

250111-bdejvawlhs
MD5

f2eb5a091f47b6bc2cc0e2c12215f4ee
SHA1

5970e5e8c7e9ba7fed355c703f95c1ffd358334e
SHA256

ca13de365fc795aac52ef26baf3178109d48137eb607b31d5ec83f7409115361
SHA512

f01b1165dc6e9ab44fb38621cb11408e67c53edd1de65cded4cb12e3e79e24da089569f3a5bb0d8ced7d9a7152d1ca44c8b1337267f610c1b170d10c5d103848
SSDEEP

3072:z0xjt0G8qxAGXmNJUzi64WvP4yvRJ2TxZG8lDCv5C+zMhY0KFM:zCHXmNJxVn

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  JaffaCakes118_f2eb5a091f47b6bc2cc0e2c12215f4ee
- Size
  
  175KB
- MD5
  
  f2eb5a091f47b6bc2cc0e2c12215f4ee
- SHA1
  
  5970e5e8c7e9ba7fed355c703f95c1ffd358334e
- SHA256
  
  ca13de365fc795aac52ef26baf3178109d48137eb607b31d5ec83f7409115361
- SHA512
  
  f01b1165dc6e9ab44fb38621cb11408e67c53edd1de65cded4cb12e3e79e24da089569f3a5bb0d8ced7d9a7152d1ca44c8b1337267f610c1b170d10c5d103848
- SSDEEP
  
  3072:z0xjt0G8qxAGXmNJUzi64WvP4yvRJ2TxZG8lDCv5C+zMhY0KFM:zCHXmNJxVn
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2