socgholish | 32cb71a7ea1983217b5eb695861af56d499bfbe7bc110d2a952539f049cb9079 | Triage

Sharing

General

Target

JaffaCakes118_f8773c0851503d5c7ada4259499a8227
Size

117KB
Sample

250111-gb57nszjap
MD5

f8773c0851503d5c7ada4259499a8227
SHA1

e8d919c46e917bb3b95361b7f68ce720ecf752ca
SHA256

32cb71a7ea1983217b5eb695861af56d499bfbe7bc110d2a952539f049cb9079
SHA512

d3586d6f40030fc5d06d10228147960171c19e6907e8ff8dc6fcf6a7e3d69da138b41fe98149e241714765ba62f16341784174b38fe461c89daaa60228137ce2
SSDEEP

1536:1EFwEz4TF3nB3fjnK6ZQCQAXXUoCRADfZqfaq1RT4FHdS:C/+FdLqRA0J19wHc

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  JaffaCakes118_f8773c0851503d5c7ada4259499a8227
- Size
  
  117KB
- MD5
  
  f8773c0851503d5c7ada4259499a8227
- SHA1
  
  e8d919c46e917bb3b95361b7f68ce720ecf752ca
- SHA256
  
  32cb71a7ea1983217b5eb695861af56d499bfbe7bc110d2a952539f049cb9079
- SHA512
  
  d3586d6f40030fc5d06d10228147960171c19e6907e8ff8dc6fcf6a7e3d69da138b41fe98149e241714765ba62f16341784174b38fe461c89daaa60228137ce2
- SSDEEP
  
  1536:1EFwEz4TF3nB3fjnK6ZQCQAXXUoCRADfZqfaq1RT4FHdS:C/+FdLqRA0J19wHc
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2