socgholish | 672cc9612c15ec193edac0dbdf57d2369f5a9193644860bb3f65e501a60784ce | Triage

Sharing

General

Target

JaffaCakes118_29ebedd8a61ecce7b89cb6de43b66cfb
Size

241KB
Sample

250113-q2bv7atpgw
MD5

29ebedd8a61ecce7b89cb6de43b66cfb
SHA1

f9af7a503e19ca138eaf75a7459ce422d7ca72fc
SHA256

672cc9612c15ec193edac0dbdf57d2369f5a9193644860bb3f65e501a60784ce
SHA512

d4f9e596c2391381c4ce4260fbb6d8d54bfae17d4a30f23fcf206a69b7001a62e86ac95fadfe05946c60fe3a40f18d98644083931562048ad0323574a0055b65
SSDEEP

3072:14M0gOS+cOCqPfodE0hMFY+RjXIPzpjmaLH9ZCroYna3vZSP5ZbI0ty/derD8f9m:14fgDmCqRe+xMEax9YDPngfNwZ8Y

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  JaffaCakes118_29ebedd8a61ecce7b89cb6de43b66cfb
- Size
  
  241KB
- MD5
  
  29ebedd8a61ecce7b89cb6de43b66cfb
- SHA1
  
  f9af7a503e19ca138eaf75a7459ce422d7ca72fc
- SHA256
  
  672cc9612c15ec193edac0dbdf57d2369f5a9193644860bb3f65e501a60784ce
- SHA512
  
  d4f9e596c2391381c4ce4260fbb6d8d54bfae17d4a30f23fcf206a69b7001a62e86ac95fadfe05946c60fe3a40f18d98644083931562048ad0323574a0055b65
- SSDEEP
  
  3072:14M0gOS+cOCqPfodE0hMFY+RjXIPzpjmaLH9ZCroYna3vZSP5ZbI0ty/derD8f9m:14fgDmCqRe+xMEax9YDPngfNwZ8Y
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2