socgholish | a66878ee5747a6d62417981a23f12379e651cb7749261f42521c1e7519044dab | Triage

Sharing

General

Target

JaffaCakes118_7579edbeb4e0de37d653d84b77c2f47b
Size

172KB
Sample

250116-n3z83aznbp
MD5

7579edbeb4e0de37d653d84b77c2f47b
SHA1

c52ee630c76c23498ec7fdc848303fc0caeeb67c
SHA256

a66878ee5747a6d62417981a23f12379e651cb7749261f42521c1e7519044dab
SHA512

9a3f09a9df4e6f4819d0c5ed3314664e4959af653d26c6ff347e08c51c81a93a35af0ac96cfef388f9a56c837dd4950daa8fc044506d64a5ed607f6c7fc6bb04
SSDEEP

3072:14W0gOS+6OmwbbmFod9hMFy+zIPz1EdF+48EnBG1mxq7seV/6mG0sJ80V9o5xm8f:14JgD0mwbbt+AVwIJ6HYrf5wZ87

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  JaffaCakes118_7579edbeb4e0de37d653d84b77c2f47b
- Size
  
  172KB
- MD5
  
  7579edbeb4e0de37d653d84b77c2f47b
- SHA1
  
  c52ee630c76c23498ec7fdc848303fc0caeeb67c
- SHA256
  
  a66878ee5747a6d62417981a23f12379e651cb7749261f42521c1e7519044dab
- SHA512
  
  9a3f09a9df4e6f4819d0c5ed3314664e4959af653d26c6ff347e08c51c81a93a35af0ac96cfef388f9a56c837dd4950daa8fc044506d64a5ed607f6c7fc6bb04
- SSDEEP
  
  3072:14W0gOS+6OmwbbmFod9hMFy+zIPz1EdF+48EnBG1mxq7seV/6mG0sJ80V9o5xm8f:14JgD0mwbbt+AVwIJ6HYrf5wZ87
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2