socgholish | 3dd17906009a426148b92a542e6eb89fa5d74bdc22953571bcf7b1a6d95bf155 | Triage

Sharing

General

Target

JaffaCakes118_0a6f56f12bceb94876744ee87851f301
Size

123KB
Sample

250122-fag8sazjbp
MD5

0a6f56f12bceb94876744ee87851f301
SHA1

9228e74a0f9ff6b7b5941764467647039d79aa45
SHA256

3dd17906009a426148b92a542e6eb89fa5d74bdc22953571bcf7b1a6d95bf155
SHA512

298e1c13d30f8e773121edb2cb1de32ce34facc408d2f48d9bf1cc95f8d8077053ace7aafc757f1d9e160bf0a62790c7f253e11a98f85217a32e41022a2d5a64
SSDEEP

3072:zG9cUwc1oBTRwsHd6lt5V/znccYaayevYblTUQtw9Z:zGcUwc1oFdU5V/znccbanwblTAZ

Score

10^/10

socgholish discovery downloader phishing

Malware Config

Targets

- Target
  
  JaffaCakes118_0a6f56f12bceb94876744ee87851f301
- Size
  
  123KB
- MD5
  
  0a6f56f12bceb94876744ee87851f301
- SHA1
  
  9228e74a0f9ff6b7b5941764467647039d79aa45
- SHA256
  
  3dd17906009a426148b92a542e6eb89fa5d74bdc22953571bcf7b1a6d95bf155
- SHA512
  
  298e1c13d30f8e773121edb2cb1de32ce34facc408d2f48d9bf1cc95f8d8077053ace7aafc757f1d9e160bf0a62790c7f253e11a98f85217a32e41022a2d5a64
- SSDEEP
  
  3072:zG9cUwc1oBTRwsHd6lt5V/znccYaayevYblTUQtw9Z:zGcUwc1oFdU5V/znccbanwblTAZ
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2