socgholish | 0c24d39237b8224fe5568b0b87a3c77269b644a9686177f26f69fd631f51e7f3 | Triage

Sharing

General

Target

JaffaCakes118_847318573ada820bb0a8a92e1e8bdaf8
Size

242KB
Sample

250203-e1f8qszndy
MD5

847318573ada820bb0a8a92e1e8bdaf8
SHA1

849929d5e3c852bfe63d0f0f9757641a11ec8372
SHA256

0c24d39237b8224fe5568b0b87a3c77269b644a9686177f26f69fd631f51e7f3
SHA512

aec638b53a6f45c2898dc4c4b5ab4ced2dfb8f894cbb12cb6fe39d9248a25a3a6b3000fb6dbbbadd39abff85f75337a2dce3875fcb8c01f50f05a9338bc36a1d
SSDEEP

3072:14U0gOS+XOVLgOodKhMFp+kjXIPzBjmaLH9ZCroYna3vZSP5ZbI0ty/derD8f9u1:14XgDTVLe+OMkax9YDPngfNwZ8W

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  JaffaCakes118_847318573ada820bb0a8a92e1e8bdaf8
- Size
  
  242KB
- MD5
  
  847318573ada820bb0a8a92e1e8bdaf8
- SHA1
  
  849929d5e3c852bfe63d0f0f9757641a11ec8372
- SHA256
  
  0c24d39237b8224fe5568b0b87a3c77269b644a9686177f26f69fd631f51e7f3
- SHA512
  
  aec638b53a6f45c2898dc4c4b5ab4ced2dfb8f894cbb12cb6fe39d9248a25a3a6b3000fb6dbbbadd39abff85f75337a2dce3875fcb8c01f50f05a9338bc36a1d
- SSDEEP
  
  3072:14U0gOS+XOVLgOodKhMFp+kjXIPzBjmaLH9ZCroYna3vZSP5ZbI0ty/derD8f9u1:14XgDTVLe+OMkax9YDPngfNwZ8W
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2