socgholish | 0e68301dec6cbb6c629e1e6d17b1f9ed9dc04199d2ae7208e4310db33188a5f4 | Triage

Sharing

General

Target

JaffaCakes118_8aa398745bae42197e077797f2c63104
Size

241KB
Sample

250203-vb4whaymfq
MD5

8aa398745bae42197e077797f2c63104
SHA1

6e4ad26161856243b077a7946d643ddbc1629f00
SHA256

0e68301dec6cbb6c629e1e6d17b1f9ed9dc04199d2ae7208e4310db33188a5f4
SHA512

d439fed455c9c8fd36c996bcd8380665ec9bb396bda6bc42c7444e3e8485d7947b6538326ba975ef1f6ac5114d3b8b9e89691fa7d4753c9ed8a4e75c52be3546
SSDEEP

3072:14Z0gOS+IOrTHeodfhMFc+ZjXIPzpjmaLH9ZCroYna3vZSP5ZbI0ty/derD8f9uT:14OgDErTF+5MEax9YDPngfNwZ80

Score

10^/10

socgholish discovery downloader

Malware Config

Targets

- Target
  
  JaffaCakes118_8aa398745bae42197e077797f2c63104
- Size
  
  241KB
- MD5
  
  8aa398745bae42197e077797f2c63104
- SHA1
  
  6e4ad26161856243b077a7946d643ddbc1629f00
- SHA256
  
  0e68301dec6cbb6c629e1e6d17b1f9ed9dc04199d2ae7208e4310db33188a5f4
- SHA512
  
  d439fed455c9c8fd36c996bcd8380665ec9bb396bda6bc42c7444e3e8485d7947b6538326ba975ef1f6ac5114d3b8b9e89691fa7d4753c9ed8a4e75c52be3546
- SSDEEP
  
  3072:14Z0gOS+IOrTHeodfhMFc+ZjXIPzpjmaLH9ZCroYna3vZSP5ZbI0ty/derD8f9uT:14OgDErTF+5MEax9YDPngfNwZ80
Score

10^/10

socgholish discovery downloader
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishdiscoverydownloader

behavioral2