socgholish | 0e4b9eeb5bdf56d6b009808bdce2505ad9a68ac0dbf526703f95dd2373be26d6 | Triage

Sharing

General

Target

JaffaCakes118_9937add738802c4a123e7d97cdc479d7
Size

130KB
Sample

250204-27qr3sxldz
MD5

9937add738802c4a123e7d97cdc479d7
SHA1

7bec56849dc18160bbbacc76fe09b0c8b7d3144b
SHA256

0e4b9eeb5bdf56d6b009808bdce2505ad9a68ac0dbf526703f95dd2373be26d6
SHA512

d0c75cc02eacd419fc2b75e282aef49c1cf3fad5cdcafc44713dd9b68bc450f6fe057f7505d7d3d7d0bcced248da8d3dd2517bd466ab3b958976786d1d72b733
SSDEEP

3072:wL6JPErYxYiv+8ysOZHvOodEhNiawd/RNHTcjW4YV:wL6J5v+nV

Score

10^/10

socgholish google discovery downloader phishing

Malware Config

Targets

- Target
  
  JaffaCakes118_9937add738802c4a123e7d97cdc479d7
- Size
  
  130KB
- MD5
  
  9937add738802c4a123e7d97cdc479d7
- SHA1
  
  7bec56849dc18160bbbacc76fe09b0c8b7d3144b
- SHA256
  
  0e4b9eeb5bdf56d6b009808bdce2505ad9a68ac0dbf526703f95dd2373be26d6
- SHA512
  
  d0c75cc02eacd419fc2b75e282aef49c1cf3fad5cdcafc44713dd9b68bc450f6fe057f7505d7d3d7d0bcced248da8d3dd2517bd466ab3b958976786d1d72b733
- SSDEEP
  
  3072:wL6JPErYxYiv+8ysOZHvOodEhNiawd/RNHTcjW4YV:wL6J5v+nV
Score

10^/10

socgholish google discovery downloader phishing
- Detected google phishing page
  phishing google
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishgooglediscoverydownloaderphishing

behavioral2