socgholish | f543fd8fa0dae9746dbe1cb60b183c34359207270f0d12bb56fbff1a985f83aa | Triage

Sharing

General

Target

JaffaCakes118_02201db4df5cb9414fa06df903d5bfd3
Size

246KB
Sample

250218-2wq9ga1mh1
MD5

02201db4df5cb9414fa06df903d5bfd3
SHA1

840b5b0d3ac0aaf016cd597ddbe188b3ee6bd856
SHA256

f543fd8fa0dae9746dbe1cb60b183c34359207270f0d12bb56fbff1a985f83aa
SHA512

77f76ab4e5ef4316dec7889e982808037f54c39cd6c7a6dc357b76126478e441683cca2e37e894153d6c98e12c2dab19dab969604a10826e40ea308343bdc5a9
SSDEEP

3072:Xnw5lKseu3S2odUhfgQKjSHAJmwqARwlq11MOnv8sF6OZ7+3Vy+2ZrNSh/MxY+KH:XnwPKscSHApSso

Score

10^/10

socgholish google discovery downloader phishing

Malware Config

Targets

- Target
  
  JaffaCakes118_02201db4df5cb9414fa06df903d5bfd3
- Size
  
  246KB
- MD5
  
  02201db4df5cb9414fa06df903d5bfd3
- SHA1
  
  840b5b0d3ac0aaf016cd597ddbe188b3ee6bd856
- SHA256
  
  f543fd8fa0dae9746dbe1cb60b183c34359207270f0d12bb56fbff1a985f83aa
- SHA512
  
  77f76ab4e5ef4316dec7889e982808037f54c39cd6c7a6dc357b76126478e441683cca2e37e894153d6c98e12c2dab19dab969604a10826e40ea308343bdc5a9
- SSDEEP
  
  3072:Xnw5lKseu3S2odUhfgQKjSHAJmwqARwlq11MOnv8sF6OZ7+3Vy+2ZrNSh/MxY+KH:XnwPKscSHApSso
Score

10^/10

socgholish google discovery downloader phishing
- Detected google phishing page
  phishing google
- SocGholish
  SocGholish is a JavaScript payload that downloads other malware.
  downloader socgholish
- Socgholish family
  socgholish
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socgholishgooglediscoverydownloaderphishing

behavioral2