SocGholish Malware: Script Injections, Domain Shadowing, IPs & Obfuscation Techniques
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 4c47ed38-0b40-4268-9833-f03e3b7125c0 |
| Fingerprint | b52021f9cd9836cc |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Aug. 16, 2022, 6:14 p.m. |
| Added to db | Oct. 24, 2023, 1:40 p.m. |
| Last updated | Nov. 17, 2024, 10:43 p.m. |
| Headline | SocGholish Malware: Script Injections, Domain Shadowing, IPs & Obfuscation Techniques |
| Title | SocGholish Malware: Script Injections, Domain Shadowing, IPs & Obfuscation Techniques |
| Detected Hints/Tags/Attributes | 72/2/93 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 154 | urlscan.io |
|
| Details | Domain | 2 | natural.cpawalmyrivera.com |
|
| Details | Domain | 1 | agent.ag |
|
| Details | Domain | 4 | track.amishbrand.com |
|
| Details | Domain | 3 | connect.clevelandskin.com |
|
| Details | Domain | 4 | track.positiverefreshment.org |
|
| Details | Domain | 3 | backup.awarfaregaming.com |
|
| Details | Domain | 5 | click.clickanalytics208.com |
|
| Details | Domain | 4 | link.easycounter210.com |
|
| Details | Domain | 2 | sodality.mandmsolicitors.com |
|
| Details | Domain | 1 | safeguard.couleurmutation.com |
|
| Details | Domain | 1 | nurse.dmvsvapekings.us |
|
| Details | Domain | 3 | rocket2.new10k.com |
|
| Details | Domain | 2 | cigars.pawscolours.com |
|
| Details | Domain | 3 | stuff.bonneltravel.com |
|
| Details | Domain | 2 | cardo.diem-co.com |
|
| Details | Domain | 2 | expense.brick-house.net |
|
| Details | Domain | 2 | paggy.parmsplace.com |
|
| Details | Domain | 2 | genesis.ibgenesis.org |
|
| Details | Domain | 2 | havana.littlehavanacigarstore.com |
|
| Details | Domain | 2 | cruize.updogtechnologies.com |
|
| Details | Domain | 2 | predator.foxscalesjewelry.com |
|
| Details | Domain | 2 | query.dec.works |
|
| Details | Domain | 2 | wallpapers.uniquechoice-co.com |
|
| Details | Domain | 2 | master.ilsrecruitment.com |
|
| Details | Domain | 2 | west.bykikarose.com |
|
| Details | Domain | 2 | soendorg.top |
|
| Details | Domain | 2 | baget.godmessaged.me |
|
| Details | Domain | 1 | godmessaged.me |
|
| Details | Domain | 2 | active.aasm.pro |
|
| Details | Domain | 2 | vacation.thebrightgift.com |
|
| Details | Domain | 2 | rituals.fashionediter.com |
|
| Details | Domain | 2 | casting.faeryfox.com |
|
| Details | Domain | 1 | clickanalytics208.com |
|
| Details | Domain | 1 | easycounter210.com |
|
| Details | Domain | 2 | adsprofitnetwork.com |
|
| Details | Domain | 3 | statclick.net |
|
| Details | Domain | 3 | clickstat360.com |
|
| Details | Domain | 3 | syncadv.com |
|
| Details | Domain | 3 | webcachespace.net |
|
| Details | Domain | 2 | cachespace.net |
|
| Details | Domain | 3 | staticvisit.net |
|
| Details | Domain | 3 | webcachestorage.com |
|
| Details | Domain | 2 | d2j09jsarr75l2.cloudfront.net |
|
| Details | Domain | 538 | pic.twitter.com |
|
| Details | Domain | 1 | active.xomosagency.com |
|
| Details | Domain | 2 | actors.jcracing.com |
|
| Details | Domain | 2 | amplifier.myjesusloves.me |
|
| Details | Domain | 1 | cats.johnbeach.us |
|
| Details | Domain | 2 | center.blueoctopuspress.com |
|
| Details | Domain | 2 | cloud.bncfministries.org |
|
| Details | Domain | 2 | common.dotviolationsremoval.com |
|
| Details | Domain | 2 | community.wbaperformance.com |
|
| Details | Domain | 2 | connect.codigodebarra.co |
|
| Details | Domain | 4 | design.lawrencetravelco.com |
|
| Details | Domain | 2 | gohnson.advanceditsolutionsaz.com |
|
| Details | Domain | 2 | hares.lacyberlab.net |
|
| Details | Domain | 2 | hemi.mamasbakery.net |
|
| Details | Domain | 2 | hope.point521.com |
|
| Details | Domain | 2 | hunter.libertylawaz.com |
|
| Details | Domain | 2 | mafia.carverdesigngroup.com |
|
| Details | Domain | 1 | mycontrol.alohaalsomeansgoodbye.com |
|
| Details | Domain | 2 | nivea.dreamworkscdc.com |
|
| Details | Domain | 2 | performer.stmhonline.com |
|
| Details | Domain | 2 | puzzle.tricityintranet.com |
|
| Details | Domain | 2 | record.usautosaleslv.com |
|
| Details | Domain | 2 | republic.beboldskincare.com |
|
| Details | Domain | 3 | sdk.expresswayautopr.com |
|
| Details | Domain | 2 | second.pmservicespr.com |
|
| Details | Domain | 2 | stanley.planilla2021.com |
|
| Details | Domain | 2 | training.ren-kathybermejo.com |
|
| Details | Domain | 2 | flowers.netplusplans.com |
|
| Details | File | 4 | s_code.js |
|
| Details | File | 1 | jsquery.js |
|
| Details | File | 2 | common.dot |
|
| Details | File | 2 | performer.stm |
|
| Details | File | 2 | stanley.pl |
|
| Details | IPv4 | 1 | 75.119.205.210 |
|
| Details | IPv4 | 1 | 141.94.63.238 |
|
| Details | IPv4 | 2 | 141.94.63.231 |
|
| Details | IPv4 | 1 | 146.19.188.108 |
|
| Details | IPv4 | 2 | 153.92.223.141 |
|
| Details | IPv4 | 2 | 195.123.246.184 |
|
| Details | IPv4 | 1 | 23.140.176.43 |
|
| Details | IPv4 | 3 | 45.10.42.26 |
|
| Details | IPv4 | 2 | 45.10.43.78 |
|
| Details | IPv4 | 1 | 79.142.69.149 |
|
| Details | Url | 1 | https://natural.cpawalmyrivera.com/report?r=dj0xytaymdfintjkn2nhotk5nze1myzjawq9mjy4 |
|
| Details | Url | 1 | https://d2j09jsarr75l2.cloudfront.net/report?r=dj0xytaymdfintjkn2nhotk5nze1myzjawq9mjy4 |
|
| Details | Url | 1 | https://track.amishbrand.com/s_code.js?cid=205&v=c40bfeff70a8e1abc00f |
|
| Details | Url | 1 | https://flowers.netplusplans.com/report?r=dj1lntmyntm4zwm4y2riodexnmy0oczjawq9mju5 |
|
| Details | Url | 1 | https://hunter.libertylawaz.com/report?r=dj03mdgyztc5zmnhn2ewy2m2yja3nczjawq9mjyz |
|
| Details | Url | 1 | https://amplifier.myjesusloves.me/report?r=dj0xytaymdfintjkn2nhotk5nze1myzjawq9mjy4 |