SocGholish
SocGholish FakeUpdates 2017. seattlemysterylovers.com compromised bookstore. 262 byte stager. CMS inject.
Threat Profile
Type
Loader
Programming LanguageJavaScript
C2 ProtocolHTTPS
First Seen2017
Targets
Kuresel Web Tarayıcı
Purpose / Capabilities
- Drive-By Loader
C2 Servers 1
1 Active
| Address | Port | Protocol | Status | Action |
|---|---|---|---|---|
seattlemysterylovers.com
|
443 | HTTPS | Active |
⚠ C2 addresses are shared solely for threat intelligence and defensive purposes. Unauthorized access to these addresses constitutes a criminal offense.
Research Reports (2)
SocGholish -- seattlemysterylovers.com Ele Geçirilmiş Kitapçı, 262B Mini Stager | Orta
SocGholish 262 byte mini stager. seattlemysterylovers.com Seattle kitapci sitesi gizli payload URL. Drive-by download.
Read Report →SocGholish -- 262 Byte JS Stager, seattlemysterylovers.com Kitap Evi Sitesi Hack | Yüksek
SocGholish 262 byte JS stager. editions.seattlemysterylovers.com ele gecirilen kitap evi web sitesi. TA569 FakeUpdate.
Read Report →