SocGholish

SocGholish FakeUpdates 2017. seattlemysterylovers.com compromised bookstore. 262 byte stager. CMS inject.

Threat Profile
Type Loader
Programming LanguageJavaScript
C2 ProtocolHTTPS
First Seen2017
Targets Kuresel Web Tarayıcı
Purpose / Capabilities
  • Drive-By Loader

C2 Servers 1

1 Active
Address Port Protocol Status Action
seattlemysterylovers.com
443 HTTPS Active

⚠ C2 addresses are shared solely for threat intelligence and defensive purposes. Unauthorized access to these addresses constitutes a criminal offense.

Research Reports (2)

Medium

SocGholish -- seattlemysterylovers.com Ele Geçirilmiş Kitapçı, 262B Mini Stager | Orta

SocGholish 262 byte mini stager. seattlemysterylovers.com Seattle kitapci sitesi gizli payload URL. Drive-by download.

Read Report →
High

SocGholish -- 262 Byte JS Stager, seattlemysterylovers.com Kitap Evi Sitesi Hack | Yüksek

SocGholish 262 byte JS stager. editions.seattlemysterylovers.com ele gecirilen kitap evi web sitesi. TA569 FakeUpdate.

Read Report →