SocGholish is a malware family that can be found on compromised web sites. When users land on these sites they may get presented with a fake update. Whether or not the fake update is displayed is dependent on numerous factors. For example, the site will check your source IP for anything that might indicate you’re not a standard end user. Additionally if you have visited the site already it will have stored a cookie. If you already have the cookie then you will not see the fake update.To help with consistently getting SocGholish to trigger, these were the steps used besides using a throwaway sandbox.
Read on at: SocGholish Malware Analysis | malware-analysis