SocGholish Malware Analysis | malware-analysis

SocGholish is a malware family that can be found on compromised web sites. When users land on these sites they may get presented with a fake update. Whether or not the fake update is displayed is dependent on numerous factors. For example, the site will check your source IP for anything that might indicate you’re not a standard end user. Additionally if you have visited the site already it will have stored a cookie. If you already have the cookie then you will not see the fake update.To help with consistently getting SocGholish to trigger, these were the steps used besides using a throwaway sandbox.

Read on at: SocGholish Malware Analysis | malware-analysis


My pronouns are whatever you're comfortable with as long as you speak to me with respect. I'm an Afruikan and Iswa refugee living in Canaan. That's African American expat in Israel in Normalian. I build websites, make art, and assist people in exercising their spirituality. I'm also the king of an ile, Baalat Teva, a group of African spirituality adherents here. Feel free to contact me if you are in need of my services or just want to chat.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • You’ve read the article, now get the t-shirt! :-D