General

  • Target

    accef38dd6d8c259bb3e7da3927d439e38c506f729a96c1ce3be1e12fa0e67aa

  • Size

    975KB

  • Sample

    211014-gm124agber

  • MD5

    ea6749773f961cd51c26eb06b3ab9d73

  • SHA1

    28db19b60fb4f44ce39445396599198b7b3d6662

  • SHA256

    accef38dd6d8c259bb3e7da3927d439e38c506f729a96c1ce3be1e12fa0e67aa

  • SHA512

    3ca856715d7ff0bfed6c1711beebae580fead02b74dc357ba1b68903c73ee06c1248fcc45e7d59be67e098578ad8c78eb11eb00732e31b53319f521c999a6d34

Malware Config

Targets

    • Target

      accef38dd6d8c259bb3e7da3927d439e38c506f729a96c1ce3be1e12fa0e67aa

    • Size

      975KB

    • MD5

      ea6749773f961cd51c26eb06b3ab9d73

    • SHA1

      28db19b60fb4f44ce39445396599198b7b3d6662

    • SHA256

      accef38dd6d8c259bb3e7da3927d439e38c506f729a96c1ce3be1e12fa0e67aa

    • SHA512

      3ca856715d7ff0bfed6c1711beebae580fead02b74dc357ba1b68903c73ee06c1248fcc45e7d59be67e098578ad8c78eb11eb00732e31b53319f521c999a6d34

    • Socelars

      Socelars is an infostealer targeting browser cookies and credit card credentials.

    • Socelars Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Credentials in Files

1
T1081

Discovery

System Information Discovery

1
T1082

Collection

Data from Local System

1
T1005

Command and Control

Web Service

1
T1102

Tasks