General

  • Target

    a1a198510029e5c34d662239dfaf0265ca70a2b98a0a8edb311dcc7aad04c691

  • Size

    1.4MB

  • Sample

    220908-gdt77abaem

  • MD5

    732c5acf131d9a3a438100fa8306f132

  • SHA1

    1c67643219aa745f8b65b6025a3c4cad17013adb

  • SHA256

    a1a198510029e5c34d662239dfaf0265ca70a2b98a0a8edb311dcc7aad04c691

  • SHA512

    14488c8115098d5df261f431bfb06f28c652adc1b809d1108fe48f6fbea5d86d1234f4ffe578cb2c8ef94d9dcedbfc8c34b09856b78f7f0db161f7255b9bdd98

  • SSDEEP

    24576:23MDpobXmmlFSUacscm2ns1CqSzqrNv+9IxPGS9kDKY2nINznc:22pI3t5XJixPGSSDknkznc

Malware Config

Extracted

Family

socelars

C2

https://hueduy.s3.eu-west-1.amazonaws.com/dhfry901/

Targets

    • Target

      a1a198510029e5c34d662239dfaf0265ca70a2b98a0a8edb311dcc7aad04c691

    • Size

      1.4MB

    • MD5

      732c5acf131d9a3a438100fa8306f132

    • SHA1

      1c67643219aa745f8b65b6025a3c4cad17013adb

    • SHA256

      a1a198510029e5c34d662239dfaf0265ca70a2b98a0a8edb311dcc7aad04c691

    • SHA512

      14488c8115098d5df261f431bfb06f28c652adc1b809d1108fe48f6fbea5d86d1234f4ffe578cb2c8ef94d9dcedbfc8c34b09856b78f7f0db161f7255b9bdd98

    • SSDEEP

      24576:23MDpobXmmlFSUacscm2ns1CqSzqrNv+9IxPGS9kDKY2nINznc:22pI3t5XJixPGSSDknkznc

    • Socelars

      Socelars is an infostealer targeting browser cookies and credit card credentials.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks