Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    09c864d0f4711de7f5e1b0aa381da67e.exe

  • Size

    1.4MB

  • Sample

    220911-hmhfesehdk

  • MD5

    09c864d0f4711de7f5e1b0aa381da67e

  • SHA1

    0c640a0285b0fd9cb9664c3d0d9a4edb899061a6

  • SHA256

    1751b6bd0394c9b4e3f36179f5b40871e7fa295fe754a294dbe068898d12a8f6

  • SHA512

    6bcdfe259bcac05c81d36493b3c19412e7b0c2113a6191b760f48f56eb0ccd4de2dc4566324eeb6b2db27f674bc9230dd08fb6ab3f40eb2f052fc9f581c1c13c

  • SSDEEP

    24576:F8pq1ZW6rIczqGTQP2MZt7qjgtD8XH1TuPDLvBPDKYI9n:ipylfJda0FuPPvVDu9n

Malware Config

Extracted

Family

socelars

C2

https://hueduy.s3.eu-west-1.amazonaws.com/dhfry901/

Targets

    • Target

      09c864d0f4711de7f5e1b0aa381da67e.exe

    • Size

      1.4MB

    • MD5

      09c864d0f4711de7f5e1b0aa381da67e

    • SHA1

      0c640a0285b0fd9cb9664c3d0d9a4edb899061a6

    • SHA256

      1751b6bd0394c9b4e3f36179f5b40871e7fa295fe754a294dbe068898d12a8f6

    • SHA512

      6bcdfe259bcac05c81d36493b3c19412e7b0c2113a6191b760f48f56eb0ccd4de2dc4566324eeb6b2db27f674bc9230dd08fb6ab3f40eb2f052fc9f581c1c13c

    • SSDEEP

      24576:F8pq1ZW6rIczqGTQP2MZt7qjgtD8XH1TuPDLvBPDKYI9n:ipylfJda0FuPPvVDu9n

    • Socelars

      Socelars is an infostealer targeting browser cookies and credit card credentials.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks