General

  • Target

    74f7493624532fef4b7d8ac4e35324532390675f33609653d0dc187130663524

  • Size

    679KB

  • Sample

    220911-q4bcfabfe8

  • MD5

    dccc26f4f13499f7546feaf91220275a

  • SHA1

    4ff91b05dbe31143fe1fa7302471842d1535f54f

  • SHA256

    74f7493624532fef4b7d8ac4e35324532390675f33609653d0dc187130663524

  • SHA512

    592486a8759f9d0ef2f4cfaa3bcc65b510704fe9dc7743ee91b0f022215767707eb68844923bc9c4ce60d340c3741c5c07674eab52a59567881cd5890a299aeb

  • SSDEEP

    12288:nTbgFqmIJPmlgJ6Os2PrpCgSqHFcHkneLzMbNy5DVfx0SyZAEXkJX45nAp5SFd0E:nTkFtIJPmy0Os2PtOqlcsoMb43xZaXSG

Malware Config

Extracted

Family

socelars

C2

https://dfgrthres.s3.eu-west-3.amazonaws.com/asdhs909/

Targets

    • Target

      74f7493624532fef4b7d8ac4e35324532390675f33609653d0dc187130663524

    • Size

      679KB

    • MD5

      dccc26f4f13499f7546feaf91220275a

    • SHA1

      4ff91b05dbe31143fe1fa7302471842d1535f54f

    • SHA256

      74f7493624532fef4b7d8ac4e35324532390675f33609653d0dc187130663524

    • SHA512

      592486a8759f9d0ef2f4cfaa3bcc65b510704fe9dc7743ee91b0f022215767707eb68844923bc9c4ce60d340c3741c5c07674eab52a59567881cd5890a299aeb

    • SSDEEP

      12288:nTbgFqmIJPmlgJ6Os2PrpCgSqHFcHkneLzMbNy5DVfx0SyZAEXkJX45nAp5SFd0E:nTkFtIJPmy0Os2PtOqlcsoMb43xZaXSG

    • Socelars

      Socelars is an infostealer targeting browser cookies and credit card credentials.

    • Socelars payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks