General

  • Target

    f0d17149ee8e503132e523bce6af0adf27e76fceeed5e8062c786bc913a0874c

  • Size

    723KB

  • Sample

    220913-fme9ysefh5

  • MD5

    e628e6fcb87bf5b45eb5b09be32be995

  • SHA1

    5ff3557e3ad381716b429974d5884348695b5be8

  • SHA256

    f0d17149ee8e503132e523bce6af0adf27e76fceeed5e8062c786bc913a0874c

  • SHA512

    f282cb8bd7f5b870203335090c4c17b8feeea02052b311b27c84ff661b0f629b5c83ff6f565d3a8e315713c9af05348c0354d38b220fd901bb93da5da8f4f554

  • SSDEEP

    12288:8yhveJM56XGvHq/xrJwUXD/vesjnOffb5jDTqPowO4BviNk:8EgXnreUT/veWOXRDGP5ck

Malware Config

Extracted

Family

socelars

C2

https://dfgrthres.s3.eu-west-3.amazonaws.com/asdhs909/

Targets

    • Target

      f0d17149ee8e503132e523bce6af0adf27e76fceeed5e8062c786bc913a0874c

    • Size

      723KB

    • MD5

      e628e6fcb87bf5b45eb5b09be32be995

    • SHA1

      5ff3557e3ad381716b429974d5884348695b5be8

    • SHA256

      f0d17149ee8e503132e523bce6af0adf27e76fceeed5e8062c786bc913a0874c

    • SHA512

      f282cb8bd7f5b870203335090c4c17b8feeea02052b311b27c84ff661b0f629b5c83ff6f565d3a8e315713c9af05348c0354d38b220fd901bb93da5da8f4f554

    • SSDEEP

      12288:8yhveJM56XGvHq/xrJwUXD/vesjnOffb5jDTqPowO4BviNk:8EgXnreUT/veWOXRDGP5ck

    • Socelars

      Socelars is an infostealer targeting browser cookies and credit card credentials.

    • Socelars payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks