Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    887517bb55f4a71397e009b60da5ce6c03466602109c43b2120d0c3c0d1dc3d7

  • Size

    1.4MB

  • Sample

    221027-ejw8maaedp

  • MD5

    2daad856bd8532386a446b6c31eeb3c9

  • SHA1

    f371eccea0a284702ce8e79cfa6d23dad307f42a

  • SHA256

    887517bb55f4a71397e009b60da5ce6c03466602109c43b2120d0c3c0d1dc3d7

  • SHA512

    a2e9d4e543f03e58a6764bbd477feb4769cc8e9109d8d5b294129f087f6bc8d45f64f3763c5b7d5b9d335508a6f5f87bfce53a4817ffebbee190daaf842bad8b

  • SSDEEP

    24576:SJSLpwfVWRh0SGQ48Lm2194mKa4qrNdW9NTPjaZ1qBfI22:Sup62ESMTjTPjabqNI22

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/sadew1013/

Targets

    • Target

      887517bb55f4a71397e009b60da5ce6c03466602109c43b2120d0c3c0d1dc3d7

    • Size

      1.4MB

    • MD5

      2daad856bd8532386a446b6c31eeb3c9

    • SHA1

      f371eccea0a284702ce8e79cfa6d23dad307f42a

    • SHA256

      887517bb55f4a71397e009b60da5ce6c03466602109c43b2120d0c3c0d1dc3d7

    • SHA512

      a2e9d4e543f03e58a6764bbd477feb4769cc8e9109d8d5b294129f087f6bc8d45f64f3763c5b7d5b9d335508a6f5f87bfce53a4817ffebbee190daaf842bad8b

    • SSDEEP

      24576:SJSLpwfVWRh0SGQ48Lm2194mKa4qrNdW9NTPjaZ1qBfI22:Sup62ESMTjTPjabqNI22

    • Socelars

      Socelars is an infostealer targeting browser cookies and credit card credentials.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks