General

  • Target

    6107c62caa917fb00575aa02aeab47c4.exe

  • Size

    1.4MB

  • Sample

    221122-lnrl9sha87

  • MD5

    6107c62caa917fb00575aa02aeab47c4

  • SHA1

    1ee1e62428f75fd73d2746bc0eb583d2eb761137

  • SHA256

    2e863a28aa6dcf671c8cf4a897fe444b1b3d2a2c0c1dfd5171eca15631c7a17d

  • SHA512

    3a94673acd97260199265ad8b6ae5eb5ae006b21b0ae3b0afe0a1ddc4d6a8d2ba6490ebe2232fd8d6bd7766587842ad9649b88c2bf46e275cbff32209d89f28d

  • SSDEEP

    24576:dJSLpwfVWRh0SGQ48Lm2194mKa4qrNkW9NTPjuFNqB4fC:dup62ESMyjTPjuPq2fC

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/asdhfr1115/

Targets

    • Target

      6107c62caa917fb00575aa02aeab47c4.exe

    • Size

      1.4MB

    • MD5

      6107c62caa917fb00575aa02aeab47c4

    • SHA1

      1ee1e62428f75fd73d2746bc0eb583d2eb761137

    • SHA256

      2e863a28aa6dcf671c8cf4a897fe444b1b3d2a2c0c1dfd5171eca15631c7a17d

    • SHA512

      3a94673acd97260199265ad8b6ae5eb5ae006b21b0ae3b0afe0a1ddc4d6a8d2ba6490ebe2232fd8d6bd7766587842ad9649b88c2bf46e275cbff32209d89f28d

    • SSDEEP

      24576:dJSLpwfVWRh0SGQ48Lm2194mKa4qrNkW9NTPjuFNqB4fC:dup62ESMyjTPjuPq2fC

    • Socelars

      Socelars is an infostealer targeting browser cookies and credit card credentials.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Collection

Data from Local System

1
T1005

Command and Control

Web Service

1
T1102

Tasks