General

  • Target

    8fe5e876f29de7324ecedf4b2cb7e139.exe

  • Size

    1.4MB

  • Sample

    221205-k8ggcsac8z

  • MD5

    8fe5e876f29de7324ecedf4b2cb7e139

  • SHA1

    2fab6a5d9a8da74fb068db86032b3fa64e2ed613

  • SHA256

    c47525e3eeff5cafb1125a7f52314de9a3577a94b9c9b11ee91bc5e011f0e3c0

  • SHA512

    e1a35249e6c13b9439b2d2287805edc6c5c6d0a67b2286499888a4227fa1dedfe60dc660f561b0c036b8b5078ae8cd0f4c173894eda8b21c8ac438dda40817c8

  • SSDEEP

    24576:VJSLpwfVWRh0SGQ48Lm2194mKa4qrNdW9NTPjapmqBZr:Vup62ESMTjTPjaoq3r

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/sauydga27/

Targets

    • Target

      8fe5e876f29de7324ecedf4b2cb7e139.exe

    • Size

      1.4MB

    • MD5

      8fe5e876f29de7324ecedf4b2cb7e139

    • SHA1

      2fab6a5d9a8da74fb068db86032b3fa64e2ed613

    • SHA256

      c47525e3eeff5cafb1125a7f52314de9a3577a94b9c9b11ee91bc5e011f0e3c0

    • SHA512

      e1a35249e6c13b9439b2d2287805edc6c5c6d0a67b2286499888a4227fa1dedfe60dc660f561b0c036b8b5078ae8cd0f4c173894eda8b21c8ac438dda40817c8

    • SSDEEP

      24576:VJSLpwfVWRh0SGQ48Lm2194mKa4qrNdW9NTPjapmqBZr:Vup62ESMTjTPjaoq3r

    • Socelars

      Socelars is an infostealer targeting browser cookies and credit card credentials.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Collection

Data from Local System

1
T1005

Command and Control

Web Service

1
T1102

Tasks