General

  • Target

    6f43a28e0e0986fc3d4b0035c824436f861f9ab3f2b7cf9fa346b9cdd0815ac5

  • Size

    1.4MB

  • Sample

    230115-17vwcsha2z

  • MD5

    af15db3092beec46536fbf552c1a9000

  • SHA1

    a9b07bbead0d74a6a933544906d5499e81c693e8

  • SHA256

    6f43a28e0e0986fc3d4b0035c824436f861f9ab3f2b7cf9fa346b9cdd0815ac5

  • SHA512

    cd0abaf8058c6294e8e07d863c34a41323aac241df985ad97d9894f40ad42ac63b65a24186f3848eddcef1276754545d574d90e38004e8178de3a774c72303d6

  • SSDEEP

    24576:JTw+pwza9XRiKmEtjvF2QwguEq8qrN5chUfP0SHumxskol:JnpRnfs4F2fP09os/l

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/adwwe09/

Targets

    • Target

      6f43a28e0e0986fc3d4b0035c824436f861f9ab3f2b7cf9fa346b9cdd0815ac5

    • Size

      1.4MB

    • MD5

      af15db3092beec46536fbf552c1a9000

    • SHA1

      a9b07bbead0d74a6a933544906d5499e81c693e8

    • SHA256

      6f43a28e0e0986fc3d4b0035c824436f861f9ab3f2b7cf9fa346b9cdd0815ac5

    • SHA512

      cd0abaf8058c6294e8e07d863c34a41323aac241df985ad97d9894f40ad42ac63b65a24186f3848eddcef1276754545d574d90e38004e8178de3a774c72303d6

    • SSDEEP

      24576:JTw+pwza9XRiKmEtjvF2QwguEq8qrN5chUfP0SHumxskol:JnpRnfs4F2fP09os/l

    Score
    8/10
    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks