General

  • Target

    317d2c2ca21441a1dc9e94f7397e74bd.bin

  • Size

    722KB

  • Sample

    230116-jg5jfabf35

  • MD5

    fe76192f93855b204d58a6b308855041

  • SHA1

    4ddf150e00843218b1fecbaa92602eed4c6a4f72

  • SHA256

    f6cb8194901edcd81c4b6630d0a0c027d80a60b60d378b78016c779617201d70

  • SHA512

    4715229c9d7dbd5a4c77841d429df80168f83b69c0206869fd5d0e60b073c65c2762614b72b65124077783f87d320229a7b2f7894c73827642cb67e79c99560c

  • SSDEEP

    12288:LwX5mpNWhhs8Q8oorVFQi3uiihAKDzURoy1ea3Mfe3vYcInGGlrOYjSxAi3f:EachP+NAhG34MWQ9rOFff

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/wduwe19/

Targets

    • Target

      ba7b8d555d3940afdf16d64213ce5203530fb28a637a409f2e7ec1fcff147f7f.exe

    • Size

      1.4MB

    • MD5

      317d2c2ca21441a1dc9e94f7397e74bd

    • SHA1

      11183c80ba3c5eefd726183459afe8cc997d602b

    • SHA256

      ba7b8d555d3940afdf16d64213ce5203530fb28a637a409f2e7ec1fcff147f7f

    • SHA512

      5fd67c7adc503b820f341ab52af9ef6a58e7d84c41b787dca5478376dadeab281fdac65b786a222f067c456a38b8250f3dbbe2b0922cbd913b54e3c3e6a75824

    • SSDEEP

      24576:ZJSLpwfVWRh0SGQ48Lm2194mKa4qrNdW9NTPjaN5qBcR:Zup62ESMTjTPjavquR

    • Socelars

      Socelars is an infostealer targeting browser cookies and credit card credentials.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks