General

  • Target

    52088e07586444109018aa27328051406120069754cd1fc74b5865ea5345d62b

  • Size

    1.4MB

  • Sample

    230117-17gnqsha88

  • MD5

    2aebe1bfcad819b24c9c502be743ef93

  • SHA1

    048d0cd806cdba0ce5e2974ab0f4f56f44c651b0

  • SHA256

    52088e07586444109018aa27328051406120069754cd1fc74b5865ea5345d62b

  • SHA512

    c905b7c0c018ccb30bb74471216fc1e9b0c34ae4a9cb6a538ba0f48ff5d3ea3cb9543960f2ce7134eb859d2d40609d307a37ef03b4f6e5606b25672b042b561c

  • SSDEEP

    24576:gTw+pwza9XRiKmEtjvF2QwguEq8qrN5chUfP0SHue5skVL:gnpRnfs4F2fP09gs2L

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/adwwe09/

Targets

    • Target

      52088e07586444109018aa27328051406120069754cd1fc74b5865ea5345d62b

    • Size

      1.4MB

    • MD5

      2aebe1bfcad819b24c9c502be743ef93

    • SHA1

      048d0cd806cdba0ce5e2974ab0f4f56f44c651b0

    • SHA256

      52088e07586444109018aa27328051406120069754cd1fc74b5865ea5345d62b

    • SHA512

      c905b7c0c018ccb30bb74471216fc1e9b0c34ae4a9cb6a538ba0f48ff5d3ea3cb9543960f2ce7134eb859d2d40609d307a37ef03b4f6e5606b25672b042b561c

    • SSDEEP

      24576:gTw+pwza9XRiKmEtjvF2QwguEq8qrN5chUfP0SHue5skVL:gnpRnfs4F2fP09gs2L

    Score
    8/10
    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks