General

  • Target

    e5b87c004219123fd66f7226e303e37eaac663f0725aee442dbcf64c28b4e019

  • Size

    1.4MB

  • Sample

    230117-glf1jaba96

  • MD5

    44ae7c9250c08f5e92f39ef49e607862

  • SHA1

    89bfe3a1ecdcd587d29802ab9032dafcbe6e2d8c

  • SHA256

    e5b87c004219123fd66f7226e303e37eaac663f0725aee442dbcf64c28b4e019

  • SHA512

    7785dc3d5046d2778417190e955534e06ef43e1f9960dde2acf09a140820096d625e4515037b4ffcfa3477e5289e6873c1aab23373e7955330565a6693cdef4e

  • SSDEEP

    24576:sTw+pwza9XRiKmEtjvF2QwguEq8qrN5chUfP0SHu63sk9L:snpRnfs4F2fP09KsuL

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/adwwe09/

Targets

    • Target

      e5b87c004219123fd66f7226e303e37eaac663f0725aee442dbcf64c28b4e019

    • Size

      1.4MB

    • MD5

      44ae7c9250c08f5e92f39ef49e607862

    • SHA1

      89bfe3a1ecdcd587d29802ab9032dafcbe6e2d8c

    • SHA256

      e5b87c004219123fd66f7226e303e37eaac663f0725aee442dbcf64c28b4e019

    • SHA512

      7785dc3d5046d2778417190e955534e06ef43e1f9960dde2acf09a140820096d625e4515037b4ffcfa3477e5289e6873c1aab23373e7955330565a6693cdef4e

    • SSDEEP

      24576:sTw+pwza9XRiKmEtjvF2QwguEq8qrN5chUfP0SHu63sk9L:snpRnfs4F2fP09KsuL

    Score
    8/10
    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks