General

  • Target

    f6fe9151f8017272ce7e97a709bbcc822b302dc46b6ce62b2abb2bd9a38e5cd0

  • Size

    1.4MB

  • Sample

    230118-17rtpsga6w

  • MD5

    bd2a8b80c04d3c539fec8d51610f01af

  • SHA1

    3ca7b135f654fc478525e8597c96f611f25baff5

  • SHA256

    f6fe9151f8017272ce7e97a709bbcc822b302dc46b6ce62b2abb2bd9a38e5cd0

  • SHA512

    f87c2677b26d844a238bdb97c0d26d6239f980e141261b1f27a68805b44987182cd6c4cf9df36421f1a6e525f790cfc414bd9efefe03b7c4ffc3c94b31865718

  • SSDEEP

    24576:+1pS5c5rfPMxAb4Xo23Bo3EigtD8JgRCMPA18CoskfpZr18:Wp/59YEa1EMPAmVsen8

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/sdfeas18/

Targets

    • Target

      f6fe9151f8017272ce7e97a709bbcc822b302dc46b6ce62b2abb2bd9a38e5cd0

    • Size

      1.4MB

    • MD5

      bd2a8b80c04d3c539fec8d51610f01af

    • SHA1

      3ca7b135f654fc478525e8597c96f611f25baff5

    • SHA256

      f6fe9151f8017272ce7e97a709bbcc822b302dc46b6ce62b2abb2bd9a38e5cd0

    • SHA512

      f87c2677b26d844a238bdb97c0d26d6239f980e141261b1f27a68805b44987182cd6c4cf9df36421f1a6e525f790cfc414bd9efefe03b7c4ffc3c94b31865718

    • SSDEEP

      24576:+1pS5c5rfPMxAb4Xo23Bo3EigtD8JgRCMPA18CoskfpZr18:Wp/59YEa1EMPAmVsen8

    Score
    8/10
    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks