General

  • Target

    84090ba768162c8ba3f0e1d52a4ec060.exe

  • Size

    1.4MB

  • Sample

    230119-pjx52afh38

  • MD5

    84090ba768162c8ba3f0e1d52a4ec060

  • SHA1

    cca81376621dcbb13e84704cfb9eb78e2f676521

  • SHA256

    a9c3c0a07b44141dbd5dd5f4e081ebaf8c756c8c56a1b0932f1b10ac7776f5f8

  • SHA512

    004eb65bef9c8d17208e9a173a901a8443a8b538f40e190c523dfe74c45ff88c7cc3c053ff0a94dc1d0972c8a3c5cad75ac9ff8c0451440a41ef0386d582bde5

  • SSDEEP

    24576:01pS5c5rfPMxAb4Xo23Bo3EigtD8JgRCMPA18ifskHpZr18:wp/59YEa1EMPAmysOn8

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/sdfeas18/

Targets

    • Target

      84090ba768162c8ba3f0e1d52a4ec060.exe

    • Size

      1.4MB

    • MD5

      84090ba768162c8ba3f0e1d52a4ec060

    • SHA1

      cca81376621dcbb13e84704cfb9eb78e2f676521

    • SHA256

      a9c3c0a07b44141dbd5dd5f4e081ebaf8c756c8c56a1b0932f1b10ac7776f5f8

    • SHA512

      004eb65bef9c8d17208e9a173a901a8443a8b538f40e190c523dfe74c45ff88c7cc3c053ff0a94dc1d0972c8a3c5cad75ac9ff8c0451440a41ef0386d582bde5

    • SSDEEP

      24576:01pS5c5rfPMxAb4Xo23Bo3EigtD8JgRCMPA18ifskHpZr18:wp/59YEa1EMPAmysOn8

    Score
    8/10
    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks