General

  • Target

    c6eb7205e47d8c232e18c7eeb5a34cae5ed9c2b0fa22129a2d612ddc7ea2d88f

  • Size

    1.4MB

  • Sample

    230120-d24jzsea55

  • MD5

    b76b5bc22398e69bb8a64736673c336d

  • SHA1

    acbda659f1ffc44aa2b7121dfd08517f16b4e889

  • SHA256

    c6eb7205e47d8c232e18c7eeb5a34cae5ed9c2b0fa22129a2d612ddc7ea2d88f

  • SHA512

    a1f2bdea4aa8818286b758361547538d071258debe2817b6ada58caf3d362df614144bd05739f43b1b61b8d309847ab5ad7a8bd5129de1040b481d5d7e5b9e4c

  • SSDEEP

    24576:RcpZQKEcUuafn9VsSuFlwk/4xK4v3DkODFBvUbLxaqWrdeuueho:OplErZv9xj5BvUbLxaTJe7eO

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/sdfeas18/

Targets

    • Target

      c6eb7205e47d8c232e18c7eeb5a34cae5ed9c2b0fa22129a2d612ddc7ea2d88f

    • Size

      1.4MB

    • MD5

      b76b5bc22398e69bb8a64736673c336d

    • SHA1

      acbda659f1ffc44aa2b7121dfd08517f16b4e889

    • SHA256

      c6eb7205e47d8c232e18c7eeb5a34cae5ed9c2b0fa22129a2d612ddc7ea2d88f

    • SHA512

      a1f2bdea4aa8818286b758361547538d071258debe2817b6ada58caf3d362df614144bd05739f43b1b61b8d309847ab5ad7a8bd5129de1040b481d5d7e5b9e4c

    • SSDEEP

      24576:RcpZQKEcUuafn9VsSuFlwk/4xK4v3DkODFBvUbLxaqWrdeuueho:OplErZv9xj5BvUbLxaTJe7eO

    Score
    8/10
    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks