General

  • Target

    file.exe

  • Size

    1.4MB

  • Sample

    230120-q7jg8aga3s

  • MD5

    5386e1c31f8155e8e09504c9f4742326

  • SHA1

    b7f1b34fd8ab034d39384c29bc9b7fa9f422a343

  • SHA256

    2308b582694f8dd287a2544f1fbc3b1285272f4fa22d72eec18d09e667ea9103

  • SHA512

    91844166cb199df89d2cc171ba1bf7ad416b176cf7695c06223a79ecc0df4de1078eaa000650ca6ce91f75f83f0f8e5c237d5bde65f3fc1e31c89e6217789a48

  • SSDEEP

    24576:IcpZQKEcUuafn9VsSuFlwk/4xK4v3DkODFBvUbLxaqWjQeuaeho:9plErZv9xj5BvUbLxaT0eneO

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/sdfeas18/

Targets

    • Target

      file.exe

    • Size

      1.4MB

    • MD5

      5386e1c31f8155e8e09504c9f4742326

    • SHA1

      b7f1b34fd8ab034d39384c29bc9b7fa9f422a343

    • SHA256

      2308b582694f8dd287a2544f1fbc3b1285272f4fa22d72eec18d09e667ea9103

    • SHA512

      91844166cb199df89d2cc171ba1bf7ad416b176cf7695c06223a79ecc0df4de1078eaa000650ca6ce91f75f83f0f8e5c237d5bde65f3fc1e31c89e6217789a48

    • SSDEEP

      24576:IcpZQKEcUuafn9VsSuFlwk/4xK4v3DkODFBvUbLxaqWjQeuaeho:9plErZv9xj5BvUbLxaT0eneO

    Score
    8/10
    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks