General

  • Target

    a29e436e7e209a545f314516f58fef84718871270da8b5c4aede7048b8ee0c31

  • Size

    1.4MB

  • Sample

    230222-tg3pysce28

  • MD5

    1bb6d985b8842b3d23d10b96e9c85afb

  • SHA1

    c6328a00f7f0f4003888704828de1f371dde7b92

  • SHA256

    a29e436e7e209a545f314516f58fef84718871270da8b5c4aede7048b8ee0c31

  • SHA512

    5b13ec6d5ebfda08780f58e5e5c5d6853c5f45d4bd86bb06023c727cd64fb8263c3b2f1d7b0a7f23fb0fdb357b8d546037b793cc549453d5f305074c0a451f1b

  • SSDEEP

    24576:tVYkTpy0OVnKhXJ04BJFKA3wRKB7a9WscrmCqeQrEHN5hltkW:zpJOl8xFMRy/SeQgt5r+W

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/sfasue20/

Targets

    • Target

      a29e436e7e209a545f314516f58fef84718871270da8b5c4aede7048b8ee0c31

    • Size

      1.4MB

    • MD5

      1bb6d985b8842b3d23d10b96e9c85afb

    • SHA1

      c6328a00f7f0f4003888704828de1f371dde7b92

    • SHA256

      a29e436e7e209a545f314516f58fef84718871270da8b5c4aede7048b8ee0c31

    • SHA512

      5b13ec6d5ebfda08780f58e5e5c5d6853c5f45d4bd86bb06023c727cd64fb8263c3b2f1d7b0a7f23fb0fdb357b8d546037b793cc549453d5f305074c0a451f1b

    • SSDEEP

      24576:tVYkTpy0OVnKhXJ04BJFKA3wRKB7a9WscrmCqeQrEHN5hltkW:zpJOl8xFMRy/SeQgt5r+W

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks