General

  • Target

    58fdffded56b884d717b4cee92b7f56d248c8be97f616ec79f8a5b59e4235ac9

  • Size

    1.4MB

  • Sample

    230223-jt1q1sfb63

  • MD5

    381a61974d5a2d6fae6b6dd940ff3f10

  • SHA1

    c7ee1e0c8cea0c477c06452fac0e452eb21ddf42

  • SHA256

    58fdffded56b884d717b4cee92b7f56d248c8be97f616ec79f8a5b59e4235ac9

  • SHA512

    a80b0f8602bd4d054937591171685dcf4a7f3a55f391ed1c41be03f6b45b848ae1b5a964139b23534e9ee5e4a9022ecdf3ba8757faff1eb43a6f5872aff45d8b

  • SSDEEP

    24576:jVYkTpy0OVnKhXJ04BJFKA3wRKB7a9WscrmCqeQrEzp5h/8tYW:xpJOl8xFMRy/SeQgV5V8mW

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/sfasue20/

Targets

    • Target

      58fdffded56b884d717b4cee92b7f56d248c8be97f616ec79f8a5b59e4235ac9

    • Size

      1.4MB

    • MD5

      381a61974d5a2d6fae6b6dd940ff3f10

    • SHA1

      c7ee1e0c8cea0c477c06452fac0e452eb21ddf42

    • SHA256

      58fdffded56b884d717b4cee92b7f56d248c8be97f616ec79f8a5b59e4235ac9

    • SHA512

      a80b0f8602bd4d054937591171685dcf4a7f3a55f391ed1c41be03f6b45b848ae1b5a964139b23534e9ee5e4a9022ecdf3ba8757faff1eb43a6f5872aff45d8b

    • SSDEEP

      24576:jVYkTpy0OVnKhXJ04BJFKA3wRKB7a9WscrmCqeQrEzp5h/8tYW:xpJOl8xFMRy/SeQgV5V8mW

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks