General

  • Target

    1bb6d985b8842b3d23d10b96e9c85afb.bin

  • Size

    752KB

  • Sample

    230224-bc75rshf66

  • MD5

    917ad2f8dbfd916d24f59bd6f00e4294

  • SHA1

    e7457e71c7aef58264caa0fb6893850802caa08d

  • SHA256

    58225dc151be5c529c3bb12fac67310793eb3fc2248ee23a9a532e72073846ba

  • SHA512

    841b9a193ee0d8572d97ea78d28d7487ab238f6b1d5cefa6d0f16b399e6068f5555dc603cb3fd2c6e0a8c12e44763e2073a003c7a87f32b7aab2fb701415d26e

  • SSDEEP

    12288:m0nbB/5bwunKC8zDMGljw+b9z7L635pbshvK48/XMg1x4NoePCZ80FT2SjkjUECQ:HvbXnKCK3ljw+RBhb80g34GePCLKSyUQ

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/sfasue20/

Targets

    • Target

      a29e436e7e209a545f314516f58fef84718871270da8b5c4aede7048b8ee0c31.exe

    • Size

      1.4MB

    • MD5

      1bb6d985b8842b3d23d10b96e9c85afb

    • SHA1

      c6328a00f7f0f4003888704828de1f371dde7b92

    • SHA256

      a29e436e7e209a545f314516f58fef84718871270da8b5c4aede7048b8ee0c31

    • SHA512

      5b13ec6d5ebfda08780f58e5e5c5d6853c5f45d4bd86bb06023c727cd64fb8263c3b2f1d7b0a7f23fb0fdb357b8d546037b793cc549453d5f305074c0a451f1b

    • SSDEEP

      24576:tVYkTpy0OVnKhXJ04BJFKA3wRKB7a9WscrmCqeQrEHN5hltkW:zpJOl8xFMRy/SeQgt5r+W

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks