General

  • Target

    1d113723a9854f9b58783049920d1f23.exe

  • Size

    1.4MB

  • Sample

    230306-nqkylscb23

  • MD5

    1d113723a9854f9b58783049920d1f23

  • SHA1

    70241a0c2995280b555d5b220e86834b225aaf0f

  • SHA256

    c421e48abb3538a4a29b34ce4418d68e98a5d4303ad479b74bdbb3c8e28c9271

  • SHA512

    9c4dc207ec85c67f5e313e4967e7a8a37ad674375a3b66b31218c3a62609f980ad8c68352dc1206163371a8e6a83988a61c9df3deb0e24656032b61a79d2cdad

  • SSDEEP

    24576:gGU0HpRGUYHKaPUM0Hqy69NgA+iVvRuPpND5TqJ6y5eXt7dR3h5hASr:7pEUIvU0N9jkpjweXt77R5yi

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/sadef33/

Targets

    • Target

      1d113723a9854f9b58783049920d1f23.exe

    • Size

      1.4MB

    • MD5

      1d113723a9854f9b58783049920d1f23

    • SHA1

      70241a0c2995280b555d5b220e86834b225aaf0f

    • SHA256

      c421e48abb3538a4a29b34ce4418d68e98a5d4303ad479b74bdbb3c8e28c9271

    • SHA512

      9c4dc207ec85c67f5e313e4967e7a8a37ad674375a3b66b31218c3a62609f980ad8c68352dc1206163371a8e6a83988a61c9df3deb0e24656032b61a79d2cdad

    • SSDEEP

      24576:gGU0HpRGUYHKaPUM0Hqy69NgA+iVvRuPpND5TqJ6y5eXt7dR3h5hASr:7pEUIvU0N9jkpjweXt77R5yi

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks