Overview

overview

10

Static

static

10

dridex

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ff484f12137d53d9c6c82330eac29f6cf4695a577c7f44b5e7bc99fb2fbb2999

  • Size

    1.4MB

  • Sample

    230314-gq7daafh6s

  • MD5

    d3698ef207ee254e5860614d95546c25

  • SHA1

    4fb0d414b6be204547efa9240d7b2e52468164f6

  • SHA256

    ff484f12137d53d9c6c82330eac29f6cf4695a577c7f44b5e7bc99fb2fbb2999

  • SHA512

    c30bec73b3064358bdbe3f395e539694b2b33def50871b1ef2bfd7efa8053a687180b31e7c6870852c30747e9f8e27bf0867872d47bc32ba16cd69e75ba51934

  • SSDEEP

    24576:WVYkTpy0OVnKhXJ04BJFKA3wRKB7a9WscrmCqeQrEb45hOtMW:CpJOl8xFMRy/SeQgk5sOW

Score
10/10
socelarsspywarestealer

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/sadef33/

Targets

    • Target

      ff484f12137d53d9c6c82330eac29f6cf4695a577c7f44b5e7bc99fb2fbb2999

    • Size

      1.4MB

    • MD5

      d3698ef207ee254e5860614d95546c25

    • SHA1

      4fb0d414b6be204547efa9240d7b2e52468164f6

    • SHA256

      ff484f12137d53d9c6c82330eac29f6cf4695a577c7f44b5e7bc99fb2fbb2999

    • SHA512

      c30bec73b3064358bdbe3f395e539694b2b33def50871b1ef2bfd7efa8053a687180b31e7c6870852c30747e9f8e27bf0867872d47bc32ba16cd69e75ba51934

    • SSDEEP

      24576:WVYkTpy0OVnKhXJ04BJFKA3wRKB7a9WscrmCqeQrEb45hOtMW:CpJOl8xFMRy/SeQgk5sOW

    Score
    7/10
    spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks