General

  • Target

    0x00070000000132e4-133.dat

  • Size

    1.4MB

  • Sample

    230327-jlnrgscd24

  • MD5

    6db938b22272369c0c2f1589fae2218f

  • SHA1

    8279d75d704aaf9346e8f86df5aa1f2e8a734bb9

  • SHA256

    a3f4061d3d60ae5a3ee4a168f1bec3790e1927f77184915a821d1eade478677e

  • SHA512

    a83cae75c7d9f98e4841f1517ec6ea867731f3f3c52a2f12c372be01c7da0a53d458eadfc61309a906ed63c48ca80194ddf52a084044a20e8a2bd3679e492c31

  • SSDEEP

    24576:uKZpitpmSUUm4vJHsCSfl7x4/v4NRfyaGbFVss00svFFRSuOeiFFuCv6ef1N:uWitpzmSJ8fVxKvG8xVYZFRSudiFFLvN

Malware Config

Targets

    • Target

      0x00070000000132e4-133.dat

    • Size

      1.4MB

    • MD5

      6db938b22272369c0c2f1589fae2218f

    • SHA1

      8279d75d704aaf9346e8f86df5aa1f2e8a734bb9

    • SHA256

      a3f4061d3d60ae5a3ee4a168f1bec3790e1927f77184915a821d1eade478677e

    • SHA512

      a83cae75c7d9f98e4841f1517ec6ea867731f3f3c52a2f12c372be01c7da0a53d458eadfc61309a906ed63c48ca80194ddf52a084044a20e8a2bd3679e492c31

    • SSDEEP

      24576:uKZpitpmSUUm4vJHsCSfl7x4/v4NRfyaGbFVss00svFFRSuOeiFFuCv6ef1N:uWitpzmSJ8fVxKvG8xVYZFRSudiFFLvN

    • Socelars

      Socelars is an infostealer targeting browser cookies and credit card credentials.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up geolocation information via web service

      Uses a legitimate geolocation service to find the infected system's geolocation info.

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Collection

Data from Local System

1
T1005

Command and Control

Web Service

1
T1102

Tasks