General

  • Target

    97d59b6bf9a77d248b1a1175ffce5191.exe

  • Size

    1.4MB

  • Sample

    230327-mmn1esda55

  • MD5

    97d59b6bf9a77d248b1a1175ffce5191

  • SHA1

    01a1ab71343fbb007d5c137821d27e38f7d8aa0c

  • SHA256

    d87805d6e7f3b56d268e887b97c3c4fc1a8c4a0a2614867e17677e125462d5ad

  • SHA512

    2e46790527a798ef1e95e00d33d1a4f279339f0c3e84faaf4cadb629476194309423e667e198294a8d1815f3d0d5e0163e07032aa4f12b600787e0c9ade04d55

  • SSDEEP

    24576:PGU0HpRGUYHKaPUM0Hqy69NgA+iVvRuPpND5TqJ6y5eXt7dRjA5hgSp:OpEUIvU0N9jkpjweXt7785e4

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/dfgg320/

Targets

    • Target

      97d59b6bf9a77d248b1a1175ffce5191.exe

    • Size

      1.4MB

    • MD5

      97d59b6bf9a77d248b1a1175ffce5191

    • SHA1

      01a1ab71343fbb007d5c137821d27e38f7d8aa0c

    • SHA256

      d87805d6e7f3b56d268e887b97c3c4fc1a8c4a0a2614867e17677e125462d5ad

    • SHA512

      2e46790527a798ef1e95e00d33d1a4f279339f0c3e84faaf4cadb629476194309423e667e198294a8d1815f3d0d5e0163e07032aa4f12b600787e0c9ade04d55

    • SSDEEP

      24576:PGU0HpRGUYHKaPUM0Hqy69NgA+iVvRuPpND5TqJ6y5eXt7dRjA5hgSp:OpEUIvU0N9jkpjweXt7785e4

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Credentials in Files

1
T1081

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Collection

Data from Local System

1
T1005

Command and Control

Web Service

1
T1102

Tasks