General

  • Target

    5e255bb79fde1312e2a9f8c2e2b422e7.exe

  • Size

    1.4MB

  • Sample

    230405-w52tnsgg24

  • MD5

    5e255bb79fde1312e2a9f8c2e2b422e7

  • SHA1

    d091b38830fabf7d32fb93c8bde202f4ca391574

  • SHA256

    23575dfcdf7e8a6f41e355914d0fdaa385fc4a377f71cd80330e90f76f9ae271

  • SHA512

    339533846a32f889ad50f1d35f0c09412702e2ee5c58c13368c3d18f28e919b91fcf84388be015e15acb5d919228c49e6c1b4ca0a15a08435d101894bf3031c9

  • SSDEEP

    24576:hVYkTpy0OVnKhXJ04BJFKA3wRKB7a9WscrmCqeQrE/c5h3tqW:PpJOl8xFMRy/SeQgU55wW

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/dfgg320/

Targets

    • Target

      5e255bb79fde1312e2a9f8c2e2b422e7.exe

    • Size

      1.4MB

    • MD5

      5e255bb79fde1312e2a9f8c2e2b422e7

    • SHA1

      d091b38830fabf7d32fb93c8bde202f4ca391574

    • SHA256

      23575dfcdf7e8a6f41e355914d0fdaa385fc4a377f71cd80330e90f76f9ae271

    • SHA512

      339533846a32f889ad50f1d35f0c09412702e2ee5c58c13368c3d18f28e919b91fcf84388be015e15acb5d919228c49e6c1b4ca0a15a08435d101894bf3031c9

    • SSDEEP

      24576:hVYkTpy0OVnKhXJ04BJFKA3wRKB7a9WscrmCqeQrE/c5h3tqW:PpJOl8xFMRy/SeQgU55wW

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks