General

  • Target

    0e367184a655af44f814cf942b6100d7c5a8b54aaef4d14cd0f1d9d753b2f9bc

  • Size

    1.4MB

  • Sample

    230417-d1z56sch49

  • MD5

    846a6c4250493c0627b5ee8100f05d23

  • SHA1

    a1119c61630847dbe0570be5e71538273c2762ab

  • SHA256

    0e367184a655af44f814cf942b6100d7c5a8b54aaef4d14cd0f1d9d753b2f9bc

  • SHA512

    beb17195c2cb8d0be2fb27f8d8ba74179f1371248c77e23e2f0dfbc5d8bab419c66816a3e3037285dbe9d3097cfefa747a2db85bab9ef9492e329f301a7ce661

  • SSDEEP

    24576:oGU0HpRGUYHKaPUM0Hqy69NgA+iVvRuPpND5TqJ6y5eXt7dRbg5h/Sf:zpEUIvU0N9jkpjweXt77s51q

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/sadfe410/

Targets

    • Target

      0e367184a655af44f814cf942b6100d7c5a8b54aaef4d14cd0f1d9d753b2f9bc

    • Size

      1.4MB

    • MD5

      846a6c4250493c0627b5ee8100f05d23

    • SHA1

      a1119c61630847dbe0570be5e71538273c2762ab

    • SHA256

      0e367184a655af44f814cf942b6100d7c5a8b54aaef4d14cd0f1d9d753b2f9bc

    • SHA512

      beb17195c2cb8d0be2fb27f8d8ba74179f1371248c77e23e2f0dfbc5d8bab419c66816a3e3037285dbe9d3097cfefa747a2db85bab9ef9492e329f301a7ce661

    • SSDEEP

      24576:oGU0HpRGUYHKaPUM0Hqy69NgA+iVvRuPpND5TqJ6y5eXt7dRbg5h/Sf:zpEUIvU0N9jkpjweXt77s51q

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops Chrome extension

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks