General

  • Target

    a7216998bc1ea704341264a3d4a340921c9a667d39a438878e036a541c19b9b1

  • Size

    1.4MB

  • Sample

    230417-eq3nzsef3z

  • MD5

    9e7b4b909ab35f51a8bf5021abc37cb0

  • SHA1

    372e3094fcf835f9a02995b635670ba41e685dd9

  • SHA256

    a7216998bc1ea704341264a3d4a340921c9a667d39a438878e036a541c19b9b1

  • SHA512

    f51861eed6c2dcc1eaba076a9778eff280af039828f39bb4f325e863041a4ba4f7ce87ee1b1276387bb031114d6be047091de643cd0e5f097b19afeacc183c01

  • SSDEEP

    24576:pGU0HpRGUYHKaPUM0Hqy69NgA+iVvRuPpND5TqJ6y5eXt7dRHL5hrSf:spEUIvU0N9jkpjweXt77r5Jq

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/sadfe410/

Targets

    • Target

      a7216998bc1ea704341264a3d4a340921c9a667d39a438878e036a541c19b9b1

    • Size

      1.4MB

    • MD5

      9e7b4b909ab35f51a8bf5021abc37cb0

    • SHA1

      372e3094fcf835f9a02995b635670ba41e685dd9

    • SHA256

      a7216998bc1ea704341264a3d4a340921c9a667d39a438878e036a541c19b9b1

    • SHA512

      f51861eed6c2dcc1eaba076a9778eff280af039828f39bb4f325e863041a4ba4f7ce87ee1b1276387bb031114d6be047091de643cd0e5f097b19afeacc183c01

    • SSDEEP

      24576:pGU0HpRGUYHKaPUM0Hqy69NgA+iVvRuPpND5TqJ6y5eXt7dRHL5hrSf:spEUIvU0N9jkpjweXt77r5Jq

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops Chrome extension

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks