General

  • Target

    bcdd7a6c21e9f61615e063f3261ac81a2633157297dff7cf0687c17020fff9c6

  • Size

    1.4MB

  • Sample

    230417-evah1aef4w

  • MD5

    ffcd57023e8aebc942fe544bcfff0279

  • SHA1

    8b7cfb68f0600f7d82288929bc76770cced3997a

  • SHA256

    bcdd7a6c21e9f61615e063f3261ac81a2633157297dff7cf0687c17020fff9c6

  • SHA512

    dffafc005e64d08809ad4d6b1210b2b82d0e5a4f64ccd32c5f8d1a61421b6b852fdcb6f4f753a85599c70abeee0d980915899f399703c0444094e4321e6a4af6

  • SSDEEP

    24576:7GU0HpRGUYHKaPUM0Hqy69NgA+iVvRuPpND5TqJ6y5eXt7dRPd5hPSf:KpEUIvU0N9jkpjweXt77F5tq

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/sadfe410/

Targets

    • Target

      bcdd7a6c21e9f61615e063f3261ac81a2633157297dff7cf0687c17020fff9c6

    • Size

      1.4MB

    • MD5

      ffcd57023e8aebc942fe544bcfff0279

    • SHA1

      8b7cfb68f0600f7d82288929bc76770cced3997a

    • SHA256

      bcdd7a6c21e9f61615e063f3261ac81a2633157297dff7cf0687c17020fff9c6

    • SHA512

      dffafc005e64d08809ad4d6b1210b2b82d0e5a4f64ccd32c5f8d1a61421b6b852fdcb6f4f753a85599c70abeee0d980915899f399703c0444094e4321e6a4af6

    • SSDEEP

      24576:7GU0HpRGUYHKaPUM0Hqy69NgA+iVvRuPpND5TqJ6y5eXt7dRPd5hPSf:KpEUIvU0N9jkpjweXt77F5tq

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks