General
-
Target
13fedbb86566c03188cd4038d76837752e17af71055ccc91ff625ff35f532d68
-
Size
1.4MB
-
Sample
211104-g18zvsfhg6
-
MD5
c55a782fb3152c45d4d4944539b5f4ea
-
SHA1
6013dbd7b11390ace1283a402e77e9ef751c4c10
-
SHA256
13fedbb86566c03188cd4038d76837752e17af71055ccc91ff625ff35f532d68
-
SHA512
17ac501d7828573a9b7f8eab837392104ca606cc1567bcd1b93a6ead9bfd026fe15eb79a202754fc2d0c548a35ee5a99a737cb1d8e8810b81f7ef03cb8aa4c90
Malware Config
Extracted
socelars
http://www.hhgenice.top/
Targets
-
-
Target
13fedbb86566c03188cd4038d76837752e17af71055ccc91ff625ff35f532d68
-
Size
1.4MB
-
MD5
c55a782fb3152c45d4d4944539b5f4ea
-
SHA1
6013dbd7b11390ace1283a402e77e9ef751c4c10
-
SHA256
13fedbb86566c03188cd4038d76837752e17af71055ccc91ff625ff35f532d68
-
SHA512
17ac501d7828573a9b7f8eab837392104ca606cc1567bcd1b93a6ead9bfd026fe15eb79a202754fc2d0c548a35ee5a99a737cb1d8e8810b81f7ef03cb8aa4c90
Score10/10-
Socelars
Socelars is an infostealer targeting browser cookies and credit card credentials.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up geolocation information via web service
Uses a legitimate geolocation service to find the infected system's geolocation info.
-