General

  • Target

    9bdac78eed506499e93fd38b1d48879ef9c6667e21a88b6c4e3cae1ebfc5548b

  • Size

    1.4MB

  • Sample

    211104-g4dccsfhh8

  • MD5

    f38c8c90743382f4fde6804c5e40d941

  • SHA1

    868ca3b3add71be886e7dc314f2e16e11acbd608

  • SHA256

    9bdac78eed506499e93fd38b1d48879ef9c6667e21a88b6c4e3cae1ebfc5548b

  • SHA512

    a27328777827672285735b52938f41d2ea1989094ea7e462c372fc94d7e6e3f80e69e4f6afda0eb421f5de66254d20da7a465204fda8ee41b40a9cfb4c8a87fa

Malware Config

Extracted

Family

socelars

C2

http://www.hhgenice.top/

Targets

    • Target

      9bdac78eed506499e93fd38b1d48879ef9c6667e21a88b6c4e3cae1ebfc5548b

    • Size

      1.4MB

    • MD5

      f38c8c90743382f4fde6804c5e40d941

    • SHA1

      868ca3b3add71be886e7dc314f2e16e11acbd608

    • SHA256

      9bdac78eed506499e93fd38b1d48879ef9c6667e21a88b6c4e3cae1ebfc5548b

    • SHA512

      a27328777827672285735b52938f41d2ea1989094ea7e462c372fc94d7e6e3f80e69e4f6afda0eb421f5de66254d20da7a465204fda8ee41b40a9cfb4c8a87fa

    • Socelars

      Socelars is an infostealer targeting browser cookies and credit card credentials.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up geolocation information via web service

      Uses a legitimate geolocation service to find the infected system's geolocation info.

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.