socelars | 953367b0ce6b0ebf5dda2477828e5a7750b072700d9c96c29136f152d0c3f489 | Triage

Submit
Reports

Overview

overview

Static

static

953367b0ce...89.exe

windows7_x64

953367b0ce...89.exe

windows10-2004_x64

Sharing

General

Target

953367b0ce6b0ebf5dda2477828e5a7750b072700d9c96c29136f152d0c3f489
Size

1.4MB
Sample

220521-m723sadcb2
MD5

7f9a498cc692f9f3f0cfe241c80e8ad8
SHA1

b5c3f7322da2c8b8ce0f473a26b54d057593162e
SHA256

953367b0ce6b0ebf5dda2477828e5a7750b072700d9c96c29136f152d0c3f489
SHA512

8fa1b099c07e5aa352a6c5d0288ffd1ce0c5208fda361bb0129c03fbc16d3a84d12fa6067d143e82795343d9c3c847e35ec6b6638373329467d9025933766db6

Score

10^/10

socelars discovery spyware stealer suricata

Static task

static1

Behavioral task

behavioral1

Sample

953367b0ce6b0ebf5dda2477828e5a7750b072700d9c96c29136f152d0c3f489.exe

Resource

win7-20220414-en

socelars discovery spyware stealer suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

953367b0ce6b0ebf5dda2477828e5a7750b072700d9c96c29136f152d0c3f489.exe

Resource

win10v2004-20220414-en

socelars spyware stealer suricata

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

socelars

C2

http://www.nicekkk.pw/

http://www.nextinfo.pw/

http://www.allinfo.pw/

Targets

- Target
  
  953367b0ce6b0ebf5dda2477828e5a7750b072700d9c96c29136f152d0c3f489
- Size
  
  1.4MB
- MD5
  
  7f9a498cc692f9f3f0cfe241c80e8ad8
- SHA1
  
  b5c3f7322da2c8b8ce0f473a26b54d057593162e
- SHA256
  
  953367b0ce6b0ebf5dda2477828e5a7750b072700d9c96c29136f152d0c3f489
- SHA512
  
  8fa1b099c07e5aa352a6c5d0288ffd1ce0c5208fda361bb0129c03fbc16d3a84d12fa6067d143e82795343d9c3c847e35ec6b6638373329467d9025933766db6
Score

10^/10

socelars discovery spyware stealer suricata
- Socelars
  Socelars is an infostealer targeting browser cookies and credit card credentials.
  stealer socelars
- suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
  suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
  suricata
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

socelarsdiscoveryspywarestealersuricata

behavioral2

socelarsspywarestealersuricata

© 2018-2024

Terms | Privacy