Overview

overview

10

Static

static

062c2928d1...4d.exe

windows7_x64

10

062c2928d1...4d.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    062c2928d12af9e7e60cf35f0b82d6bb7909b188f7726ddff6bb2d811f251f4d

  • Size

    843KB

  • Sample

    220531-hp5zhadehj

  • MD5

    bd5fd2cef4ecb1f30d097710877ab6d8

  • SHA1

    a149aa5667dcc0431bab345503b7aa7c60c33b85

  • SHA256

    062c2928d12af9e7e60cf35f0b82d6bb7909b188f7726ddff6bb2d811f251f4d

  • SHA512

    ec2b2ff1194b0c2acde4bd582e23341903a7551d83cea1b01200e82f1e76311e97d67ef48b2ecdf2372a40b378c5197b5fa3bb25ce5b3199043c9d6fce3120f4

Score
10/10
socelarsdiscoverystealer

Malware Config

Extracted

Family

socelars

C2

http://www.zhxxjs.pw/Info/

Targets

    • Target

      062c2928d12af9e7e60cf35f0b82d6bb7909b188f7726ddff6bb2d811f251f4d

    • Size

      843KB

    • MD5

      bd5fd2cef4ecb1f30d097710877ab6d8

    • SHA1

      a149aa5667dcc0431bab345503b7aa7c60c33b85

    • SHA256

      062c2928d12af9e7e60cf35f0b82d6bb7909b188f7726ddff6bb2d811f251f4d

    • SHA512

      ec2b2ff1194b0c2acde4bd582e23341903a7551d83cea1b01200e82f1e76311e97d67ef48b2ecdf2372a40b378c5197b5fa3bb25ce5b3199043c9d6fce3120f4

    Score
    10/10
    socelarsdiscoverystealer

    • Socelars

      Socelars is an infostealer targeting browser cookies and credit card credentials.

      stealersocelars

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks