socelars | 32ce825e78f8c01f67b52916719e5fe6fd96f57f0671c181ac8def1feab9df88 | Triage

Submit
Reports

Overview

overview

Static

static

7105513aee...92.exe

windows7_x64

7105513aee...92.exe

windows10-2004_x64

Sharing

General

Target

7105513aee2652b8f3be7054add3db92.exe
Size

1.4MB
Sample

220605-j3x2gshbh8
MD5

7105513aee2652b8f3be7054add3db92
SHA1

18c79e8bae29987af39bdb7cb62c5258c56c5b60
SHA256

32ce825e78f8c01f67b52916719e5fe6fd96f57f0671c181ac8def1feab9df88
SHA512

ac54344783c4c9d929861a9aef248f30723060a1ac15019a4a3c39edac8ba0de9ebe09981308c90764117ecda31d69964982c85aae1b29394361d3e8d9da94a7

Score

10^/10

socelars spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

7105513aee2652b8f3be7054add3db92.exe

Resource

win7-20220414-en

socelars spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

7105513aee2652b8f3be7054add3db92.exe

Resource

win10v2004-20220414-en

socelars spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

socelars

C2

https://iplogger.org/1NsYz7/

https://iplogger.org/1ibws7/

https://iplogger.org/1XJq97/

https://sa-us-bucket.s3.us-east-2.amazonaws.com/ujfreids61/

Targets

- Target
  
  7105513aee2652b8f3be7054add3db92.exe
- Size
  
  1.4MB
- MD5
  
  7105513aee2652b8f3be7054add3db92
- SHA1
  
  18c79e8bae29987af39bdb7cb62c5258c56c5b60
- SHA256
  
  32ce825e78f8c01f67b52916719e5fe6fd96f57f0671c181ac8def1feab9df88
- SHA512
  
  ac54344783c4c9d929861a9aef248f30723060a1ac15019a4a3c39edac8ba0de9ebe09981308c90764117ecda31d69964982c85aae1b29394361d3e8d9da94a7
Score

10^/10

socelars spyware stealer
- Socelars
  Socelars is an infostealer targeting browser cookies and credit card credentials.
  stealer socelars
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

socelarsspywarestealer

behavioral2

socelarsspywarestealer

© 2018-2024

Terms | Privacy