socelars | 1b17d07430671d6b4c395d2f2825bd73ef26082bad11f5cdf8ca42d026c1ce7c | Triage

Submit
Reports

Overview

overview

Static

static

1b17d07430...7c.exe

windows7_x64

1b17d07430...7c.exe

windows10-2004_x64

Sharing

General

Target

1b17d07430671d6b4c395d2f2825bd73ef26082bad11f5cdf8ca42d026c1ce7c
Size

1.7MB
Sample

220607-yjxnyafben
MD5

e9a2b9d42ce896d9e32657c59d77e1b2
SHA1

8e8175300ce54b01c5e18624cf3309c753a271bf
SHA256

1b17d07430671d6b4c395d2f2825bd73ef26082bad11f5cdf8ca42d026c1ce7c
SHA512

a797619a6b9b2b041ac0e5812b91386ac5899cf98f511588bb56709cf7d44ada4e2e98ffcca4c69ebe2cf1c987dc1f852d1a39f6a1d0f402db57d94bc5766213

Score

10^/10

socelars discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

1b17d07430671d6b4c395d2f2825bd73ef26082bad11f5cdf8ca42d026c1ce7c.exe

Resource

win7-20220414-en

socelars discovery spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

1b17d07430671d6b4c395d2f2825bd73ef26082bad11f5cdf8ca42d026c1ce7c.exe

Resource

win10v2004-20220414-en

socelars spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

socelars

C2

https://sa-us-bucket.s3.us-east-2.amazonaws.com/usahd1/

Targets

- Target
  
  1b17d07430671d6b4c395d2f2825bd73ef26082bad11f5cdf8ca42d026c1ce7c
- Size
  
  1.7MB
- MD5
  
  e9a2b9d42ce896d9e32657c59d77e1b2
- SHA1
  
  8e8175300ce54b01c5e18624cf3309c753a271bf
- SHA256
  
  1b17d07430671d6b4c395d2f2825bd73ef26082bad11f5cdf8ca42d026c1ce7c
- SHA512
  
  a797619a6b9b2b041ac0e5812b91386ac5899cf98f511588bb56709cf7d44ada4e2e98ffcca4c69ebe2cf1c987dc1f852d1a39f6a1d0f402db57d94bc5766213
Score

10^/10

socelars discovery spyware stealer
- Socelars
  Socelars is an infostealer targeting browser cookies and credit card credentials.
  stealer socelars
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

socelarsdiscoveryspywarestealer

behavioral2

socelarsspywarestealer

© 2018-2024

Terms | Privacy