Overview

overview

10

Static

static

10

ca411c29e0...1d.exe

windows7_x64

10

ca411c29e0...1d.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ca411c29e099f61e6cec17d3645e0c1d.exe

  • Size

    1.5MB

  • Sample

    220616-pk26dahea2

  • MD5

    ca411c29e099f61e6cec17d3645e0c1d

  • SHA1

    e7d058d20aadcbd2ae271983a677737b7b833fe0

  • SHA256

    493ec0b5acda00ca9fca45149fa4ecedb988798454aee3a6f74237a4e9eaa95d

  • SHA512

    8d3cbdd210b061e8a205be45fd10cb3529ffcefd7a9737ec38e22c353fb75155f732c6de15c414d90f6b6201d4784bb5f8a8f897624198a1f5ab60c2690b22eb

Score
10/10
socelarsspywarestealer

Malware Config

Extracted

Family

socelars

C2

https://iplogger.org/1NsYz7/

https://iplogger.org/1ibws7/

https://iplogger.org/1XJq97/

https://sa-us-bucket.s3.us-east-2.amazonaws.com/eurfrsa613/

Targets

    • Target

      ca411c29e099f61e6cec17d3645e0c1d.exe

    • Size

      1.5MB

    • MD5

      ca411c29e099f61e6cec17d3645e0c1d

    • SHA1

      e7d058d20aadcbd2ae271983a677737b7b833fe0

    • SHA256

      493ec0b5acda00ca9fca45149fa4ecedb988798454aee3a6f74237a4e9eaa95d

    • SHA512

      8d3cbdd210b061e8a205be45fd10cb3529ffcefd7a9737ec38e22c353fb75155f732c6de15c414d90f6b6201d4784bb5f8a8f897624198a1f5ab60c2690b22eb

    Score
    10/10
    socelarsspywarestealer

    • Socelars

      Socelars is an infostealer targeting browser cookies and credit card credentials.

      stealersocelars

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Credentials in Files

1
T1081

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks