socelars | ef0d1682a04ee6f23153e295a9e66070464ffe903b8a7a8e393d55d12313e841 | Triage

Submit
Reports

Overview

overview

Static

static

ef0d1682a0...41.exe

windows7_x64

ef0d1682a0...41.exe

windows10-2004_x64

Sharing

General

Target

ef0d1682a04ee6f23153e295a9e66070464ffe903b8a7a8e393d55d12313e841
Size

1.9MB
Sample

220625-b38tzsbfd8
MD5

f0faa31e557acb4d73a8351ee80b6a3e
SHA1

ba4f77d0b7803df4fca1d9b797dbc09b18c6501c
SHA256

ef0d1682a04ee6f23153e295a9e66070464ffe903b8a7a8e393d55d12313e841
SHA512

afa4c1aaa236d61f5567decd1333c4b120e0b3265f2ce42d22197e30aa6ee11468e68ab6b0e2178809c4331850fa6ee0571ea86bb1315e8e3c92abc8dbc882fc

Score

10^/10

socelars discovery stealer upx

Static task

static1

Behavioral task

behavioral1

Sample

ef0d1682a04ee6f23153e295a9e66070464ffe903b8a7a8e393d55d12313e841.exe

Resource

win7-20220414-en

socelars discovery stealer upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ef0d1682a04ee6f23153e295a9e66070464ffe903b8a7a8e393d55d12313e841.exe

Resource

win10v2004-20220414-en

socelars discovery stealer upx

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

socelars

C2

http://www.createinfo.pw/

http://www.allinfo.pw/

Targets

- Target
  
  ef0d1682a04ee6f23153e295a9e66070464ffe903b8a7a8e393d55d12313e841
- Size
  
  1.9MB
- MD5
  
  f0faa31e557acb4d73a8351ee80b6a3e
- SHA1
  
  ba4f77d0b7803df4fca1d9b797dbc09b18c6501c
- SHA256
  
  ef0d1682a04ee6f23153e295a9e66070464ffe903b8a7a8e393d55d12313e841
- SHA512
  
  afa4c1aaa236d61f5567decd1333c4b120e0b3265f2ce42d22197e30aa6ee11468e68ab6b0e2178809c4331850fa6ee0571ea86bb1315e8e3c92abc8dbc882fc
Score

10^/10

socelars discovery stealer upx
- Socelars
  Socelars is an infostealer targeting browser cookies and credit card credentials.
  stealer socelars
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

socelarsdiscoverystealerupx

behavioral2

socelarsdiscoverystealerupx

© 2018-2024

Terms | Privacy