socelars | 30a2d83678b8e9a39debd957bf3e4dea8d97423fe19ca7b21a87ff1434f9b3d3 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

30a2d83678b8e9a39debd957bf3e4dea8d97423fe19ca7b21a87ff1434f9b3d3
Size

675KB
Sample

220908-hkleasdhd2
MD5

1209eb5280434f121fa888e5d9665bef
SHA1

d85f7e6ab0486f32bc51c772215488dcfb299941
SHA256

30a2d83678b8e9a39debd957bf3e4dea8d97423fe19ca7b21a87ff1434f9b3d3
SHA512

79cdf89289871b1a89b65bb36353437d4c2fa11fb0bc6a4c60affc43ad1eab6d836c17a9a0bccdbaff365713b508b130af9eda338acb08d03af8fad0a1fa5c9b
SSDEEP

12288:34wymABpXFdYopRyqUoeGN+t3+y8diXIpjD5nCypNxXdhMFM3ljsJ5FaKyz4M0yh:VbOpXIoOaI9+NdiYpXBCyrxXsMJo4X4s

Score

10^/10

socelars spyware stealer upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

30a2d83678b8e9a39debd957bf3e4dea8d97423fe19ca7b21a87ff1434f9b3d3.exe

Resource

win10v2004-20220812-en

socelars spyware stealer upx

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Extracted

Family

socelars

C2

https://hueduy.s3.eu-west-1.amazonaws.com/dhfry901/

Targets

- Target
  
  30a2d83678b8e9a39debd957bf3e4dea8d97423fe19ca7b21a87ff1434f9b3d3
- Size
  
  675KB
- MD5
  
  1209eb5280434f121fa888e5d9665bef
- SHA1
  
  d85f7e6ab0486f32bc51c772215488dcfb299941
- SHA256
  
  30a2d83678b8e9a39debd957bf3e4dea8d97423fe19ca7b21a87ff1434f9b3d3
- SHA512
  
  79cdf89289871b1a89b65bb36353437d4c2fa11fb0bc6a4c60affc43ad1eab6d836c17a9a0bccdbaff365713b508b130af9eda338acb08d03af8fad0a1fa5c9b
- SSDEEP
  
  12288:34wymABpXFdYopRyqUoeGN+t3+y8diXIpjD5nCypNxXdhMFM3ljsJ5FaKyz4M0yh:VbOpXIoOaI9+NdiYpXBCyrxXsMJo4X4s
Score

10^/10

socelars spyware stealer upx
- Socelars
  Socelars is an infostealer targeting browser cookies and credit card credentials.
  stealer socelars
- Socelars payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socelarsspywarestealerupx

© 2018-2025

Terms | Privacy