socelars | 81314781884347ef9ad8d2366315b92a312587d3f457251434d47cb86dd79b9c | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

dec3f33779...f1.exe

windows7-x64

dec3f33779...f1.exe

windows10-2004-x64

Sharing

General

Target

dec3f337796ef2239a943a027d2aaff1.exe
Size

1.4MB
Sample

220929-l9m6zabeap
MD5

dec3f337796ef2239a943a027d2aaff1
SHA1

27c719957e9ce362d70f2c0a438e5b7734d4da3d
SHA256

81314781884347ef9ad8d2366315b92a312587d3f457251434d47cb86dd79b9c
SHA512

e22c57aed75dd9d7daacc4ddadc3eca3229ab93582f169311a4b3691d1debd5cd2a595137033824cd9a69c586623c756c829c4d19d3df3b55b3a9838599abb49
SSDEEP

24576:n3MDpobXmmlFSUacscm2ns1CqSzqrNe+9IxPGxRbDKYPs0eDbnc:n2pI3t5XkixPGxZDlgnc

Score

10^/10

socelars spyware stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

dec3f337796ef2239a943a027d2aaff1.exe

Resource

win7-20220812-en

socelars spyware stealer

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

dec3f337796ef2239a943a027d2aaff1.exe

Resource

win10v2004-20220812-en

socelars spyware stealer

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

socelars

C2

https://dfgrthres.s3.eu-west-3.amazonaws.com/fdgds919/

Targets

- Target
  
  dec3f337796ef2239a943a027d2aaff1.exe
- Size
  
  1.4MB
- MD5
  
  dec3f337796ef2239a943a027d2aaff1
- SHA1
  
  27c719957e9ce362d70f2c0a438e5b7734d4da3d
- SHA256
  
  81314781884347ef9ad8d2366315b92a312587d3f457251434d47cb86dd79b9c
- SHA512
  
  e22c57aed75dd9d7daacc4ddadc3eca3229ab93582f169311a4b3691d1debd5cd2a595137033824cd9a69c586623c756c829c4d19d3df3b55b3a9838599abb49
- SSDEEP
  
  24576:n3MDpobXmmlFSUacscm2ns1CqSzqrNe+9IxPGxRbDKYPs0eDbnc:n2pI3t5XkixPGxZDlgnc
Score

10^/10

socelars spyware stealer
- Socelars
  Socelars is an infostealer targeting browser cookies and credit card credentials.
  stealer socelars
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Web Service

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

socelarsspywarestealer

behavioral2

socelarsspywarestealer

© 2018-2025

Terms | Privacy