General
-
Target
a6d7aa58dc232ea5d2ef0b0be86f0cbaed9b7efedc9a6ddc9dfff09b2e52323f
-
Size
610KB
-
Sample
221114-zh3z1ahh5y
-
MD5
aef481dddd3b0a5a31b79de57a0ecbac
-
SHA1
0d45c9148ecb074c584860edabf916ccc0544b82
-
SHA256
8cb7b2a4f602472134122724e3cd114390978115f0ee04e982dec9c33953dba1
-
SHA512
99bfdbb6c287936f399b126cef8d2001f699e8e2d492698608ae19e23f2d55b618dd47b37202a0f5769669e7e890ae699e2763efe4a951fee30c1cebfa6b78d1
-
SSDEEP
12288:xJqcsz5ksfMA8SJtcfjNKQsYs175DSLrduFl0QgyidDnMJ:xJqcm5bhtwsjYs11ordub3TODK
Malware Config
Extracted
socelars
https://hdbywe.s3.us-west-2.amazonaws.com/jsdnjd1105/
Targets
-
-
Target
a6d7aa58dc232ea5d2ef0b0be86f0cbaed9b7efedc9a6ddc9dfff09b2e52323f
-
Size
675KB
-
MD5
fef98dbe876edbc30efac4dbc9fd9628
-
SHA1
d563d1a7614636df9fff017dbecf1ba2b843cb23
-
SHA256
a6d7aa58dc232ea5d2ef0b0be86f0cbaed9b7efedc9a6ddc9dfff09b2e52323f
-
SHA512
6772506b31a7c2d4e275879a72e387c281e726937b853263fe421d384d9ac90d02ed0de564029a1395f5533cfd0382f7ec1f5c9d377f5b051527bab6955db319
-
SSDEEP
12288:WYoJl8ls7sZbH1BePHRylykX9Ki5l8JiZ4oLAqPiZMDi4a+eUtApyht:W/Jl8O6+fR8ykL5l80Zd8mM4avSh
Score10/10-
Socelars
Socelars is an infostealer targeting browser cookies and credit card credentials.
-
Socelars payload
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Legitimate hosting services abused for malware hosting/C2
-