socelars | 283276e46204db101ac0ac3eef7ee54bac77e33c1426be4ec527571c5780c256 | Triage

Submit
Reports

Overview

overview

Static

static

283276e462...56.exe

windows7-x64

283276e462...56.exe

windows10-2004-x64

Sharing

General

Target

283276e46204db101ac0ac3eef7ee54bac77e33c1426be4ec527571c5780c256.exe
Size

1.4MB
Sample

221115-kqvk9scb3v
MD5

91631527b53c4e3dc261d543d818066d
SHA1

35b3521c2f00f60a0aa8939938718570c2b9bd74
SHA256

283276e46204db101ac0ac3eef7ee54bac77e33c1426be4ec527571c5780c256
SHA512

31d52e46428cf5642f67c2370a881aa642eca90e118ecef6e6be65c3ca48670d7c10c6370ad3fd2907c87d576e47008e15557de46bb88c265a5d366b90774693
SSDEEP

24576:1JSLpwfVWRh0SGQ48Lm2194mKa4qrNkW9NTPjuNrqBr0R:1up62ESMyjTPjuxqpS

Score

10^/10

socelars spyware stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

283276e46204db101ac0ac3eef7ee54bac77e33c1426be4ec527571c5780c256.exe

Resource

win7-20220812-en

socelars spyware stealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

283276e46204db101ac0ac3eef7ee54bac77e33c1426be4ec527571c5780c256.exe

Resource

win10v2004-20220812-en

socelars spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/jsdnjd1105/

Targets

- Target
  
  283276e46204db101ac0ac3eef7ee54bac77e33c1426be4ec527571c5780c256.exe
- Size
  
  1.4MB
- MD5
  
  91631527b53c4e3dc261d543d818066d
- SHA1
  
  35b3521c2f00f60a0aa8939938718570c2b9bd74
- SHA256
  
  283276e46204db101ac0ac3eef7ee54bac77e33c1426be4ec527571c5780c256
- SHA512
  
  31d52e46428cf5642f67c2370a881aa642eca90e118ecef6e6be65c3ca48670d7c10c6370ad3fd2907c87d576e47008e15557de46bb88c265a5d366b90774693
- SSDEEP
  
  24576:1JSLpwfVWRh0SGQ48Lm2194mKa4qrNkW9NTPjuNrqBr0R:1up62ESMyjTPjuxqpS
Score

10^/10

socelars spyware stealer
- Socelars
  Socelars is an infostealer targeting browser cookies and credit card credentials.
  stealer socelars
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

socelarsspywarestealer

behavioral2

socelarsspywarestealer

© 2018-2024

Terms | Privacy