socelars | 841d4bb0280045274535c18cba4e8fa06f1f66d4adedb8a039a9534866a01d14 | Triage

Submit
Reports

Overview

overview

Static

static

f4c919f143...8a.exe

windows7-x64

f4c919f143...8a.exe

windows10-2004-x64

Sharing

General

Target

f4c919f143c53cfa79256d99ca323a8a.exe
Size

1.4MB
Sample

221115-qf4zvaea79
MD5

f4c919f143c53cfa79256d99ca323a8a
SHA1

68dd896bc52484b2a2ac50c17f943472a2d045ea
SHA256

841d4bb0280045274535c18cba4e8fa06f1f66d4adedb8a039a9534866a01d14
SHA512

924af0cc834a6794766f0a941b17f6f26a0ee3ee13e30aab2cff2bfde2437678561ebab368e2afba71632e26f142e9cdf7f67e59e66cc4e5416583c1df370fe8
SSDEEP

24576:xJSLpwfVWRh0SGQ48Lm2194mKa4qrNkW9NTPjuJDqBH8R:xup62ESMyjTPjuVqBK

Score

10^/10

socelars spyware stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

f4c919f143c53cfa79256d99ca323a8a.exe

Resource

win7-20220812-en

socelars spyware stealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

f4c919f143c53cfa79256d99ca323a8a.exe

Resource

win10v2004-20220812-en

socelars spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/jsdnjd1105/

Targets

- Target
  
  f4c919f143c53cfa79256d99ca323a8a.exe
- Size
  
  1.4MB
- MD5
  
  f4c919f143c53cfa79256d99ca323a8a
- SHA1
  
  68dd896bc52484b2a2ac50c17f943472a2d045ea
- SHA256
  
  841d4bb0280045274535c18cba4e8fa06f1f66d4adedb8a039a9534866a01d14
- SHA512
  
  924af0cc834a6794766f0a941b17f6f26a0ee3ee13e30aab2cff2bfde2437678561ebab368e2afba71632e26f142e9cdf7f67e59e66cc4e5416583c1df370fe8
- SSDEEP
  
  24576:xJSLpwfVWRh0SGQ48Lm2194mKa4qrNkW9NTPjuJDqBH8R:xup62ESMyjTPjuVqBK
Score

10^/10

socelars spyware stealer
- Socelars
  Socelars is an infostealer targeting browser cookies and credit card credentials.
  stealer socelars
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

socelarsspywarestealer

behavioral2

socelarsspywarestealer

© 2018-2024

Terms | Privacy