socelars | 5d6412702d3a4f72936866b5c795a2dd513bb22d4bd81e0920d41f3f6b2c759c | Triage

Submit
Reports

Overview

overview

Static

static

5d6412702d...9c.exe

windows7-x64

5d6412702d...9c.exe

windows10-2004-x64

Sharing

General

Target

5d6412702d3a4f72936866b5c795a2dd513bb22d4bd81e0920d41f3f6b2c759c.exe
Size

1.4MB
Sample

221121-tf2fhabh7w
MD5

4b56eb78ff1ffc16778e716dd9304574
SHA1

33ae7c941ba462df40c0eb06e8a4e56d091089bb
SHA256

5d6412702d3a4f72936866b5c795a2dd513bb22d4bd81e0920d41f3f6b2c759c
SHA512

774bb6a49c702e9178d16d0c13f67a4ec63555ad6be9d37b0e44401f75002da853851034357b8906e68397104afd8ef8930407239b126fc8f0b6b627cf9ec0f0
SSDEEP

24576:yJSLpwfVWRh0SGQ48Lm2194mKa4qrNkW9NTPjulFqBqU7xnghhA:yup62ESMyjTPjuXqYi

Score

10^/10

socelars spyware stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

5d6412702d3a4f72936866b5c795a2dd513bb22d4bd81e0920d41f3f6b2c759c.exe

Resource

win7-20221111-en

socelars spyware stealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

5d6412702d3a4f72936866b5c795a2dd513bb22d4bd81e0920d41f3f6b2c759c.exe

Resource

win10v2004-20220901-en

socelars spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/asdhfr1115/

Targets

- Target
  
  5d6412702d3a4f72936866b5c795a2dd513bb22d4bd81e0920d41f3f6b2c759c.exe
- Size
  
  1.4MB
- MD5
  
  4b56eb78ff1ffc16778e716dd9304574
- SHA1
  
  33ae7c941ba462df40c0eb06e8a4e56d091089bb
- SHA256
  
  5d6412702d3a4f72936866b5c795a2dd513bb22d4bd81e0920d41f3f6b2c759c
- SHA512
  
  774bb6a49c702e9178d16d0c13f67a4ec63555ad6be9d37b0e44401f75002da853851034357b8906e68397104afd8ef8930407239b126fc8f0b6b627cf9ec0f0
- SSDEEP
  
  24576:yJSLpwfVWRh0SGQ48Lm2194mKa4qrNkW9NTPjulFqBqU7xnghhA:yup62ESMyjTPjuXqYi
Score

10^/10

socelars spyware stealer
- Socelars
  Socelars is an infostealer targeting browser cookies and credit card credentials.
  stealer socelars
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

socelarsspywarestealer

behavioral2

socelarsspywarestealer

© 2018-2024

Terms | Privacy