General
-
Target
89b9ba4fd0109e4137162881959ec8547a4a8a5b4e3996b21c88b713baa0b89f
-
Size
675KB
-
Sample
221129-mepa8aac55
-
MD5
90316e8e4cb97f4222eac19acddf625f
-
SHA1
c49a99cf203570e7d7e861a6b2120b3d54d9ab4a
-
SHA256
89b9ba4fd0109e4137162881959ec8547a4a8a5b4e3996b21c88b713baa0b89f
-
SHA512
861b9584e0655806d98604b84d9a4d9bca5558e1def06351468f6fe34ce78b05a1e871bf3c0a5a1b3537a0b00c661d18a115c2b0110e80d23e7645e4f9560bfa
-
SSDEEP
12288:YqlMhfymUyZzk8ri+hcGgn9cJBJYGahyHY2oSj6xtkf5NjT:Y5kxyZFe+hcGEXGwiY2jJfT
Malware Config
Extracted
socelars
https://hdbywe.s3.us-west-2.amazonaws.com/sauydga27/
Targets
-
-
Target
89b9ba4fd0109e4137162881959ec8547a4a8a5b4e3996b21c88b713baa0b89f
-
Size
675KB
-
MD5
90316e8e4cb97f4222eac19acddf625f
-
SHA1
c49a99cf203570e7d7e861a6b2120b3d54d9ab4a
-
SHA256
89b9ba4fd0109e4137162881959ec8547a4a8a5b4e3996b21c88b713baa0b89f
-
SHA512
861b9584e0655806d98604b84d9a4d9bca5558e1def06351468f6fe34ce78b05a1e871bf3c0a5a1b3537a0b00c661d18a115c2b0110e80d23e7645e4f9560bfa
-
SSDEEP
12288:YqlMhfymUyZzk8ri+hcGgn9cJBJYGahyHY2oSj6xtkf5NjT:Y5kxyZFe+hcGEXGwiY2jJfT
Score10/10-
Socelars
Socelars is an infostealer targeting browser cookies and credit card credentials.
-
Socelars payload
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Legitimate hosting services abused for malware hosting/C2
-