socelars | 5bcd567dc00b2206b85fe6466a45fb892646e9d860b6f0217aa80fefded3cfa8 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

08670af7d6...da.exe

windows7-x64

7

08670af7d6...da.exe

windows10-2004-x64

7

Sharing

General

Target

557a35fee4d3df87b51ce386383a74a5.bin
Size

752KB
Sample

230303-bpenzsfc3w
MD5

b694fd47e11457fe91455f2e7a359054
SHA1

273edc02724d57e748d1da11369904194bd6dcff
SHA256

5bcd567dc00b2206b85fe6466a45fb892646e9d860b6f0217aa80fefded3cfa8
SHA512

c583688f05045706a2f05c9c39335fd7d0e881d61ef488ad08cb569bb4e2808521bd86858dde972a21b93ba2c9109bd0fe55a0f81c7a4759b9f6a05efcff51de
SSDEEP

12288:FWIPgpYoayX9vFfZQH4g2aMtCdqUHPxpymZqlnH8eU7Zr8kNNhViPYv2jxePSEq+:cIP7ov9vk92aMtCdL9ZMnHP8Zr1NggIm

Score

10^/10

socelars spyware stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

08670af7d68a021ea6c210b0ab02972a6cd74b2be0df71740528de328b8feeda.exe

Resource

win7-20230220-en

spyware stealer

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

08670af7d68a021ea6c210b0ab02972a6cd74b2be0df71740528de328b8feeda.exe

Resource

win10v2004-20230220-en

spyware stealer

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/sfasue20/

Targets

- Target
  
  08670af7d68a021ea6c210b0ab02972a6cd74b2be0df71740528de328b8feeda.exe
- Size
  
  1.4MB
- MD5
  
  557a35fee4d3df87b51ce386383a74a5
- SHA1
  
  f93d76b3256c3ba685fc8b9702fafc2dd8b724e0
- SHA256
  
  08670af7d68a021ea6c210b0ab02972a6cd74b2be0df71740528de328b8feeda
- SHA512
  
  41bdcb6f89f25b589fb57cda296a39e3052eaddde46602f85c548f693715ec7c52c6750a7e091570674a03a6f1aa9defdf81f23a6c1d5d37267f2fb711a9aa9e
- SSDEEP
  
  24576:RVYkTpy0OVnKhXJ04BJFKA3wRKB7a9WscrmCqeQrEfl5hrtEW:/pJOl8xFMRy/SeQgN5Z2W
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy