socelars | fafb40e0e937651a690e66b92f3ad4abb31e071b68543a83cd696cd1300913b6 | Triage

Submit
Reports

Overview

overview

Static

static

74f16e75b4...67.exe

windows7-x64

7

74f16e75b4...67.exe

windows10-2004-x64

7

Sharing

General

Target

74f16e75b4d394e20beafe3b6c749e67.exe
Size

1.4MB
Sample

230307-qv8xcaab76
MD5

74f16e75b4d394e20beafe3b6c749e67
SHA1

aadbbe486b4fafeb5a1c23be9a75dd2bfc6fe5e2
SHA256

fafb40e0e937651a690e66b92f3ad4abb31e071b68543a83cd696cd1300913b6
SHA512

651e97a17d360b473c995d8617f4763fe4852e0ef4dce3c06b39f76c2d4443f517568d9de41093f8f93b8dbffd4a3e3ed8c36ce1770f30605dc1c2606814031c
SSDEEP

24576:UGU0HpRGUYHKaPUM0Hqy69NgA+iVvRuPpND5TqJ6y5eXt7dRT05hgSr:fpEUIvU0N9jkpjweXt77Q5Si

Score

10^/10

socelars spyware stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

74f16e75b4d394e20beafe3b6c749e67.exe

Resource

win7-20230220-en

spyware stealer

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

74f16e75b4d394e20beafe3b6c749e67.exe

Resource

win10v2004-20230220-en

spyware stealer

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/sadef33/

Targets

- Target
  
  74f16e75b4d394e20beafe3b6c749e67.exe
- Size
  
  1.4MB
- MD5
  
  74f16e75b4d394e20beafe3b6c749e67
- SHA1
  
  aadbbe486b4fafeb5a1c23be9a75dd2bfc6fe5e2
- SHA256
  
  fafb40e0e937651a690e66b92f3ad4abb31e071b68543a83cd696cd1300913b6
- SHA512
  
  651e97a17d360b473c995d8617f4763fe4852e0ef4dce3c06b39f76c2d4443f517568d9de41093f8f93b8dbffd4a3e3ed8c36ce1770f30605dc1c2606814031c
- SSDEEP
  
  24576:UGU0HpRGUYHKaPUM0Hqy69NgA+iVvRuPpND5TqJ6y5eXt7dRT05hgSr:fpEUIvU0N9jkpjweXt77Q5Si
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy