Overview

overview

10

Static

static

10

a1b2764174...11.exe

windows7-x64

7

a1b2764174...11.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a1b276417402dd3c2fd22eeca1eeec4ed6a36a206fdb29b78f7195b759e76211.zip

  • Size

    753KB

  • Sample

    230321-r453gsbe32

  • MD5

    80ce34a49c3674251d50449c3220b868

  • SHA1

    8f9dc76371ab63cc36d5cf38f32a22111326b189

  • SHA256

    4acf2475f115ccf442a3724efe3c2d02b52ac9c1cbb20a37033c2f45ea2238a5

  • SHA512

    3e0c70be25eeefadfcbb4c34c12ce41dea8e058a99d15905fbfba2f56da71d5c2803cf2cd5443690ae710181c2edf67e2cac837b6ebe3b57e9bc1a3e4dda9a89

  • SSDEEP

    12288:aokwCIzJokiPXfcZMSlvgyxkoCCZ8Bgq+Xy45yB84+UH2bSjvw4P4YPhfzT:aokBITZMkY4VqBOD4TWCvnFv

Score
10/10
socelarsspywarestealer

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/sadef33/

Targets

    • Target

      a1b276417402dd3c2fd22eeca1eeec4ed6a36a206fdb29b78f7195b759e76211.exe

    • Size

      1.4MB

    • MD5

      b724dda35c194b1821c819d4e65ece81

    • SHA1

      e2ed6bae5f0cfcd48813c30a8505326b3efcf5df

    • SHA256

      a1b276417402dd3c2fd22eeca1eeec4ed6a36a206fdb29b78f7195b759e76211

    • SHA512

      252ed442527da61a28453d784569ee80d92f25553cf63b4084aee6691f9828702d2bb0134cc20ce0a18f38d183a7900d1c0371e477a2a8ffb4430adf7a75524c

    • SSDEEP

      24576:DGU0HpRGUYHKaPUM0Hqy69NgA+iVvRuPpND5TqJ6y5eXt7dR7B5h9St:ipEUIvU0N9jkpjweXt77V5P8

    Score
    7/10
    spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks