socelars | 62ef9e3357f04475693e60cd5853ff897b56d043fe8dfcfa3e4e159c8a272aeb | Triage

Submit
Reports

Overview

overview

Static

static

ffcf40353a...84.exe

windows7-x64

7

ffcf40353a...84.exe

windows10-2004-x64

7

Sharing

General

Target

31696a0f32742be2020d4954204b403a.bin
Size

753KB
Sample

230520-bk29gscb7z
MD5

9e2a4babb6fe326d7879c0af5d70318d
SHA1

6109cda1a5821248e35a64b265ea143515136192
SHA256

62ef9e3357f04475693e60cd5853ff897b56d043fe8dfcfa3e4e159c8a272aeb
SHA512

52342e594f1fbfddb3c3a76086722770d3f7f22729a44476a9cd20db6d014bd4bff0b58e6ba530308308fa333ba2791e4b61910e7625123618e0ee4eea353ccd
SSDEEP

12288:vBas6RUSsHFKO8lLytFC7BFI5Ek0BNDvlpppMkKUrszPR464MqDzI8ZguCg6nZqh:vMfRsH0OSGFOg5L0BJvTUVUrszPS6Je3

Score

10^/10

socelars spyware stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

ffcf40353ab148d60032eee55ae156fa823eaf0db9b5ffb781025d98e0bc1584.exe

Resource

win7-20230220-en

spyware stealer

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

ffcf40353ab148d60032eee55ae156fa823eaf0db9b5ffb781025d98e0bc1584.exe

Resource

win10v2004-20230220-en

spyware stealer

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/uysf428/

Targets

- Target
  
  ffcf40353ab148d60032eee55ae156fa823eaf0db9b5ffb781025d98e0bc1584.exe
- Size
  
  1.4MB
- MD5
  
  31696a0f32742be2020d4954204b403a
- SHA1
  
  c797a43c786884661af2f03e17f4fa7f0412ee8c
- SHA256
  
  ffcf40353ab148d60032eee55ae156fa823eaf0db9b5ffb781025d98e0bc1584
- SHA512
  
  544a3c3673e28354a3d44cc57123e0be871d4fc89477405d0462557ffe44655a582dcefb7057a627d96c5aea16c8306a3bcb4f0c372536bc13748ed2105885ef
- SSDEEP
  
  24576:ZGU0HpRGUYHKaPUM0Hqy69NgA+iVvRuPpND5TqJ6y5eXt7dR7D5hQST:8pEUIvU0N9jkpjweXt7735SK
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy