General
-
Target
8e1583365db274efce4b128f48402afff97bbdca14340b2e41a26ec22bf26ad7
-
Size
600KB
-
Sample
230810-kgjgmsbc29
-
MD5
adf3f9eb71d9777153e35549006dd8f3
-
SHA1
3fa3b8175e764fdd3fee4bd447e8f7c840154e65
-
SHA256
8e1583365db274efce4b128f48402afff97bbdca14340b2e41a26ec22bf26ad7
-
SHA512
4586569432ed579e23963423918f48500cca852cae3f1edf91e4f4ced0d23a86176f771299d426e5f04f09649a43546534c01169b3136bef3306f820198d7e30
-
SSDEEP
12288:xnYfLNWN/O20iI4l8TsJYujO3JQ7OLWs5v2j9aaWUTy:xnYzNW4JCawOyCsjP
Static task
static1
Behavioral task
behavioral1
Sample
8e1583365db274efce4b128f48402afff97bbdca14340b2e41a26ec22bf26ad7.exe
Resource
win7-20230712-en
Malware Config
Extracted
socelars
http://www.iyiqian.com/
http://www.xxhufdc.top/
http://www.uefhkice.xyz/
http://www.wygexde.xyz/
Targets
-
-
Target
8e1583365db274efce4b128f48402afff97bbdca14340b2e41a26ec22bf26ad7
-
Size
600KB
-
MD5
adf3f9eb71d9777153e35549006dd8f3
-
SHA1
3fa3b8175e764fdd3fee4bd447e8f7c840154e65
-
SHA256
8e1583365db274efce4b128f48402afff97bbdca14340b2e41a26ec22bf26ad7
-
SHA512
4586569432ed579e23963423918f48500cca852cae3f1edf91e4f4ced0d23a86176f771299d426e5f04f09649a43546534c01169b3136bef3306f820198d7e30
-
SSDEEP
12288:xnYfLNWN/O20iI4l8TsJYujO3JQ7OLWs5v2j9aaWUTy:xnYzNW4JCawOyCsjP
-
Socelars payload
-
Drops Chrome extension
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up geolocation information via web service
Uses a legitimate geolocation service to find the infected system's geolocation info.
-