General
-
Target
d4de12108a068accedd0111d9f929bc9
-
Size
1.5MB
-
Sample
231220-sn9amsddep
-
MD5
d4de12108a068accedd0111d9f929bc9
-
SHA1
853cbcd7765e9fc3d0d778563d11bb41153e94dd
-
SHA256
7dfce4f0b796f94bdfe9b151ef14fdad018c8ed02017bf1e26b087f192c4e364
-
SHA512
77dbc40615bc33f12ed26b23584e11b8e8ad66b408980adf973920a325f01803975ee99afec93b19e4cde14361d027226769f6d82e6fe4a6a56708b455de5ebe
-
SSDEEP
24576:HxpXPaR2J33o3S7P5zuHHOF2CxfehMHsGKzOYCMEMfX4sZ1Z:Rpy+VDi8rgHfX4sZ/
Malware Config
Extracted
socelars
http://www.iyiqian.com/
http://www.hbgents.top/
http://www.rsnzhy.com/
http://www.znsjis.top/
Targets
-
-
Target
d4de12108a068accedd0111d9f929bc9
-
Size
1.5MB
-
MD5
d4de12108a068accedd0111d9f929bc9
-
SHA1
853cbcd7765e9fc3d0d778563d11bb41153e94dd
-
SHA256
7dfce4f0b796f94bdfe9b151ef14fdad018c8ed02017bf1e26b087f192c4e364
-
SHA512
77dbc40615bc33f12ed26b23584e11b8e8ad66b408980adf973920a325f01803975ee99afec93b19e4cde14361d027226769f6d82e6fe4a6a56708b455de5ebe
-
SSDEEP
24576:HxpXPaR2J33o3S7P5zuHHOF2CxfehMHsGKzOYCMEMfX4sZ1Z:Rpy+VDi8rgHfX4sZ/
Score10/10-
Socelars
Socelars is an infostealer targeting browser cookies and credit card credentials.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up geolocation information via web service
Uses a legitimate geolocation service to find the infected system's geolocation info.
-