socelars | 1cbc4c58d339f5beda5add80e7d34d1f

Sharing

Copy URL

Twitter E-mail

General

Target

1cbc4c58d339f5beda5add80e7d34d1f
Size

1.1MB
MD5

1cbc4c58d339f5beda5add80e7d34d1f
SHA1

273b2662e4e5028671df059e64c9f50d2d335bed
SHA256

6de678e780348ec429a205464c821740cb34bf5c4ec5380504c10f9b3d96e62c
SHA512

3ca76b63078a0f117b97fbc54ce6ca897aa24860917afd7c3745421a647615e261491dad3b3ae2b5d84d15d990e68971209d548b12a3abf40d62c655e0720ada
SSDEEP

24576:KTj7ope1XnPzDuPxy3nyjmaRNKMZ8HBrFCKezljDP8lISqvy9c:S7opuPXuM3nomCNChhCHpUlISq69c

Score

10^/10

socelars

Malware Config

Extracted

Family

socelars

http://www.iyiqian.com/

http://www.xxhufdc.top/

http://www.uefhkice.xyz/

http://www.wygexde.xyz/

Signatures

Socelars family
socelars

Socelars payload 1 IoCs

resource	yara_rule
sample	family_socelars

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1cbc4c58d339f5beda5add80e7d34d1f

Files

1cbc4c58d339f5beda5add80e7d34d1f
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bgwrgre
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bgwrgre
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bgwrgre
Size: 1024B - Virtual size: 707B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bgwrgre
Size: 1024B - Virtual size: 598B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bgwrgre
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bgwrgre
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bgwrgre
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bgwrgre
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.bgwrgre Size: 4KB - Virtual size: 3KB

.bgwrgre Size: 9KB - Virtual size: 8KB

.bgwrgre Size: 1024B - Virtual size: 707B

.bgwrgre Size: 1024B - Virtual size: 598B

.bgwrgre Size: 4KB - Virtual size: 4KB

.bgwrgre Size: 3KB - Virtual size: 3KB

.bgwrgre Size: 3KB - Virtual size: 2KB

.rdata Size: 186KB - Virtual size: 185KB

.data Size: 11KB - Virtual size: 29KB

.bgwrgre Size: 512B - Virtual size: 80B

.rsrc Size: 156KB - Virtual size: 155KB

.reloc Size: 33KB - Virtual size: 33KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.bgwrgre
Size: 4KB - Virtual size: 3KB

.bgwrgre
Size: 9KB - Virtual size: 8KB

.bgwrgre
Size: 1024B - Virtual size: 707B

.bgwrgre
Size: 1024B - Virtual size: 598B

.bgwrgre
Size: 4KB - Virtual size: 4KB

.bgwrgre
Size: 3KB - Virtual size: 3KB

.bgwrgre
Size: 3KB - Virtual size: 2KB

.rdata
Size: 186KB - Virtual size: 185KB

.data
Size: 11KB - Virtual size: 29KB

.bgwrgre
Size: 512B - Virtual size: 80B

.rsrc
Size: 156KB - Virtual size: 155KB

.reloc
Size: 33KB - Virtual size: 33KB