socelars | 4dcdaa4cb4a442273f252559f38fcc55

Sharing

Copy URL Twitter E-mail

General

Target

4dcdaa4cb4a442273f252559f38fcc55
Size

1.1MB
MD5

4dcdaa4cb4a442273f252559f38fcc55
SHA1

4a87b438899a58938cb82fb6d2f914daee8402d2
SHA256

2034e67ae81efedf1a8ac8efcf8291d84b178046c1ef637ea967dd997f8c7825
SHA512

3899ede9933b179ed9290ee8d3ab7b627fde7ade907935211812fd0303c6899c3a13abf1257ab8377534b4b70bec8e7c89d728369446daa47ef7594106692ba4
SSDEEP

24576:lIA7opO13nWEjukQuzHVZ64lEq25RHxrFCKezViURT1jS7VQ+3:h7op+Weu+zHj64ENRhCHJh1jS7y+3

Score

10^/10

socelars

Malware Config

Extracted

Family

socelars

http://www.iyiqian.com/

http://www.xxhufdc.top/

http://www.uefhkice.xyz/

http://www.wygexde.xyz/

Signatures

Socelars family
socelars

Socelars payload 1 IoCs

resource	yara_rule
sample	family_socelars

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4dcdaa4cb4a442273f252559f38fcc55

Files

4dcdaa4cb4a442273f252559f38fcc55
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bgrwgrg
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bgrwgrg
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bgrwgrg
Size: 1024B - Virtual size: 707B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bgrwgrg
Size: 1024B - Virtual size: 598B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bgrwgrg
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bgrwgrg
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bgrwgrg
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bgrwgrg
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.bgrwgrg Size: 4KB - Virtual size: 3KB

.bgrwgrg Size: 9KB - Virtual size: 9KB

.bgrwgrg Size: 1024B - Virtual size: 707B

.bgrwgrg Size: 1024B - Virtual size: 598B

.bgrwgrg Size: 4KB - Virtual size: 4KB

.bgrwgrg Size: 3KB - Virtual size: 3KB

.bgrwgrg Size: 3KB - Virtual size: 2KB

.rdata Size: 186KB - Virtual size: 185KB

.data Size: 11KB - Virtual size: 29KB

.bgrwgrg Size: 512B - Virtual size: 80B

.rsrc Size: 124KB - Virtual size: 124KB

.reloc Size: 33KB - Virtual size: 33KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.bgrwgrg
Size: 4KB - Virtual size: 3KB

.bgrwgrg
Size: 9KB - Virtual size: 9KB

.bgrwgrg
Size: 1024B - Virtual size: 707B

.bgrwgrg
Size: 1024B - Virtual size: 598B

.bgrwgrg
Size: 4KB - Virtual size: 4KB

.bgrwgrg
Size: 3KB - Virtual size: 3KB

.bgrwgrg
Size: 3KB - Virtual size: 2KB

.rdata
Size: 186KB - Virtual size: 185KB

.data
Size: 11KB - Virtual size: 29KB

.bgrwgrg
Size: 512B - Virtual size: 80B

.rsrc
Size: 124KB - Virtual size: 124KB

.reloc
Size: 33KB - Virtual size: 33KB