Overview

overview

10

Static

static

1

61191bb2e2...18.exe

windows7-x64

10

61191bb2e2...18.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    61191bb2e24ce7056718e200c64f5def_JaffaCakes118

  • Size

    1.9MB

  • Sample

    240520-19tq3she63

  • MD5

    61191bb2e24ce7056718e200c64f5def

  • SHA1

    cf0d4086e81895d41871aa6f3c0c31b57c4341a1

  • SHA256

    002010c87ae6d925cf42a913b5c4d4ed12c6c3f22b8aa0779176ca31b9a47bbd

  • SHA512

    4fa1363e8e2450776155af43db1cfdd674088958fa32b957984a31d12636c83927dfee746b130821037f4f75f7f2b080fde041ac9cabe627cd62ee7ee6783a16

  • SSDEEP

    24576:vTfEWQMHi9jzdDnAqjtNqwbZjJsCqD/wXNXYLmYmHfAlOFpe8Qk+Th/Dxsnoi:bcW4f/qwlvpYLm5Al98uTBlsnoi

Score
10/10
socelarsdiscoverystealer

Malware Config

Extracted

Family

socelars

C2

http://www.zhxxjs.pw/Info/

http://www.allinfo.pw/

Targets

    • Target

      61191bb2e24ce7056718e200c64f5def_JaffaCakes118

    • Size

      1.9MB

    • MD5

      61191bb2e24ce7056718e200c64f5def

    • SHA1

      cf0d4086e81895d41871aa6f3c0c31b57c4341a1

    • SHA256

      002010c87ae6d925cf42a913b5c4d4ed12c6c3f22b8aa0779176ca31b9a47bbd

    • SHA512

      4fa1363e8e2450776155af43db1cfdd674088958fa32b957984a31d12636c83927dfee746b130821037f4f75f7f2b080fde041ac9cabe627cd62ee7ee6783a16

    • SSDEEP

      24576:vTfEWQMHi9jzdDnAqjtNqwbZjJsCqD/wXNXYLmYmHfAlOFpe8Qk+Th/Dxsnoi:bcW4f/qwlvpYLm5Al98uTBlsnoi

    Score
    10/10
    socelarsdiscoverystealer

    • Socelars

      Socelars is an infostealer targeting browser cookies and credit card credentials.

      stealersocelars

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks