socelars | e95ff8917dcb61ac88596f633659305c382c8b770c523a7b69eac0afab50241d | Triage

Sharing

General

Target

c02cd83f19d43641a3eafd1957ac6df4_JaffaCakes118
Size

994KB
Sample

240825-hljl4a1aka
MD5

c02cd83f19d43641a3eafd1957ac6df4
SHA1

c571e9ee882bf21bbb8a38a27a111d94dd6b1892
SHA256

e95ff8917dcb61ac88596f633659305c382c8b770c523a7b69eac0afab50241d
SHA512

e57dd21d113b02ca721587346d42402bdca29c72b3e892be3ccb10ab84dfcc3bd3f8e78de5828fbfebfc45ab092c3d0445e443819e5c045eb172b0f1e6dcb6c8
SSDEEP

24576:YEcupUDvvLEAN3nea+f/OCuPPaoF9m8xXIKn4XSSnk3R57Q:fcupqLFNua+GC09xXIKn4iSnk3DE

Score

10^/10

socelars discovery

Malware Config

Extracted

Family

socelars

C2

http://www.likewisemeticulous.com/index.php/

Targets

- Target
  
  c02cd83f19d43641a3eafd1957ac6df4_JaffaCakes118
- Size
  
  994KB
- MD5
  
  c02cd83f19d43641a3eafd1957ac6df4
- SHA1
  
  c571e9ee882bf21bbb8a38a27a111d94dd6b1892
- SHA256
  
  e95ff8917dcb61ac88596f633659305c382c8b770c523a7b69eac0afab50241d
- SHA512
  
  e57dd21d113b02ca721587346d42402bdca29c72b3e892be3ccb10ab84dfcc3bd3f8e78de5828fbfebfc45ab092c3d0445e443819e5c045eb172b0f1e6dcb6c8
- SSDEEP
  
  24576:YEcupUDvvLEAN3nea+f/OCuPPaoF9m8xXIKn4XSSnk3R57Q:fcupqLFNua+GC09xXIKn4iSnk3DE
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2