socelars | 0d27759d36428bb2d4932554b0f6ac0b6d464e32e733d323f3044bc87ff9c7c5 | Triage

Sharing

General

Target

cd37b7272267a57e777c1387b334cfc9_JaffaCakes118
Size

993KB
Sample

240831-vhbhjavepk
MD5

cd37b7272267a57e777c1387b334cfc9
SHA1

a1e1e4966cc6a80a719caed4346c2eeb3cf392ba
SHA256

0d27759d36428bb2d4932554b0f6ac0b6d464e32e733d323f3044bc87ff9c7c5
SHA512

b652db74a7a89eef738a53e903e867665bad3fb0f97a7ebb2d724319a383ea7fa86fc5bb06e9191de6439661950f2a4b94921e2ec58630dd90c5a270a76121a2
SSDEEP

24576:5KgjpwYLq6JvsW5YCqNBnw57c8M+tre82i/0dCY+XKwKl6Vfy:YgjpQ6ZsZCIJU7cKq8X0dCYmKwKl6g

Score

10^/10

socelars discovery

Malware Config

Extracted

Family

socelars

C2

http://www.infoanalysiser.com/index.php/

Targets

- Target
  
  cd37b7272267a57e777c1387b334cfc9_JaffaCakes118
- Size
  
  993KB
- MD5
  
  cd37b7272267a57e777c1387b334cfc9
- SHA1
  
  a1e1e4966cc6a80a719caed4346c2eeb3cf392ba
- SHA256
  
  0d27759d36428bb2d4932554b0f6ac0b6d464e32e733d323f3044bc87ff9c7c5
- SHA512
  
  b652db74a7a89eef738a53e903e867665bad3fb0f97a7ebb2d724319a383ea7fa86fc5bb06e9191de6439661950f2a4b94921e2ec58630dd90c5a270a76121a2
- SSDEEP
  
  24576:5KgjpwYLq6JvsW5YCqNBnw57c8M+tre82i/0dCY+XKwKl6Vfy:YgjpQ6ZsZCIJU7cKq8X0dCYmKwKl6g
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2