Extracted

• • Target

    30cad29a59ac340db201eeeff45ebdd5_JaffaCakes118

  • Size

    1.4MB

  • MD5

    30cad29a59ac340db201eeeff45ebdd5

  • SHA1

    618e11093f8445ae1ac096d9fe68f0e7afb1431d

  • SHA256

    9daf6dd041934892100ae2edf69e27db7b2baa0ba22ce101e7c6fdfe179de5c3

  • SHA512

    33ea1643df24bffbde854aad4f3b261e9565420e7c0f9eed49460740e927ebf859d16ba077e26fea531599191d1396a3b9d834b1272eccc5b86b1e62406dd54c

  • SSDEEP

    24576:NxpXPaR2J33o3S7P5zuHHOF26ufehMHsGKzOYffEMSXkduZ1H1:3py+VDr8rCHSXuuZV1

  Score

  10^/10

  socelarsdiscoveryspywarestealer

  • Socelars

    Socelars is an infostealer targeting browser cookies and credit card credentials.

    stealersocelars

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Drops Chrome extension

  • Legitimate hosting services abused for malware hosting/C2

  • Looks up geolocation information via web service

    Uses a legitimate geolocation service to find the infected system's geolocation info.

  behavioral1behavioral2