Overview

overview

10

Static

static

10

74f0d749b2...b3.exe

windows7-x64

10

74f0d749b2...b3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_0566c6af0595865bfdc3fb098386b626700a609759947c8188aab21973f2b6c7

  • Size

    731KB

  • Sample

    241224-cm2leaynfz

  • MD5

    876d11e36f4ce81cfa6cf9fa10909c55

  • SHA1

    154416974072cdfbf1994689a357c9ef6b38ab64

  • SHA256

    0566c6af0595865bfdc3fb098386b626700a609759947c8188aab21973f2b6c7

  • SHA512

    b00b7f2b43d107fd0871b1abae83986ca6a046df4dd8be36700fdc616a89abb31cb72fac0c8a40351bf651443f41fe983e3dd777d4d5494abb85d12659ab00cd

  • SSDEEP

    12288:zxtADc9EMTlkG+mWugqggAemmHnWQKYw1AAyV7NGq37beRTkPGRzDJ1A:GrICG+/uie5Hn+Yw6DdoqHeSOhbA

Score
10/10
socelarsdiscoveryspywarestealer

Malware Config

Extracted

Family

socelars

C2

https://hdbywe.s3.us-west-2.amazonaws.com/sadew1013/

Targets

    • Target

      74f0d749b24149c25c34eb65f92117e777c6ac80b3dfd4e90398143bf65d21b3

    • Size

      1.4MB

    • MD5

      32f814592c20ac2c9669157a264c25ec

    • SHA1

      784c9d0f302c3f6be326f1e2e2a5d317aee048a8

    • SHA256

      74f0d749b24149c25c34eb65f92117e777c6ac80b3dfd4e90398143bf65d21b3

    • SHA512

      00f4993088227639bc348637c47e0b307acb6d749d82d056525c1a8d33c4a1890bc7edda83fb5b61d6276dab89a60fb89f86fb132c844a56a511f85a59b714b4

    • SSDEEP

      24576:TJSLpwfVWRh0SGQ48Lm2194mKa4qrNdW9NTPja1CqBwc:Tup62ESMTjTPjasqec

    Score
    10/10
    socelarsdiscoveryspywarestealer

    • Socelars

      Socelars is an infostealer targeting browser cookies and credit card credentials.

      stealersocelars

    • Socelars family

      socelars

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks