General
-
Target
JaffaCakes118_457086a0f168f2e55e937aa564cba8cf9b229c5de833350f837ae6a42bc3b830
-
Size
752KB
-
Sample
241229-c5zjrszmfy
-
MD5
f52e7855502d97836915fcd28cba4592
-
SHA1
9482d124b182d0867e003fbdf4d69e588f1bf3d2
-
SHA256
457086a0f168f2e55e937aa564cba8cf9b229c5de833350f837ae6a42bc3b830
-
SHA512
fc31d588c592c620be0bd8311a52c87e6a6de8b44b28eadf4ecb86d70c2990a353b0f019a3f91d0b25271f90f3d368d068dcc918674d9a84374eb47589e5cbcc
-
SSDEEP
12288:shHDMs21iqeaCbxUOJAwscM8njHUiaCS7y8Wr9dR0S8I8m3x0zOK+I0+znHGh12:KDt2jCbPJAAM8nvxOTWxdN/8Wxcm+zmm
Malware Config
Extracted
socelars
https://hueduy.s3.eu-west-1.amazonaws.com/gdyhf805/
Targets
-
-
Target
fbc049020e23e86e9f05f1a2f331ef1580908a0e1a9d2446d19914bf804d9384
-
Size
1.4MB
-
MD5
207da69fcbe9f7ad47f333e5cf69807d
-
SHA1
d7e7bf04d10bd3430a18d5fb3439ce4faeba4dcd
-
SHA256
fbc049020e23e86e9f05f1a2f331ef1580908a0e1a9d2446d19914bf804d9384
-
SHA512
2d20811f6c667dea6fe08b5e33d98fa06320bba8089fa884490caf11cf6bf793aa6c72267d55f3fe8a6f10066a94ef7bf538e187e22215c894b361ceef06d898
-
SSDEEP
24576:MLvpteBrVtMLwQe1Qog2SoWXaJSwXjrLAmPbHMvRVo/KDd:avpm0MXdh8mPbHMv/oSDd
Score10/10-
Socelars
Socelars is an infostealer targeting browser cookies and credit card credentials.
-
Socelars family
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Legitimate hosting services abused for malware hosting/C2
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1