Overview

overview

10

Static

static

10

635caa9ab6...5a.exe

windows7-x64

10

635caa9ab6...5a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_b5d32a542457ff0df03a90fac36c8d23e20f706364fdce781605c930aae34451

  • Size

    752KB

  • Sample

    241230-vtw9datjey

  • MD5

    bbeb98e3f24cda280d7e43c24cf012de

  • SHA1

    0df780588cf85f5b748e972d3f05d631e2c6b740

  • SHA256

    b5d32a542457ff0df03a90fac36c8d23e20f706364fdce781605c930aae34451

  • SHA512

    f86a02d457328740b51310e0374cfda9fed623af27ffd19f65195c04d25d2c41020161a1b45666b77ea49cd7fa9040e72a17ff36349c880d2e7e53d9c186aa8c

  • SSDEEP

    12288:E+CYWjRo3al9XtvMLEE4eWoe7SvpIJIIhnkPd1DlrbP3Epn1ilvoUVns0H8e8ZKB:E+CYWjZlfvML14e9e7Sv2red1DhP3Epi

Score
10/10
socelarsdiscoveryspywarestealer

Malware Config

Extracted

Family

socelars

C2

https://hueduy.s3.eu-west-1.amazonaws.com/gdyhf805/

Targets

    • Target

      635caa9ab64a2cdbdd0a0797e5f206b223dacc9b2430d0c88539899bdfcee35a

    • Size

      1.4MB

    • MD5

      64a1405e5f496aa528582fc5b29c6fd8

    • SHA1

      56746562c4905a7fe30ff54d957909263c60a2e7

    • SHA256

      635caa9ab64a2cdbdd0a0797e5f206b223dacc9b2430d0c88539899bdfcee35a

    • SHA512

      65ab078a44ed7b2ec6c8fa7530a5b5be17f0e6b77faf32b2413dcd6d4b2752977fe3fdb73946ae5390bb3b505408003a3c34c9ecd204c8d15df30ee5b75ea511

    • SSDEEP

      24576:WLvpteBrVtMLwQe1Qog2SoWXaJSwXjrLAmPbHMvZZo/KDd:gvpm0MXdh8mPbHMvroyDd

    Score
    10/10
    socelarsdiscoveryspywarestealer

    • Socelars

      Socelars is an infostealer targeting browser cookies and credit card credentials.

      stealersocelars

    • Socelars family

      socelars

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks