socelars | 63b27757379ae97b85007c26ac18b83f69edfed179544359eb92ff1d23803492 | Triage

Submit
Reports

Overview

overview

Static

static

3

18314d37e8...18.exe

windows7-x64

18314d37e8...18.exe

windows10-2004-x64

7

Sharing

General

Target

18314d37e862d5c24f7f7d0f04bb9a09_JaffaCakes118
Size

1.9MB
Sample

240505-r9vhyagc92
MD5

18314d37e862d5c24f7f7d0f04bb9a09
SHA1

0c7156e2c3e336d14f87c8815fd9516496e6e53e
SHA256

63b27757379ae97b85007c26ac18b83f69edfed179544359eb92ff1d23803492
SHA512

3358fbb2d3cc862cdd7e414d647fc243c6df260380610a004a9151cf02f3649c7c6a80da2a418e43b4b8a941da2ac10a6d292b533b32ae15bfe67ad20e384eaf
SSDEEP

24576:1TfEWQMHi9jzdDnA0Hse37/kf+lsEmYmHfAlOFpe8Qk+Th/De:JcW4fWiL8g7m5Al98uTBK

Score

10^/10

socelars discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

18314d37e862d5c24f7f7d0f04bb9a09_JaffaCakes118.exe

Resource

win7-20240221-en

socelars discovery stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

18314d37e862d5c24f7f7d0f04bb9a09_JaffaCakes118.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

socelars

C2

http://www.zhxxjs.pw/Info/

http://www.allinfo.pw/

Targets

- Target
  
  18314d37e862d5c24f7f7d0f04bb9a09_JaffaCakes118
- Size
  
  1.9MB
- MD5
  
  18314d37e862d5c24f7f7d0f04bb9a09
- SHA1
  
  0c7156e2c3e336d14f87c8815fd9516496e6e53e
- SHA256
  
  63b27757379ae97b85007c26ac18b83f69edfed179544359eb92ff1d23803492
- SHA512
  
  3358fbb2d3cc862cdd7e414d647fc243c6df260380610a004a9151cf02f3649c7c6a80da2a418e43b4b8a941da2ac10a6d292b533b32ae15bfe67ad20e384eaf
- SSDEEP
  
  24576:1TfEWQMHi9jzdDnA0Hse37/kf+lsEmYmHfAlOFpe8Qk+Th/De:JcW4fWiL8g7m5Al98uTBK
Score

10^/10

socelars discovery stealer
- Socelars
  Socelars is an infostealer targeting browser cookies and credit card credentials.
  stealer socelars
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

socelarsdiscoverystealer

behavioral2

© 2018-2024

Terms | Privacy