Extracted

• • Target

    5e4e20b90982cf0800143e4dd83f8b3f86224ccd1a6c86836becd5fb2948bec0

  • Size

    273KB

  • MD5

    fb7bc9b49d9aaeccfb02dda53b1c6286

  • SHA1

    c375c50f6b99c44eee643692f14205d71a8002d2

  • SHA256

    5e4e20b90982cf0800143e4dd83f8b3f86224ccd1a6c86836becd5fb2948bec0

  • SHA512

    6a7df09d75f622bb33d113069f50c0709cd5ebf869847390ddb524f36dae1b38b99f117d79c294a14c59e3449c1d465ad215fc5da71f6e9945e0b13b9e9d3ac5

  • SSDEEP

    3072:CUcgUrARrRubALvoUD58+jqrhsTHRTS54LJqOJWLV8wUxr/VFlB20/CJQN0fm2Rh:MerRKY58+pHRLVURw9/T7qTfz

  Score

  10^/10

  stealcdiscoveryspywarestealer

  • Detects Stealc stealer

    stealer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Downloads MZ/PE file

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1