Overview

overview

10

Static

static

1

edf4eeeda8...08.exe

windows7-x64

10

edf4eeeda8...08.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9328c4d5cb866807b9dc37ac77c07507.bin

  • Size

    167KB

  • Sample

    230326-b3wjnafb37

  • MD5

    99b84d4542115b963255e33121c58d22

  • SHA1

    095beb1934c5d33e0b9260643c30cd5995ecf288

  • SHA256

    52a28a239e77e186ed692f6fcb64672b5861de1e58766698bfcb0def94b25685

  • SHA512

    e1d0de4600ec2f80f3e1cdd05b306d8b53c639bde5b8b0ecb1a7bb1afa786262b276c754bfa4c7f14733e9b5b8348e340fd4294e31d1aede7575892a2d2f95f8

  • SSDEEP

    3072:xp/kt8wooP8xoufdy3Ex4MsUarQ9u+ganpdUsN/dIBG40GsXPF10L:xhkuwooP8fl4MFZganXUsN/C10TfF10L

Score
10/10
stealcdiscoverystealer

Malware Config

Extracted

Family

stealc

C2

http://michaeljohnson.top/410b5129171f10ea.php

Targets

    • Target

      edf4eeeda837f602de4610bdd2880f04e98164e2029993b411215125f38a5208.exe

    • Size

      277KB

    • MD5

      9328c4d5cb866807b9dc37ac77c07507

    • SHA1

      873e7da03a3665156e455e43140ef2b76d931b80

    • SHA256

      edf4eeeda837f602de4610bdd2880f04e98164e2029993b411215125f38a5208

    • SHA512

      8aa4cbf86579ac0e10c7c22d39634e31d910bd1ba054fa6c24e8819c34aedc29512b71f87dd5c5c1269138433bee822a5953028a9a8aa30bfb829627c052ce2f

    • SSDEEP

      3072:HoLvVW2lhwh3qvLCUqEt83/rRkZuu1NiJPdiVhIj3nj0WbaoMiWN8aeDr:I70gw2N83/TfVMh2T0WbaoMiva

    Score
    10/10
    stealcdiscoverystealer

    • Detects Stealc stealer

      stealer

    • Stealc

      Stealc is an infostealer written in C++.

      stealerstealc

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks