stealc | ffaa265d7e23d3fcd11b7e8819ac5e969327b3bd7047f9bd47bd21a1ee676217 | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-1703-x64

Sharing

General

Target

ffaa265d7e23d3fcd11b7e8819ac5e969327b3bd7047f9bd47bd21a1ee676217
Size

217KB
Sample

230331-xykggscf98
MD5

b2460cb089ff6eda8ded75d9b858e718
SHA1

f996dd360d386816f917054fba8d4c2eb6e75eed
SHA256

ffaa265d7e23d3fcd11b7e8819ac5e969327b3bd7047f9bd47bd21a1ee676217
SHA512

6b06d1f1015c1118776990b91892d6feafad67e725c53910124e32b1b0abcee6241e7b212c0a87d3f42bc589bbaeb209de238ad4aad57130d8be0649119d2b7c
SSDEEP

3072:wyyt4UXN2aCnpU/1lfu4JftvXwz37qW5cVbQmP:5PUhCnpilTHvAz7SV0mP

Score

10^/10

stealc discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

ffaa265d7e23d3fcd11b7e8819ac5e969327b3bd7047f9bd47bd21a1ee676217.exe

Resource

win10-20230220-en

stealc discovery spyware stealer

windows10-1703-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

stealc

C2

http://arthurmaes.top/410b5129171f10ea.php

Targets

- Target
  
  ffaa265d7e23d3fcd11b7e8819ac5e969327b3bd7047f9bd47bd21a1ee676217
- Size
  
  217KB
- MD5
  
  b2460cb089ff6eda8ded75d9b858e718
- SHA1
  
  f996dd360d386816f917054fba8d4c2eb6e75eed
- SHA256
  
  ffaa265d7e23d3fcd11b7e8819ac5e969327b3bd7047f9bd47bd21a1ee676217
- SHA512
  
  6b06d1f1015c1118776990b91892d6feafad67e725c53910124e32b1b0abcee6241e7b212c0a87d3f42bc589bbaeb209de238ad4aad57130d8be0649119d2b7c
- SSDEEP
  
  3072:wyyt4UXN2aCnpU/1lfu4JftvXwz37qW5cVbQmP:5PUhCnpilTHvAz7SV0mP
Score

10^/10

stealc discovery spyware stealer
- Detects Stealc stealer
  stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Downloads MZ/PE file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

stealcdiscoveryspywarestealer

© 2018-2024

Terms | Privacy