Extracted

• • Target

    b39e78e8dc2c983b3587fffcfd242f05.exe

  • Size

    262KB

  • MD5

    b39e78e8dc2c983b3587fffcfd242f05

  • SHA1

    4648b28f5a8596687e6ad8f20e4ab7642ffc346c

  • SHA256

    dccdb6e16d2f01e46e021c8887b7353a841d7fce133ec2cb37a5781230ade52e

  • SHA512

    28f4accbf55be67b1d7e670a4759b658d337127334ce4231abe27b3b33fe52823243aa1f016deb9f36bf57e814c6f13d6af7e4693e28e9bfb1fd771917b0d7bd

  • SSDEEP

    6144:yU2rW27We/4m0cy2MN3hLcjC9mUWpzTIW:KWul/kX7

  Score

  10^/10

  stealcdiscoveryspywarestealer

  • Detects Stealc stealer

    stealer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Downloads MZ/PE file

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2