Extracted

• • Target

    10e82b6ad59c2ab5f97f96e60.exe

  • Size

    2.2MB

  • MD5

    10e82b6ad59c2ab5f97f96e6060bb12e

  • SHA1

    9491bd29357513c63d703ac9d99dcf25251d7cd7

  • SHA256

    3bd221e945c0da67960f21c8bec0d678ff84f10dcf3b5866ed57a1ced810cbd9

  • SHA512

    382fcf2a97391d739d1543ded334f48a2e1f32471649a1837aa7a6902b6126fbd40178371681bbfdf7d1f6b46af10ec91f96cb6a9ed598e87617dd9574a64d8f

  • SSDEEP

    49152:vBuZrEUiWqJZU2zF35Me89k6YQoWH6hBJLJZ2iZ3vxm3c7ldhA:ZkLiWqJZU4F3XEYVbXvm3chA

  Score

  10^/10

  stealcdiscoveryspywarestealer

  • Detects Stealc stealer

    stealer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Downloads MZ/PE file

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2