Extracted

• • Target

    6b061a3bed6d154f931d09b6c9c4cc05adea70431fe225406e28dc360724ca24

  • Size

    4.0MB

  • MD5

    5bd216a72dc52d0ae58d8efa14fe4f8f

  • SHA1

    a8187e77a20ef41e8177d5e6e9340b024819a302

  • SHA256

    6b061a3bed6d154f931d09b6c9c4cc05adea70431fe225406e28dc360724ca24

  • SHA512

    7f0c57a6ff51aa8e10a988e4067c96ce7e80a9ac948675ec800fd48250aecba9bcd92a247d9d2c4e5c7ff599d7620e702909da5c31dde618b320b2b2f68fd787

  • SSDEEP

    49152:MBi9xBTr3/4JEvFQsThK+eaxEdga4OiZrq1DfP+rsNADtV6v+L0uSwiPSCmDS+5J:8i9lvtEz4OiZrq1DfPHNADtV6v+

  Score

  10^/10

  stealcspywarestealer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Downloads MZ/PE file

  • Drops startup file

  • Loads dropped DLL

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2