Extracted

• • Target

    5401590c0dd63cae68769ddba894fd5fc7f5b7bd97acb325f2d9c6c43798a27c

  • Size

    102KB

  • MD5

    03b75cb65dfc55f7594704128d3c2bad

  • SHA1

    860fe6106d80aca1dfbfe2e2b42464b127cc4f02

  • SHA256

    5401590c0dd63cae68769ddba894fd5fc7f5b7bd97acb325f2d9c6c43798a27c

  • SHA512

    21f66b1a7073c7c95a2fdb36cc829964e8af704cea18a420457607087f26eccfff48f6a5da4eee92a4361e32a88dc7ca77e6e7f7b7178749cb9cf10a93605155

  • SSDEEP

    1536:lI5Llf0xro4tjPwkqp2kzi/15ERKwAHLFGzKjhqgUZdb4JElJL4gvjMTf9L6J8vL:liZkPwbpTK8Q5Uzf4JElJvIT4uURq

  Score

  10^/10

  stealc1313236947597216811129890812discoveryspywarestealer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Downloads MZ/PE file

  • Deletes itself

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2