stealc | f64398ee74ab5760caccfef93c615d537375c92241c15d2ea09fd402138786a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f64398ee74ab5760caccfef93c615d537375c92241c15d2ea09fd402138786a4
Size

217KB
Sample

231009-qnqr7ada9t
MD5

0b474c6739cbae86839d614d973d161f
SHA1

fb4ec82b145060eb3de4e40a37a4889cae2c4cfa
SHA256

f64398ee74ab5760caccfef93c615d537375c92241c15d2ea09fd402138786a4
SHA512

3e8b5932bb2e135e54b12f5671b6a351bbfad9dd870f257e84b2d4916f341cc7dbd513389e3d0cee73c5af21ebaba91dc0d6597f4a5eae0759cb0dc63cb3f978
SSDEEP

3072:THXubBYim17CEys0UazhcMLEvx+RQftVuJfW5+XT7:bubBS7C5s0UAu1vx+REtIhXT

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://dominiczachary.top

Attributes

url_path
/e9c345fc99a4e67e.php

rc4.plain

Targets

- Target
  
  f64398ee74ab5760caccfef93c615d537375c92241c15d2ea09fd402138786a4
- Size
  
  217KB
- MD5
  
  0b474c6739cbae86839d614d973d161f
- SHA1
  
  fb4ec82b145060eb3de4e40a37a4889cae2c4cfa
- SHA256
  
  f64398ee74ab5760caccfef93c615d537375c92241c15d2ea09fd402138786a4
- SHA512
  
  3e8b5932bb2e135e54b12f5671b6a351bbfad9dd870f257e84b2d4916f341cc7dbd513389e3d0cee73c5af21ebaba91dc0d6597f4a5eae0759cb0dc63cb3f978
- SSDEEP
  
  3072:THXubBYim17CEys0UazhcMLEvx+RQftVuJfW5+XT7:bubBS7C5s0UAu1vx+REtIhXT
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Downloads MZ/PE file
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer