stealc | 8d68b95615647d6aa01e2a453633bc50b56914d1c080f5ee76e0e0c0eccb371a | Triage

Sharing

General

Target

e3f22c558d75027b015316abe47ca508.bin
Size

159KB
Sample

231011-h9jl1abg38
MD5

7e6ba0ef4269913c174ae17b8d77310d
SHA1

e7cc4da11e3335fa5512ed3f7a04b849fb379ba8
SHA256

8d68b95615647d6aa01e2a453633bc50b56914d1c080f5ee76e0e0c0eccb371a
SHA512

504a27e20f768254abcc8fad22c7c4bd9f0e4a55277dd7e3052f4a62e32dbbd0715e1f3d64cb59dc0a62ee610d85445bf7bd1e05c302c3d9f4e96715d05e75ba
SSDEEP

3072:jAMw257RNQn5qHxvo6MOdphmtziCgPyVzDNY7CkwDxiUDYV7owY1M6ybKdW35yL8:jLVRGoHxBMOdzmtzacDNY7+xGV7oz6Sw

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://jesseaustin.top

Attributes

url_path
/e9c345fc99a4e67e.php

rc4.plain

Targets

- Target
  
  a7ef527f14859669fbebd43ad4c7e11657718f7133fa96bed7928fa6269856de.exe
- Size
  
  266KB
- MD5
  
  e3f22c558d75027b015316abe47ca508
- SHA1
  
  15800166078d5ec43266ff681c189b3d6e5d96f7
- SHA256
  
  a7ef527f14859669fbebd43ad4c7e11657718f7133fa96bed7928fa6269856de
- SHA512
  
  497b9cd0eb663e65e63cdba9575eccdc72b085b76c3b2be2cab20db9f159e583d1d5738d85d1c7998da6ff4a28f1ff3cb7d4414ae3bf19cde2a427a34bdc53b4
- SSDEEP
  
  6144:2TylYME02Ze03HS0aR3FFdJU7S/jodjihtMxNT:XeAibAVFkM8Ji65
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Downloads MZ/PE file
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer

behavioral2

stealcdiscoverystealer