stealc | 119e903551a459831af73657fa4478655a8a94febcfbb5f82be19781cdc4a123 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5c0e1a9256d2f592e3fcac9302eaa26.exe
Size

265KB
Sample

231012-r299esec8t
MD5

b5c0e1a9256d2f592e3fcac9302eaa26
SHA1

d9af2e07d01c16074428e6715b88f1b7ed3242dd
SHA256

119e903551a459831af73657fa4478655a8a94febcfbb5f82be19781cdc4a123
SHA512

f6d3e998685b2fa1b66cbff05f8cda1b8c8c0918ac623657cf4e4f34480da13a713cedfb1d4709e50ba91fd6661229df11f0ad716c4472312388968c18aa659a
SSDEEP

3072:LjBNZFrvnIPaYv6tF83IbtOIwZMO9uppjVTDUbTmuwzB:RBrvnIPaYv6tF83EtFcMO0ppjRDU/m

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://elijahdiego.top

Attributes

url_path
/e9c345fc99a4e67e.php

rc4.plain

Targets

- Target
  
  b5c0e1a9256d2f592e3fcac9302eaa26.exe
- Size
  
  265KB
- MD5
  
  b5c0e1a9256d2f592e3fcac9302eaa26
- SHA1
  
  d9af2e07d01c16074428e6715b88f1b7ed3242dd
- SHA256
  
  119e903551a459831af73657fa4478655a8a94febcfbb5f82be19781cdc4a123
- SHA512
  
  f6d3e998685b2fa1b66cbff05f8cda1b8c8c0918ac623657cf4e4f34480da13a713cedfb1d4709e50ba91fd6661229df11f0ad716c4472312388968c18aa659a
- SSDEEP
  
  3072:LjBNZFrvnIPaYv6tF83IbtOIwZMO9uppjVTDUbTmuwzB:RBrvnIPaYv6tF83EtFcMO0ppjRDU/m
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Downloads MZ/PE file
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer

behavioral2

stealcdiscoverystealer