Overview

overview

10

Static

static

3

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file.exe

  • Size

    262KB

  • Sample

    231016-f7pn5abh5t

  • MD5

    0bef5b12120a72cb35851b2cc2ce0e54

  • SHA1

    a4d4290b812d5c4b6404d0a774cb84db56f17e71

  • SHA256

    21cca6e56ae6895feaf58c319cf4b819acbeed43927e85b94b417d03350261de

  • SHA512

    10b10bdf72f2dc198b7a5af89e6753156109534f7146832b6ddf4c393549f47a259d11b2c22b62c270933aee8bf2eeefa51adc3ec32e0294790ba737ad52833e

  • SSDEEP

    3072:NBNXG1mXeXjTKGz0kk7/rv02QVx94Ev3jznIoqj9oL8W91p1kOi:TVX4jeGz0F7/rv0NVxCEv3g79gJ1p

Score
10/10
stealcdiscoveryspywarestealer

Malware Config

Extracted

Family

stealc

C2

http://elijahdiego.top

Attributes
  • url_path

    /e9c345fc99a4e67e.php

rc4.plain

Targets

    • Target

      file.exe

    • Size

      262KB

    • MD5

      0bef5b12120a72cb35851b2cc2ce0e54

    • SHA1

      a4d4290b812d5c4b6404d0a774cb84db56f17e71

    • SHA256

      21cca6e56ae6895feaf58c319cf4b819acbeed43927e85b94b417d03350261de

    • SHA512

      10b10bdf72f2dc198b7a5af89e6753156109534f7146832b6ddf4c393549f47a259d11b2c22b62c270933aee8bf2eeefa51adc3ec32e0294790ba737ad52833e

    • SSDEEP

      3072:NBNXG1mXeXjTKGz0kk7/rv02QVx94Ev3jznIoqj9oL8W91p1kOi:TVX4jeGz0F7/rv0NVxCEv3g79gJ1p

    Score
    10/10
    stealcdiscoveryspywarestealer

    • Stealc

      Stealc is an infostealer written in C++.

      stealerstealc

    • Downloads MZ/PE file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks