stealc | b469f89a25a145e388de4dfecf9bf86a80191546ed9dd54005ed2d7d9cf408a5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b469f89a25a145e388de4dfecf9bf86a80191546ed9dd54005ed2d7d9cf408a5
Size

1.4MB
Sample

231023-14e1qsgd2v
MD5

a6261fc1a7b8542419abc2d2d322d45b
SHA1

d46a30410138f26e00e20056938f527f121a59f9
SHA256

b469f89a25a145e388de4dfecf9bf86a80191546ed9dd54005ed2d7d9cf408a5
SHA512

ab6aa07865391b549c7e4fdda6e6d6db335f7c6d1ef23a530440c625379f7665fbccb399e797156024f0c384dd7ce9ba87cd8f55b51e5d8c58dbef0f28476033
SSDEEP

12288:bRgcdrhCHwfbv7rHMUtXe44Lzynejtxn+9WXH3ML:bmqewfbv7IwOlLzynejtxmWXH8

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://tetromask.site

Attributes

url_path
/b5c586aec2e1004c.php

rc4.plain

Targets

- Target
  
  b469f89a25a145e388de4dfecf9bf86a80191546ed9dd54005ed2d7d9cf408a5
- Size
  
  1.4MB
- MD5
  
  a6261fc1a7b8542419abc2d2d322d45b
- SHA1
  
  d46a30410138f26e00e20056938f527f121a59f9
- SHA256
  
  b469f89a25a145e388de4dfecf9bf86a80191546ed9dd54005ed2d7d9cf408a5
- SHA512
  
  ab6aa07865391b549c7e4fdda6e6d6db335f7c6d1ef23a530440c625379f7665fbccb399e797156024f0c384dd7ce9ba87cd8f55b51e5d8c58dbef0f28476033
- SSDEEP
  
  12288:bRgcdrhCHwfbv7rHMUtXe44Lzynejtxn+9WXH3ML:bmqewfbv7IwOlLzynejtxmWXH8
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer