stealc | 8cc102419ed6bb9540fef7fca7c92e8827e13d9f2679318d01232b187f1801ff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8cc102419ed6bb9540fef7fca7c92e8827e13d9f2679318d01232b187f1801ff
Size

1.4MB
Sample

231023-t1gxlacb83
MD5

1707fb16730b822bd1f1b96605b26a00
SHA1

79e933a6456dd2a5eadbffd071f489061113d92f
SHA256

8cc102419ed6bb9540fef7fca7c92e8827e13d9f2679318d01232b187f1801ff
SHA512

4ffc5951b3ae6e0127e514ab81f0a1c6c3df2d6d0f1400a24d8e0aed40f1e6f9d6a148eb4805b7a03354625c4cfa7518bab5d45f95c763534b49fcedd8a97c48
SSDEEP

12288:bRgcdrhCHwfbv7rHMUtXe44Lzynewtxn+9WXH3ML:bmqewfbv7IwOlLzynewtxmWXH8

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://tetromask.site

Attributes

url_path
/b5c586aec2e1004c.php

rc4.plain

Targets

- Target
  
  8cc102419ed6bb9540fef7fca7c92e8827e13d9f2679318d01232b187f1801ff
- Size
  
  1.4MB
- MD5
  
  1707fb16730b822bd1f1b96605b26a00
- SHA1
  
  79e933a6456dd2a5eadbffd071f489061113d92f
- SHA256
  
  8cc102419ed6bb9540fef7fca7c92e8827e13d9f2679318d01232b187f1801ff
- SHA512
  
  4ffc5951b3ae6e0127e514ab81f0a1c6c3df2d6d0f1400a24d8e0aed40f1e6f9d6a148eb4805b7a03354625c4cfa7518bab5d45f95c763534b49fcedd8a97c48
- SSDEEP
  
  12288:bRgcdrhCHwfbv7rHMUtXe44Lzynewtxn+9WXH3ML:bmqewfbv7IwOlLzynewtxmWXH8
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer