stealc | 97055dee15c10659c3811101d25664344affbf96ca0c9484e19a2dc1c0fc46df | Triage

Sharing

General

Target

97055dee15c10659c3811101d25664344affbf96ca0c9484e19a2dc1c0fc46df
Size

1.4MB
Sample

231023-yvn6yagb97
MD5

ac1426c25265f0c1f2fabb4bf41c3b8a
SHA1

aad501562250a3510d9ad635687c284831b99d1d
SHA256

97055dee15c10659c3811101d25664344affbf96ca0c9484e19a2dc1c0fc46df
SHA512

de1f3d9746a124cc1ca02a761f0e7b0aef9841d87d9e29db8db083660501f374187d3581e5f2c56fa13384eac9fdfd0e70596a4c3677aac7d74cb6e885cb9a4c
SSDEEP

12288:bRgcdrhCHwfbv7rHMUtXe44Lzynertxn+9WXH3ML:bmqewfbv7IwOlLzynertxmWXH8

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://tetromask.site

Attributes

url_path
/b5c586aec2e1004c.php

rc4.plain

Targets

- Target
  
  97055dee15c10659c3811101d25664344affbf96ca0c9484e19a2dc1c0fc46df
- Size
  
  1.4MB
- MD5
  
  ac1426c25265f0c1f2fabb4bf41c3b8a
- SHA1
  
  aad501562250a3510d9ad635687c284831b99d1d
- SHA256
  
  97055dee15c10659c3811101d25664344affbf96ca0c9484e19a2dc1c0fc46df
- SHA512
  
  de1f3d9746a124cc1ca02a761f0e7b0aef9841d87d9e29db8db083660501f374187d3581e5f2c56fa13384eac9fdfd0e70596a4c3677aac7d74cb6e885cb9a4c
- SSDEEP
  
  12288:bRgcdrhCHwfbv7rHMUtXe44Lzynertxn+9WXH3ML:bmqewfbv7IwOlLzynertxmWXH8
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer