stealc | b9f0271e98df60292728e76b6f43a9953d30a2cb8b471bc85ff9fe712232c8d4 | Triage

Sharing

General

Target

b9f0271e98df60292728e76b6f43a9953d30a2cb8b471bc85ff9fe712232c8d4
Size

2.0MB
Sample

231024-lhncnadg58
MD5

e4074d8854155563f55cec052254e174
SHA1

d715c8a7d387901467487cbd0827c3a15cf5d3c6
SHA256

b9f0271e98df60292728e76b6f43a9953d30a2cb8b471bc85ff9fe712232c8d4
SHA512

727eb6dcc31d9c04b50c9715686b26b81bbcc8bbe306a9f17d93ab6be054dc853c4ad7655847ad223b1034b08e84cd264d058aba15dc1ab2709f00ebf98dfef2
SSDEEP

24576:AlBcaQa6wtGNOb3tyAY9AzmqIFStxmWXH8:ATCwugyASgtxmWX

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://tetromask.site

Attributes

url_path
/b5c586aec2e1004c.php

rc4.plain

Targets

- Target
  
  b9f0271e98df60292728e76b6f43a9953d30a2cb8b471bc85ff9fe712232c8d4
- Size
  
  2.0MB
- MD5
  
  e4074d8854155563f55cec052254e174
- SHA1
  
  d715c8a7d387901467487cbd0827c3a15cf5d3c6
- SHA256
  
  b9f0271e98df60292728e76b6f43a9953d30a2cb8b471bc85ff9fe712232c8d4
- SHA512
  
  727eb6dcc31d9c04b50c9715686b26b81bbcc8bbe306a9f17d93ab6be054dc853c4ad7655847ad223b1034b08e84cd264d058aba15dc1ab2709f00ebf98dfef2
- SSDEEP
  
  24576:AlBcaQa6wtGNOb3tyAY9AzmqIFStxmWXH8:ATCwugyASgtxmWX
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer