stealc | a0bbcafceb0164455f397ad28ffb2fa521c25d1eac81ca2c90428e4f2647bd62 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a0bbcafceb0164455f397ad28ffb2fa521c25d1eac81ca2c90428e4f2647bd62
Size

2.0MB
Sample

231024-qeqe3aeh52
MD5

baace728c4d5fb878ee87ae4219945b3
SHA1

9b0e0e7b6bb81c8e48c0787cab85f388d273e611
SHA256

a0bbcafceb0164455f397ad28ffb2fa521c25d1eac81ca2c90428e4f2647bd62
SHA512

63ff956c3ac2dea7a6e10fff92145e02058a7947fc782225e05861cc8a2322d04a5b63ba5495513e66343eb90864ce36774ad1197a53fd5e8f2b82868adf9c6e
SSDEEP

24576:AlBcaQa6wtGNOb3tyAY9AzmqIFqtxmWXH8:ATCwugyASotxmWX

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://tetromask.site

Attributes

url_path
/b5c586aec2e1004c.php

rc4.plain

Targets

- Target
  
  a0bbcafceb0164455f397ad28ffb2fa521c25d1eac81ca2c90428e4f2647bd62
- Size
  
  2.0MB
- MD5
  
  baace728c4d5fb878ee87ae4219945b3
- SHA1
  
  9b0e0e7b6bb81c8e48c0787cab85f388d273e611
- SHA256
  
  a0bbcafceb0164455f397ad28ffb2fa521c25d1eac81ca2c90428e4f2647bd62
- SHA512
  
  63ff956c3ac2dea7a6e10fff92145e02058a7947fc782225e05861cc8a2322d04a5b63ba5495513e66343eb90864ce36774ad1197a53fd5e8f2b82868adf9c6e
- SSDEEP
  
  24576:AlBcaQa6wtGNOb3tyAY9AzmqIFqtxmWXH8:ATCwugyASotxmWX
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer