stealc | 6dc8c0e5d209195925a1265b10a0390b57d6a19d645208a71692131a19181718 | Triage

Sharing

General

Target

6dc8c0e5d209195925a1265b10a0390b57d6a19d645208a71692131a19181718
Size

1.1MB
Sample

231028-zbswfsfb27
MD5

4c824267aa77b0c6caa3a723554aa4d4
SHA1

1b371a2f153881792934322bf2a76fd6dcc167ef
SHA256

6dc8c0e5d209195925a1265b10a0390b57d6a19d645208a71692131a19181718
SHA512

bf5a866f2945aee501cb7acfb3ddfda28e28792a64b063ced844e60b4fe6c439090b42027da2b873e5ba42b8bbf0264e3274339c75f8f70f347bdfbc52ba6a6e
SSDEEP

24576:8eh4biccwWcz+9N+gigYb484ecjxJjpZ/1A9:8j4EmZNI

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://tetromask.site

Attributes

url_path
/b5c586aec2e1004c.php

rc4.plain

Targets

- Target
  
  6dc8c0e5d209195925a1265b10a0390b57d6a19d645208a71692131a19181718
- Size
  
  1.1MB
- MD5
  
  4c824267aa77b0c6caa3a723554aa4d4
- SHA1
  
  1b371a2f153881792934322bf2a76fd6dcc167ef
- SHA256
  
  6dc8c0e5d209195925a1265b10a0390b57d6a19d645208a71692131a19181718
- SHA512
  
  bf5a866f2945aee501cb7acfb3ddfda28e28792a64b063ced844e60b4fe6c439090b42027da2b873e5ba42b8bbf0264e3274339c75f8f70f347bdfbc52ba6a6e
- SSDEEP
  
  24576:8eh4biccwWcz+9N+gigYb484ecjxJjpZ/1A9:8j4EmZNI
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer