stealc | 739fd0e7383914a1b5f5e1aa49994980a19fde776ebb96797c276e47af59d3be | Triage

Sharing

Copy URL Twitter E-mail

General

Target

739fd0e7383914a1b5f5e1aa49994980a19fde776ebb96797c276e47af59d3be
Size

1.1MB
Sample

231029-jyghyafa5t
MD5

22ae3a0d9a13c7e8c37166ef42be3a22
SHA1

34f504062d963b7ec924854576526f35aeab746c
SHA256

739fd0e7383914a1b5f5e1aa49994980a19fde776ebb96797c276e47af59d3be
SHA512

9a17b8d56e8d831262e23b2c3346ea41bd6221d348216be80e7c096fc37bf1e808005b9828dad4f3b8e765ea8b913872baf87fdc9c3442572b025781fc72e886
SSDEEP

24576:8eh4biccwWcz+9N+gigYb484ecjxJjpZ/ZA9:8j4EmZNM

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://tetromask.site

Attributes

url_path
/b5c586aec2e1004c.php

rc4.plain

Targets

- Target
  
  739fd0e7383914a1b5f5e1aa49994980a19fde776ebb96797c276e47af59d3be
- Size
  
  1.1MB
- MD5
  
  22ae3a0d9a13c7e8c37166ef42be3a22
- SHA1
  
  34f504062d963b7ec924854576526f35aeab746c
- SHA256
  
  739fd0e7383914a1b5f5e1aa49994980a19fde776ebb96797c276e47af59d3be
- SHA512
  
  9a17b8d56e8d831262e23b2c3346ea41bd6221d348216be80e7c096fc37bf1e808005b9828dad4f3b8e765ea8b913872baf87fdc9c3442572b025781fc72e886
- SSDEEP
  
  24576:8eh4biccwWcz+9N+gigYb484ecjxJjpZ/ZA9:8j4EmZNM
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer