stealc | f1210b26bcb447fb74411a3ff64f56bb930bb51729dd21b8581868a9a79f06ee | Triage

Sharing

General

Target

f1210b26bcb447fb74411a3ff64f56bb930bb51729dd21b8581868a9a79f06ee
Size

1.1MB
Sample

231029-lpaedafc3t
MD5

baef575db1492dd0da2634308454dc03
SHA1

913c874deba7cc88c460b372949388bcbb4d4e86
SHA256

f1210b26bcb447fb74411a3ff64f56bb930bb51729dd21b8581868a9a79f06ee
SHA512

e3d86ae827de2e441584203debc0201ebd6312a1bbb51dc82c992652f4cb898831fa27567639855cc125b6f84e63484b443be28b58fc663b0228ab8794f29cee
SSDEEP

24576:8eh4biccwWcz+9N+gigYb484ecjxJjpZ/tA9:8j4EmZNY

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://tetromask.site

Attributes

url_path
/b5c586aec2e1004c.php

rc4.plain

Targets

- Target
  
  f1210b26bcb447fb74411a3ff64f56bb930bb51729dd21b8581868a9a79f06ee
- Size
  
  1.1MB
- MD5
  
  baef575db1492dd0da2634308454dc03
- SHA1
  
  913c874deba7cc88c460b372949388bcbb4d4e86
- SHA256
  
  f1210b26bcb447fb74411a3ff64f56bb930bb51729dd21b8581868a9a79f06ee
- SHA512
  
  e3d86ae827de2e441584203debc0201ebd6312a1bbb51dc82c992652f4cb898831fa27567639855cc125b6f84e63484b443be28b58fc663b0228ab8794f29cee
- SSDEEP
  
  24576:8eh4biccwWcz+9N+gigYb484ecjxJjpZ/tA9:8j4EmZNY
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer