stealc | 99e8f82ab2bb612ea882af99cfc75a75a16e33217b42e6967c6c7a571818d81f | Triage

Sharing

General

Target

430143f995ce2e934f8021528f1a5c9f.bin
Size

139KB
Sample

231103-byzeracb58
MD5

1eb448fd29489c2648df2fbba847436e
SHA1

dbcde45628d1e213cfac3c39238d8637bdd7e055
SHA256

99e8f82ab2bb612ea882af99cfc75a75a16e33217b42e6967c6c7a571818d81f
SHA512

d63d17600dd3e30067b34238af8118a3c62f315e87020bd95403f1dce0e69bcf7003df347a257b434cb009d7889050022dabdf45978a15b9207a300a96b8fd24
SSDEEP

3072:58XTn0QrMV1lShLFroEcoLOD0sIPHZhSbS9l/VHzd:5ITHg18tFroEcoLODQHZvZzd

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://howardwood.top

Attributes

url_path
/e9c345fc99a4e67e.php

rc4.plain

Targets

- Target
  
  66467375d604cb25ddf27d225148d50f47c7f1fda23d561cc8325aaf1ff7a30f.exe
- Size
  
  222KB
- MD5
  
  430143f995ce2e934f8021528f1a5c9f
- SHA1
  
  a0423b7428a9c6a4af9231e6d4b47842c0d09bd9
- SHA256
  
  66467375d604cb25ddf27d225148d50f47c7f1fda23d561cc8325aaf1ff7a30f
- SHA512
  
  50790b4463906bfb1ac844771af38a7aeb063023aa90a210e0e743dee3532a089b3b7ea6aaccef2559cad1c0e791f4f31460fad0c6b2de9b10286af812d5620f
- SSDEEP
  
  3072:Mf+o9ImiTzzSyhNwAxOTkDExzl27jNa+PyRxBx/6C+tyKS/P9A17lAoLjguk:JokzzScOIDazMhNyBxHPKEk7moLEv
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer

behavioral2

stealcdiscoverystealer