stealc | a40fd2d90a9a069b9c05e35400e18d2880665b52a15f4034d0d4befaf21c7098 | Triage

Sharing

General

Target

485969ebc7fb19905e9cd1008c26b7ad.bin
Size

152KB
Sample

231106-b4m9nshb36
MD5

61448be8460ff86fc562e9856cc3fb35
SHA1

3f7c32debec1168a89df8b51e5ecbae28dc7cddc
SHA256

a40fd2d90a9a069b9c05e35400e18d2880665b52a15f4034d0d4befaf21c7098
SHA512

c6d92ffe7e0b1b1884d271ba4fdd97b98d2f6175d5e0e2371e523fbe913c980b7ebb0e88ae43faa5a7c7fd5cc4beefdb907667cb32f62cc18b1304b2bcdd2566
SSDEEP

3072:DgPmLV6BSpr0nEAE4LA6jbWKNiuVzjeEfQr2QGeBfZ52+NMDmRSlPpY:DgPqVOnEAhLA6jVNiuBeEfQrNGeBFW4x

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://williammoore.top

Attributes

url_path
/40d570f44e84a454.php

rc4.plain

Targets

- Target
  
  d6eabb83f35e3577eb994fac432bb4334d579393249bdd6cbf39f71bd3785d59.exe
- Size
  
  251KB
- MD5
  
  485969ebc7fb19905e9cd1008c26b7ad
- SHA1
  
  e457413062c38dfa2381e841a6c29728335b809f
- SHA256
  
  d6eabb83f35e3577eb994fac432bb4334d579393249bdd6cbf39f71bd3785d59
- SHA512
  
  1b205441d0bcb1783b6bcc70c54f04754f6113b76958520a0a1ea29259720c78355561b3dbb787dc97298298a599d66ddf9e618100fb1a2ad6198309ba327b22
- SSDEEP
  
  6144:cPFEOlHtmLigXXU9tsO+mfx7Uz5Edp1iee74:YmwtmLimU9tBRpYE/1i7k
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer

behavioral2

stealcdiscoverystealer