stealc | 5ebb58edcd349c0e4e5322953c82031c8bbc570511f096e8fb7b902ddb0e9557 | Triage

Submit
Reports

Overview

overview

Static

static

a6395f652c...9c.exe

windows7-x64

a6395f652c...9c.exe

windows10-2004-x64

Sharing

General

Target

a6395f652c356dbcf03a082e37853f9c.exe
Size

101KB
Sample

231107-rnzkrsae97
MD5

a6395f652c356dbcf03a082e37853f9c
SHA1

aac503dfad03154cb41f8f9f66a2f1c69a2b9d78
SHA256

5ebb58edcd349c0e4e5322953c82031c8bbc570511f096e8fb7b902ddb0e9557
SHA512

b65791845dc3ce2b4136c8dffba5e55e2d143bb68090a58ec8e38f1e534adf151b41e887cfa2c8eaf94afcc0d0f9d2292024ca80296f927ef8b956a0b6186d2d
SSDEEP

3072:TK0ufpwQ5jXl9t6Swu6bCYf5z46CyOVfFgtI:20uiQ9jtpf4DHO/gt

Score

10^/10

stealc discovery stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

a6395f652c356dbcf03a082e37853f9c.exe

Resource

win7-20231025-en

stealc discovery stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

a6395f652c356dbcf03a082e37853f9c.exe

Resource

win10v2004-20231023-en

stealc discovery stealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

stealc

C2

http://94.142.138.179

Attributes

url_path
/518893e599328c52.php

rc4.plain

Targets

- Target
  
  a6395f652c356dbcf03a082e37853f9c.exe
- Size
  
  101KB
- MD5
  
  a6395f652c356dbcf03a082e37853f9c
- SHA1
  
  aac503dfad03154cb41f8f9f66a2f1c69a2b9d78
- SHA256
  
  5ebb58edcd349c0e4e5322953c82031c8bbc570511f096e8fb7b902ddb0e9557
- SHA512
  
  b65791845dc3ce2b4136c8dffba5e55e2d143bb68090a58ec8e38f1e534adf151b41e887cfa2c8eaf94afcc0d0f9d2292024ca80296f927ef8b956a0b6186d2d
- SSDEEP
  
  3072:TK0ufpwQ5jXl9t6Swu6bCYf5z46CyOVfFgtI:20uiQ9jtpf4DHO/gt
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer

behavioral2

stealcdiscoverystealer

© 2018-2025

Terms | Privacy