stealc | 6789f4405c7b1ee3326a4ba6a787e3b7466051889cbfcfff1fad09f128ae7ed8 | Triage

Sharing

General

Target

85fe9f67ab85bf222a82b13ff37cc0e3a2a88d73f2446e47ed6e7e88cf6b0f83.zip
Size

158KB
Sample

231119-1jrh2abh73
MD5

52eb74cf4dad99ffffbc95bb8252eba8
SHA1

ee950af5ca8a9f45d87a85ff9a818817ca006faf
SHA256

6789f4405c7b1ee3326a4ba6a787e3b7466051889cbfcfff1fad09f128ae7ed8
SHA512

7544be307c53189e186a599ac9be3fa0eb67032b13524ccfe619e8c616d65a504040d928a545e510cd700687df3d99bea6f065ab0bea3f07031da8f403fb71a8
SSDEEP

3072:xT0JRwgNAYGMXuKQkKCgyiCvDBsPYT2SgFj0PkQBwfqtsMa8rRPAXsJZ:x0AgbFfrieDK0n9G4r98k

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://giuliotoro.icu

Attributes

url_path
/40d570f44e84a454.php

rc4.plain

Targets

- Target
  
  85fe9f67ab85bf222a82b13ff37cc0e3a2a88d73f2446e47ed6e7e88cf6b0f83.exe
- Size
  
  265KB
- MD5
  
  292cf186b9046c3582b9dfa6ac9d1ea4
- SHA1
  
  9bcf3ee176b1755fe6ed088aa31409821e8f24aa
- SHA256
  
  85fe9f67ab85bf222a82b13ff37cc0e3a2a88d73f2446e47ed6e7e88cf6b0f83
- SHA512
  
  7446c305c2415173d9714e94d4db8acc656eb4050749581513f1230f145af12db8693609b3f2f5b4e6d75c28b630387219be25bab0d982567d99f47efdf87803
- SSDEEP
  
  3072:cLgwKGdk4Gc2Hq8DeIyb+BxSumEo2BUhNl0XRyUI9y7ovb3Trh6:q7dkJcT8Cdi2Eo2qnlUI9SMrT
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer

behavioral2