stealc | b88148608c67d74bc4bc9751c6a658041564c40d552513de26b1d712ab6f5d34 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b88148608c67d74bc4bc9751c6a658041564c40d552513de26b1d712ab6f5d34
Size

283KB
Sample

231128-fm9tkafe2v
MD5

ef15fa43cb72f5022eb6d5a5f4c634a1
SHA1

2e48c256ca0bf8299221c9d3f2a00d7893f3d643
SHA256

b88148608c67d74bc4bc9751c6a658041564c40d552513de26b1d712ab6f5d34
SHA512

a17a3559227ecefc7e7f23272adfe9d422031f9a7543683f2d65b1cda8cb0eecee5457656f0007cb9403f08d1f09e89a8b05510d3d8040342befc3d249853077
SSDEEP

3072:Sv5kbddbvK5fA1TT1w84mxsabuFNIZTpcTdLM/0W41mm+dETyVqSWzzS2LchWn:aIdQ5Q3u84mx96IZF01LfOqNzzS2L3

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://janmorath.icu

Attributes

url_path
/40d570f44e84a454.php

rc4.plain

Targets

- Target
  
  b88148608c67d74bc4bc9751c6a658041564c40d552513de26b1d712ab6f5d34
- Size
  
  283KB
- MD5
  
  ef15fa43cb72f5022eb6d5a5f4c634a1
- SHA1
  
  2e48c256ca0bf8299221c9d3f2a00d7893f3d643
- SHA256
  
  b88148608c67d74bc4bc9751c6a658041564c40d552513de26b1d712ab6f5d34
- SHA512
  
  a17a3559227ecefc7e7f23272adfe9d422031f9a7543683f2d65b1cda8cb0eecee5457656f0007cb9403f08d1f09e89a8b05510d3d8040342befc3d249853077
- SSDEEP
  
  3072:Sv5kbddbvK5fA1TT1w84mxsabuFNIZTpcTdLM/0W41mm+dETyVqSWzzS2LchWn:aIdQ5Q3u84mx96IZF01LfOqNzzS2L3
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Downloads MZ/PE file
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer