stealc | e25f82fe1023ec471f108aaa11a1b3aba1274aff67164616ac3c9217c5448b3d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e25f82fe1023ec471f108aaa11a1b3aba1274aff67164616ac3c9217c5448b3d
Size

205KB
Sample

231212-az3ccsdbh9
MD5

fbb93c2cdfd42dded5b44ce9da573dba
SHA1

21cba16a8592ddcec364e67b69770e114ad8f705
SHA256

e25f82fe1023ec471f108aaa11a1b3aba1274aff67164616ac3c9217c5448b3d
SHA512

e6dd2b2f050728e91cc02df47877e005f252fd3327c8d4026b4432df55d141534f7944e71695e94487f79c8efb4b886df61cd6657daf360c43adb3a1cc7308a6
SSDEEP

3072:7Ebx6L3uNWNnNQVOw0GATTgFHWsMBX1zoHKv6Mum7aqM6F5gkhTH:yx6LeNAQVNCgEBX1zsy6MzbsOT

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://77.91.76.36

Attributes

url_path
/3886d2276f6914c4.php

rc4.plain

Targets

- Target
  
  e25f82fe1023ec471f108aaa11a1b3aba1274aff67164616ac3c9217c5448b3d
- Size
  
  205KB
- MD5
  
  fbb93c2cdfd42dded5b44ce9da573dba
- SHA1
  
  21cba16a8592ddcec364e67b69770e114ad8f705
- SHA256
  
  e25f82fe1023ec471f108aaa11a1b3aba1274aff67164616ac3c9217c5448b3d
- SHA512
  
  e6dd2b2f050728e91cc02df47877e005f252fd3327c8d4026b4432df55d141534f7944e71695e94487f79c8efb4b886df61cd6657daf360c43adb3a1cc7308a6
- SSDEEP
  
  3072:7Ebx6L3uNWNnNQVOw0GATTgFHWsMBX1zoHKv6Mum7aqM6F5gkhTH:yx6LeNAQVNCgEBX1zsy6MzbsOT
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer