stealc | d7ac63b4eec2b65d20822cfe3206c870c5e0a05756803839966670fd8e8a8a4d | Triage

Sharing

General

Target

d7ac63b4eec2b65d20822cfe3206c870c5e0a05756803839966670fd8e8a8a4d
Size

263KB
Sample

231212-vynssshaen
MD5

a1b0c480995b7f79729afd4a60d3d873
SHA1

e1a83c7e979b06cb8f587bc1ab62894549291615
SHA256

d7ac63b4eec2b65d20822cfe3206c870c5e0a05756803839966670fd8e8a8a4d
SHA512

c20586f17c885745dd29093ab9117b4f3bcdf0e36a11e73b8db403f5f3e361470981d7683c288799f9a4295be350d3e97960b613710033e00c5358b222652aca
SSDEEP

3072:2Hi07YpzjaXj76Do4XUfI876iFjysbDR3M5RI2dLv9sOVVyTu:ci07Ypz2CDoAiI87xFusII2RVj+T

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://5.42.66.36

Attributes

url_path
/1fa9cf51b66b1f7e.php

rc4.plain

Targets

- Target
  
  d7ac63b4eec2b65d20822cfe3206c870c5e0a05756803839966670fd8e8a8a4d
- Size
  
  263KB
- MD5
  
  a1b0c480995b7f79729afd4a60d3d873
- SHA1
  
  e1a83c7e979b06cb8f587bc1ab62894549291615
- SHA256
  
  d7ac63b4eec2b65d20822cfe3206c870c5e0a05756803839966670fd8e8a8a4d
- SHA512
  
  c20586f17c885745dd29093ab9117b4f3bcdf0e36a11e73b8db403f5f3e361470981d7683c288799f9a4295be350d3e97960b613710033e00c5358b222652aca
- SSDEEP
  
  3072:2Hi07YpzjaXj76Do4XUfI876iFjysbDR3M5RI2dLv9sOVVyTu:ci07Ypz2CDoAiI87xFusII2RVj+T
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer