stealc | 9ef5773cb59be196f4a0d6ed7661ca41[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9ef5773cb59be196f4a0d6ed7661ca41.bin
Size

4.4MB
MD5

9ef5773cb59be196f4a0d6ed7661ca41
SHA1

e0c60a6d717fea0f5da6743ae35238ec1e3b0c25
SHA256

64d479684232aa605660c0cce24b1b0caa6ef8dadaa1945566bcc35d8fa552af
SHA512

bb7518f465840a46ab36899c94248ced1cb00eba39f1b7671b4ed526e151531d5479896480aa822e1e6bf1ec8e452753de85206f61058ed047535964cc7c4705
SSDEEP

3072:sg471w/yH6ooxFp/5Pr45eROQhNy0dWe:sg47O/M6ooxFp/5hZ80

Score

10^/10

stealc

Malware Config

Signatures

Stealc family
stealc

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ef5773cb59be196f4a0d6ed7661ca41.bin

Files

9ef5773cb59be196f4a0d6ed7661ca41.bin
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ