stealc | 546915e509d4f1c3a8b0f9d415ba3ade1b5095e1f69eef877e64f36203b4da67 | Triage

Analysis

max time kernel
24s
max time network
28s
platform
windows10-1703_x64
resource
win10-20231215-en
resource tags

arch:x64arch:x86image:win10-20231215-enlocale:en-usos:windows10-1703-x64system
submitted
07-01-2024 18:58

Sharing

Report Analysis Logs

General

Target

stealc.exe
Size

256KB
MD5

189736b36bdf727a34cf673e7797823b
SHA1

a3ea45dd1d9fdbaf19c5197ee6515c78168bc4b9
SHA256

bb6758a9bce33333cbe3c141c2f7c94077d97cf25c83eb4282cc5ddcaeccc194
SHA512

4d8c1143a785df75885ef851f88249a5078d436bf3a3e9ac74326df11cd7cea87ccbca5bbe08aaea75cd675a5b00a58ce1e3da4df373f81c765e4bfbce16f141
SSDEEP

6144:NlL+epunGnKy5a6MlWLuerZDqtJD80VK/o:rvunGnKyyW6eNDqtJDrc

Score

10^/10

stealc stealer

Malware Config

Extracted

Family

stealc

C2

http://91.215.85.189

Attributes

url_path
/43851895e447afd7.php

rc4.plain

Signatures

Stealc
Stealc is an infostealer written in C++.
stealer stealc

C:\Users\Admin\AppData\Local\Temp\stealc.exe
"C:\Users\Admin\AppData\Local\Temp\stealc.exe"
1⤵
PID:3736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3736-4-0x0000000000400000-0x00000000007CA000-memory.dmp

Filesize
3.8MB

Download
memory/3736-3-0x0000000000400000-0x00000000007CA000-memory.dmp

Filesize
3.8MB

Download
memory/3736-2-0x00000000008E0000-0x00000000008FB000-memory.dmp

Filesize
108KB

Download
memory/3736-1-0x0000000000910000-0x0000000000A10000-memory.dmp

Filesize
1024KB

Download