Extracted

• • Target

    tmp

  • Size

    328KB

  • MD5

    1fe48fa76472584357a863654891de62

  • SHA1

    038896466f0a284367e1a6a12aade2d02c0e7b3c

  • SHA256

    8bbba57340913cb936decf9e9011765226ed96ab27daeb9c6ddb790a5683aa4c

  • SHA512

    fd6fe5f52209ce54c52f71f0da618cc28e69d90f0c7ec81b7ecd941b28c76084155beb86befe7693c21e3a88a55bdcfca6f2c59771c21189bfc79e2728287c7f

  • SSDEEP

    6144:ajG7iKC4XotnXZYfcyGkicRPzW3JZhfMBpyj1O1N:b7iKC44FZvyGkRRrW5ZZ0pwO1

  Score

  10^/10

  stealcdiscoveryspywarestealer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2