Extracted

• • Target

    5a1a90919e9303b46ddc59f16f9df6b91fb43321115add86492c8e159a0da5cf

  • Size

    237KB

  • MD5

    7796fb440857db3ebd9fe3e750dfffe1

  • SHA1

    547b0ae532c5fa5d6a69b1f1779c554eab75787e

  • SHA256

    5a1a90919e9303b46ddc59f16f9df6b91fb43321115add86492c8e159a0da5cf

  • SHA512

    f8bacaac748d1c68ffca37a6facdc0b18741761c706d3f440643c552d12a3698767e6e18f48433b643146ffaca233542c3dc28c2ca0ff90a1256f70a5c59d78f

  • SSDEEP

    3072:HzbEoXOJ2BQlgUWDc6MtWB959XoP8iV1ySnf/cqxj045fhU1:kGg3WCtWz9XoP8iV0IHTh

  Score

  10^/10

  stealcdiscoveryspywarestealer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2