Overview

overview

10

Static

static

3

Set-up.exe

windows7-x64

1

Set-up.exe

windows10-2004-x64

10

Set-up.exe

ubuntu-18.04-amd64

Set-up.exe

debian-9-armhf

Set-up.exe

debian-9-mips

Set-up.exe

debian-9-mipsel

Sharing

Copy URL
Twitter E-mail

General

  • Target

    !Files-PAsw0rds__9090.rar

  • Size

    19.4MB

  • Sample

    240223-z2efraaa8x

  • MD5

    774e3d3ec8ad2d89b09303a9f25b77c9

  • SHA1

    02ecac2d4141288d639053da716f90e863ad622c

  • SHA256

    b3d3909049f260de18ab41e08ef34936b0e9c7ccdde22e13b8dadede834c3190

  • SHA512

    92a98a06b6c44c01c21450c84c993e20cc804d777915c342d14b12c6667bbd7a3260d8737780bba6f8a8c91c3bef87906e50efbc734d575d311162c34fb7ffb9

  • SSDEEP

    393216:0jsOVJQxPH/qo7UehOTV/CxSa1BZ9wUPycfyvLJWeATawmi5t:0jsOVJQ/Y7pI9BfyjOTaRmt

Score
10/10
stealclinuxstealer

Malware Config

Extracted

Family

stealc

C2

http://193.143.1.226

Attributes
  • url_path

    /129edec4272dc2c8.php

Targets

    • Target

      Set-up.exe

    • Size

      28.2MB

    • MD5

      bc272be55652281223596106de35d80e

    • SHA1

      265cf204d6bf9f7c4859c8ccafd7aa2497844a42

    • SHA256

      48971431a177d61264fe7e1e1b9751ee8aa3cc3d2eacc01d4bd84b5557811222

    • SHA512

      1c4c53b9bb5768b43f0f31342c02526093a132e30edd0855dbd7222b8ba37629886f9590c5d0cfb1ce3433abd8eb68c5a8f77b0843c1b98074bc38d680ee9fe3

    • SSDEEP

      196608:/n+Mg9/yhVmej7g6PzBGuMe31tfMo2AcVwoFmb:/Jg9iVmeIAfcVwLb

    Score
    10/10
    stealcstealer

    • Stealc

      Stealc is an infostealer written in C++.

      stealerstealc

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3behavioral4behavioral5behavioral6

MITRE ATT&CK Matrix

Tasks