stealc | aec78af48eae36b854743094d14944a1215d2e7425500f2c510cbcf140fda7a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2448-3-0x0000000028DC0000-0x0000000028FE9000-memory.dmp
Size

2.2MB
Sample

240305-pke1vaee71
MD5

9931dff35b18358224537a1c06cad604
SHA1

ffeadd2e59c0afe5ab4dd572a480883c89004426
SHA256

aec78af48eae36b854743094d14944a1215d2e7425500f2c510cbcf140fda7a1
SHA512

cfe156fdab7e108f1a1e82c4c75caab826983eb80d4cd06777060c7e65932551885344dc60c2d57780b915e6ebb748f331d0d0577d281c72def9f19118ab64bf
SSDEEP

3072:dT/vvdBVLdMed0dyLb6faODUv2R9WIkXiZ1Kg:dDHVLueEMfyZ1Kg

Score

10^/10

stealc stealer

Malware Config

Extracted

Family

stealc

C2

http://45.159.248.242

Attributes

url_path
/59b232f2b6dc5770.php

rc4.plain

Targets

- Target
  
  2448-3-0x0000000028DC0000-0x0000000028FE9000-memory.dmp
- Size
  
  2.2MB
- MD5
  
  9931dff35b18358224537a1c06cad604
- SHA1
  
  ffeadd2e59c0afe5ab4dd572a480883c89004426
- SHA256
  
  aec78af48eae36b854743094d14944a1215d2e7425500f2c510cbcf140fda7a1
- SHA512
  
  cfe156fdab7e108f1a1e82c4c75caab826983eb80d4cd06777060c7e65932551885344dc60c2d57780b915e6ebb748f331d0d0577d281c72def9f19118ab64bf
- SSDEEP
  
  3072:dT/vvdBVLdMed0dyLb6faODUv2R9WIkXiZ1Kg:dDHVLueEMfyZ1Kg
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2