Extracted

• • Target

    7c8f7e7e7ab86868b082d4c21bf4d02da7c337719c143cc606dadc2cede8c04e.exe

  • Size

    258KB

  • MD5

    07b1d310e45847d0badea747583bc17b

  • SHA1

    1fee7cc0be9688e24c43d11884a54f18e4b8df04

  • SHA256

    7c8f7e7e7ab86868b082d4c21bf4d02da7c337719c143cc606dadc2cede8c04e

  • SHA512

    6aee3b98240664f3cde63fa9bff049a26a87a3d782b1584dd5b7cd279df30184f2fe0c5507166d1ad441357af6ed44729cd2b6d43500c452a266895da03a58e6

  • SSDEEP

    3072:qXGdItpZ9Bu98lnO6++dd3Exg6IRLIBuXlwXDTNe8U8z8YmT/GK3Zk:xCvZ9BZHnhlwDwp689T/Ge

  Score

  10^/10

  stealcdiscoveryspywarestealer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Detect binaries embedding considerable number of MFA browser extension IDs.

  • Detect binaries embedding considerable number of cryptocurrency wallet browser extension IDs.

  • Detects binaries (Windows and macOS) referencing many web browsers. Observed in information stealers.

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2