General
-
Target
e5772cea69e55a46fe47eafd4d8fb652.exe
-
Size
344KB
-
Sample
240415-py2rrsgh8v
-
MD5
e5772cea69e55a46fe47eafd4d8fb652
-
SHA1
78e2ade67aae20494947d725f344778f3675eb9c
-
SHA256
bd3e7b833225e8cd094599a1980aca4f07aec1af7501020b1eb2fb94314c4eff
-
SHA512
959778f1e95feb53296762b7591f03fe6d6c320d3a89b05be5a234ff9dbb8d5d1630572c006695fd0a361d2ac83cd37f91384caca738e9c36e1692fd7e4d8b58
-
SSDEEP
6144:Pt6w6QdagGXY/B3/vM7dEl/9l1ZeeLN33nGV:0xo53/U7dE3ZjNM
Malware Config
Targets
-
-
Target
e5772cea69e55a46fe47eafd4d8fb652.exe
-
Size
344KB
-
MD5
e5772cea69e55a46fe47eafd4d8fb652
-
SHA1
78e2ade67aae20494947d725f344778f3675eb9c
-
SHA256
bd3e7b833225e8cd094599a1980aca4f07aec1af7501020b1eb2fb94314c4eff
-
SHA512
959778f1e95feb53296762b7591f03fe6d6c320d3a89b05be5a234ff9dbb8d5d1630572c006695fd0a361d2ac83cd37f91384caca738e9c36e1692fd7e4d8b58
-
SSDEEP
6144:Pt6w6QdagGXY/B3/vM7dEl/9l1ZeeLN33nGV:0xo53/U7dE3ZjNM
Score10/10-
Stealc
Stealc is an infostealer written in C++.
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-