stealc | bffaf04a07c5a17c84a85703e49b7813489593db84d9c8147d2279e5414471dd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bffaf04a07c5a17c84a85703e49b7813489593db84d9c8147d2279e5414471dd
Size

497KB
Sample

240419-y33z3afc4z
MD5

05121c54247f7a8bbebdfeecd2a1ae4e
SHA1

d2131395bfbe15b9a0fd99e89bda5ff348c1b195
SHA256

bffaf04a07c5a17c84a85703e49b7813489593db84d9c8147d2279e5414471dd
SHA512

af64644d96ad611194026c3b3d97cf61f62a3783a7fe62895d306f14a40d2c7458d586f03aca3b0fd028529b7db05de1c65b0189f516c61d21fa0800f07c93ab
SSDEEP

12288:80il6waZftf+ZTOHVkXXcA4KEd4SOoZaWHV4h6:80gSftfC0VirbSOoZaWHV4h6

Score

10^/10

stealc stealer

Malware Config

Extracted

Family

stealc

C2

http://185.172.128.209

Attributes

url_path
/3cd2b41cbde8fc9c.php

Targets

- Target
  
  bffaf04a07c5a17c84a85703e49b7813489593db84d9c8147d2279e5414471dd
- Size
  
  497KB
- MD5
  
  05121c54247f7a8bbebdfeecd2a1ae4e
- SHA1
  
  d2131395bfbe15b9a0fd99e89bda5ff348c1b195
- SHA256
  
  bffaf04a07c5a17c84a85703e49b7813489593db84d9c8147d2279e5414471dd
- SHA512
  
  af64644d96ad611194026c3b3d97cf61f62a3783a7fe62895d306f14a40d2c7458d586f03aca3b0fd028529b7db05de1c65b0189f516c61d21fa0800f07c93ab
- SSDEEP
  
  12288:80il6waZftf+ZTOHVkXXcA4KEd4SOoZaWHV4h6:80gSftfC0VirbSOoZaWHV4h6
Score

10^/10

stealc stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2