stealc | 18b00bdd809fac8be30eed2290fd26001f412702bf68dfc26749a8761822238e | Triage

Sharing

General

Target

18b00bdd809fac8be30eed2290fd26001f412702bf68dfc26749a8761822238e
Size

250KB
Sample

240427-kmlh7afa58
MD5

28a717becacd1e18c7b86d8b8ab3e339
SHA1

9d60947d27523baea3448005bf10302e748cb5bf
SHA256

18b00bdd809fac8be30eed2290fd26001f412702bf68dfc26749a8761822238e
SHA512

3c9e260259c3dec8266b3f82551321eed3d6e73fe9072bb3057f805b9915c7a9e56190ad776f13fc546f02aa4c77aa99267c1667987cf67afca1f95dffeef46a
SSDEEP

3072:ulgf44qIeQ5vr6Ird9Q9B50aHNj5uTNhLK5TUam8lP2:JiQ5DrvQ9fHaToUah

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://185.172.128.76

Attributes

url_path
/3cd2b41cbde8fc9c.php

Targets

- Target
  
  18b00bdd809fac8be30eed2290fd26001f412702bf68dfc26749a8761822238e
- Size
  
  250KB
- MD5
  
  28a717becacd1e18c7b86d8b8ab3e339
- SHA1
  
  9d60947d27523baea3448005bf10302e748cb5bf
- SHA256
  
  18b00bdd809fac8be30eed2290fd26001f412702bf68dfc26749a8761822238e
- SHA512
  
  3c9e260259c3dec8266b3f82551321eed3d6e73fe9072bb3057f805b9915c7a9e56190ad776f13fc546f02aa4c77aa99267c1667987cf67afca1f95dffeef46a
- SSDEEP
  
  3072:ulgf44qIeQ5vr6Ird9Q9B50aHNj5uTNhLK5TUam8lP2:JiQ5DrvQ9fHaToUah
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

stealcdiscoverystealer

behavioral2

stealcdiscoverystealer