stealc | a50031a96432b244aeffce4e544afa4bd52e36b2091567bef3ddac58a5b986c7 | Triage

Sharing

General

Target

a50031a96432b244aeffce4e544afa4bd52e36b2091567bef3ddac58a5b986c7.exe
Size

242KB
Sample

240428-b77gqadh4v
MD5

5fe0abe7dbc96c6bacafd55b946160e0
SHA1

84a20a2a2986ce8d2270ac5fb1896f7da39c8a6a
SHA256

a50031a96432b244aeffce4e544afa4bd52e36b2091567bef3ddac58a5b986c7
SHA512

1f57852b6dfe94586c671953952e94c27410d7d9c988b00b17a4ca892cdec304ad357e7510d0c542cd0622a432ef9a57bdfc2163be1db5094d5d637dc567bdfb
SSDEEP

3072:l9B2rFkwTdoBdDDoy4Ws69TM4iQdz5W4kxm2KSo2:l9ErFkmojDDwWsQTMWYhm2o

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://185.172.128.76

Attributes

url_path
/8681490a59ad0e34.php

Targets

- Target
  
  a50031a96432b244aeffce4e544afa4bd52e36b2091567bef3ddac58a5b986c7.exe
- Size
  
  242KB
- MD5
  
  5fe0abe7dbc96c6bacafd55b946160e0
- SHA1
  
  84a20a2a2986ce8d2270ac5fb1896f7da39c8a6a
- SHA256
  
  a50031a96432b244aeffce4e544afa4bd52e36b2091567bef3ddac58a5b986c7
- SHA512
  
  1f57852b6dfe94586c671953952e94c27410d7d9c988b00b17a4ca892cdec304ad357e7510d0c542cd0622a432ef9a57bdfc2163be1db5094d5d637dc567bdfb
- SSDEEP
  
  3072:l9B2rFkwTdoBdDDoy4Ws69TM4iQdz5W4kxm2KSo2:l9ErFkmojDDwWsQTMWYhm2o
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer

behavioral2

stealcdiscoverystealer