stealc | 74b45e62fedd53688e8db6ebf12c6a21ad5c2968fa6b4edcfbdc2e9b185f7443 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74b45e62fedd53688e8db6ebf12c6a21ad5c2968fa6b4edcfbdc2e9b185f7443
Size

308KB
Sample

240428-bmewzacg39
MD5

2ff02a230388a96b3762a5d12eef74b5
SHA1

9a53bacfeaa9c4d9cc2521424c9512fb1ef66bc2
SHA256

74b45e62fedd53688e8db6ebf12c6a21ad5c2968fa6b4edcfbdc2e9b185f7443
SHA512

30227a39ac06547cfdd34bb06c7099292c842e68b2220b9b1be7ddf3992456f3bf027cd77660e8071f310a88afc441193c2967eb873846d92681f04e0e9fa119
SSDEEP

3072:2DOGiLTHpymQL2rX+l8GX9bpxkI327FV7UObCCtwSb1/qumpt/wWF9AkkZcl:jPQCRupxkI32JV1bRN1qDpZ1Gyl

Score

10^/10

stealc discovery stealer

Malware Config

Extracted

Family

stealc

C2

http://185.172.128.76

Attributes

url_path
/8681490a59ad0e34.php

Targets

- Target
  
  74b45e62fedd53688e8db6ebf12c6a21ad5c2968fa6b4edcfbdc2e9b185f7443
- Size
  
  308KB
- MD5
  
  2ff02a230388a96b3762a5d12eef74b5
- SHA1
  
  9a53bacfeaa9c4d9cc2521424c9512fb1ef66bc2
- SHA256
  
  74b45e62fedd53688e8db6ebf12c6a21ad5c2968fa6b4edcfbdc2e9b185f7443
- SHA512
  
  30227a39ac06547cfdd34bb06c7099292c842e68b2220b9b1be7ddf3992456f3bf027cd77660e8071f310a88afc441193c2967eb873846d92681f04e0e9fa119
- SSDEEP
  
  3072:2DOGiLTHpymQL2rX+l8GX9bpxkI327FV7UObCCtwSb1/qumpt/wWF9AkkZcl:jPQCRupxkI32JV1bRN1qDpZ1Gyl
Score

10^/10

stealc discovery stealer
- Stealc
  Stealc is an infostealer written in C++.
  stealer stealc
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

stealcdiscoverystealer

behavioral2

stealcdiscoverystealer